Security Alerts & News
by Tymoteusz A. Góral

History
#1330 New Brazilian banking trojan uses Windows PowerShell utility
Microsoft’s PowerShell utility is being used as part of a new banking Trojan targeting Brazilians. Researchers made the discovery earlier this week and say the high quality of the Trojan is indicative of Brazilian malware that is growing more sophisticated.

The banking Trojan is identified as “Trojan-Proxy.PowerShell.Agent.a” and is one of the most technically advanced Brazilian malware samples discovered, said Fabio Assolini, a senior security researcher with Kaspersky Lab’s Global Research and Analysis Team in a Securelist blog on Thursday.

The banking Trojan is being delivered via a phishing campaign where emails are masquerading as a receipt from a mobile carrier. A malicious .PIF (Program Information File) attachment is used to attack the target’s PC. PIF files tell MS-DOS applications how to run in Windows environments and can contain hidden BAT, EXE or COM programs that automatically execute after the host file is run.
Read more
#1336 Development version of the Hitler-ransomware discovered
#1335 Can good encryption be a double-edged sword for security in Australia?
#1334 Rex Linux trojan can launch DDoS attacks, lock websites, mine for cryptocurrency
#1333 Anti-Google research group in Washington is funded by Oracle
#1332 How the NSA snooped on encrypted Internet traffic for a decade
#1331 Multiple vulnerabilities identified in ‘utterly broken’ BHU routers
#1330 New Brazilian banking trojan uses Windows PowerShell utility
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12