Security Alerts & News
by Tymoteusz A. Góral

History
#1691 Disassembling a mobile trojan attack
In early August we detected several cases of a banking Trojan being downloaded automatically when users viewed certain news sites on their Android devices. Later it became apparent that this was being caused by advertising messages from the Google AdSense network, and was not restricted to news sites. In fact, any site using AdSense to display adverts could potentially have displayed messages that downloaded the dangerous Trojan-Banker.AndroidOS.Svpeng and automatically saved it to the device’s SD card. This behavior surprised us: typically, the browser warns users about downloading a potentially dangerous file, and offers them a choice of whether or not to save the file. We intercepted traffic coming from the attacked device when this sort of “advert” was displayed, and figured out how the malicious program was downloaded and automatically saved.
Read more
#1691 Disassembling a mobile trojan attack
#1690 China’s new cybersecurity law is bad news for business
#1689 Fake shopping apps are invading the iPhone
#1688 Clever Gmail hack let attackers take over accounts
#1687 Adobe patches nine code execution flaws in Flash Player
#1686 Google stops AdSense attack that forced banking trojan on Android phones
#1685 TrickBot banking trojan adds new browser manipulation tools
#1684 IPv4 addresses exhausted, networking standards must support IPv6
#1683 Google releases supplemental patch for dirty COW vulnerability
#1682 Microsoft patches zero-day disclosed by Google
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12