Infosec Weekly Round-up October 08-14, 2012

Skype worm spreads, using LOL trick to infect unwary users

Skype users are warned to be on their guard, regarding malicious instant messages that have been sent through the service, designed to infect Windows computers.

http://nakedsecurity.sophos.com/2012/10/08/skype-worm-spreads/

New TDL4 strain very successful in hiding from AV

Last month Damballa stirred up the security community with the discovery of a new iteration of the notorious TDL4 rootkit. This rootkit is known for infecting the Master Boot Record (MBR) to gain control over everything that runs on the computer, making itself invisible for antivirus products and pretty hard to remove.

http://hitmanpro.wordpress.com/2012/10/07/new-tdl4-strain-very-successful-in-hiding-from-av/

BoteAR: a “social botnet”? What are we talking about?

BoteAR (developed in Argentina) adopts the concept of “social networks” although it seems, as yet, not fully materialized. It offers a conventional and manageable botnet via HTTP but uses the model of crimeware-as-a-service.

http://www.securelist.com/en/blog/208193888/BoteAR_a_social_botnet_What_are_we_talking_about

SERT Quarterly Research Report

Q3 2012 highlights that 92% of malware analyzed during Q3 was mass distributed malware. Nearly 60% of all malware goes undetected by common AV software. The most common method of delivery used with banking Trojans is through the use of phishing email. Typically, the email will lure victims to a compromised website that redirects the victim’s browser to a landing page of an exploit kit. SERT has observed that the malicious emails often use an embedded hyperlink or an attached HTML file attachment.

http://www.solutionary.com/dms/solutionary/Files/SERT/SERT-Q3-2012-Research.pdf

State of Mobile Security 2012

The number of smartphone and tablet owners in the world will skyrocket to one billion in the next few years, according to Forrester. As the mobile economy gains momentum, it continues to capture the attention of malware writers.

https://www.lookout.com/resources/reports/state-of-mobile-security-2012

That’s all for this week, if you have more information security news please to share them with our readers by sending emails or using the contact form.

Share