Security Alerts & News
by Tymoteusz A. Góral

History
#471 PNG Embedded – Malicious payload hidden in a PNG file
Brazilian attacks are evolving day-by-day, becoming more complex and efficient. It is there necessary to be wary of emails from unknown sources, especially those containing links and attached files.

Since the malicious payload hosted in the PNG file cannot be executed without its launcher, it cannot be used as the main infector; that is usually delivered to your mailbox, so it has to be installed by a different module.

This technique allows the criminals to successfully hide the binary inside a file that appears to be a PNG image. It also makes the analysis process harder for antivirus companies as well as bypassing the automated process to detect malicious files on hosting servers.
Read more
#478 After Verizon breach, 1.5 million customer records put up for sale
#477 850 million Android devices still at risk of hijack by Stagefright bug
#476 Emergency Java patch re-issued for 2013 vulnerability
#475 Certified Ethical Hacker website caught spreading crypto ransomware
#474 Google releases new tool to scan Android apps for accessibility issues
#473 Iranians indicted over DDoS campaign on banks
#472 Patched Apple bug paved way to root compromises
#471 PNG Embedded – Malicious payload hidden in a PNG file
#470 Malware is being signed with multiple digital certificates to evade detection
#469 Operation C-Major: Information theft campaign targets military personnel in India (PDF report)
#468 11 enterprise security solutions tested under Windows 10
#467 99 problems but two-factor ain’t one
#466 Vulnerability in 70 CCTV DVRs traced back to Chinese firm who ignores researcher
#465 Apple worries that spy technology has been secretly added to the computer servers it buys
#464 Google opens access to its speech recognition API, going head to head with Nuance
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12