Posts By: admin

  • English-Italian Translations

    Trojan:BASH/QHost.WB

    Posted on by

    We come across a fake FlashPlayer.pkg installer for Mac: Once installed, the trojan add entries to the hosts file to hijack users visiting various Google sites (e.g., Google.com.tw, Google.com.tl, etc) to the IP address 91.224.160.26, which is located in Netherlands. The server at the IP address displays a fake webpage designed to appear similar to… Read more »

  • Bruce Schneier, English-Italian Translations

    Hacking Apple Laptop Batteries

    Posted on by

    Interesting: Security researcher Charlie Miller, widely known for his work on Mac OS X and Apple’s iOS, has discovered an interesting method that enables him to completely disable the batteries on Apple laptops, making them permanently unusable, and perform a number of other unintended actions. The method, which involves accessing and sending instructions to the… Read more »

  • Bruce Schneier, English-Italian Translations

    ShareMeNot

    Posted on by

    ShareMeNot is a Firefox add-on for preventing tracking from third-party buttons (like the Facebook “Like” button or the Google “+1” button) until the user actually chooses to interact with them. That is, ShareMeNot doesn’t disable/remove these buttons completely. Rather, it allows them to render on the page, but prevents the cookies from being sent until… Read more »

  • English-Italian Translations

    On Android threats Spyware: Android/SndApps.A and Trojan:Android/SmsSpy.D.

    Posted on by

    Android malware seems to be all the rage at the moment. Here’s a few comments on a couple interesting side issues we’ve been discussing as we’ve seen them crop up during analyses. First up: there was a recent report on suspicious applications found the official Android Market. The apps in question have since been taken… Read more »

  • English-Italian Translations

    Android malware spies on your SMS messages – but is it part of the Zeus family?

    Posted on by

    The Symbian, Windows Mobile and Blackberry modules of the notorious Zeus malware toolkit (also known as ZBot) have been known about for some months, and it has been clear that Zeus gang was interested in developing malware for mobile platforms. However, until now we have not seen any evidence of Zeus targeting users who own… Read more »

  • English-Italian Translations

    SpyEye Trojan Targets Airline Website that Accepts Bank Debit Card

    Posted on by

    We have uncovered a SpyEye configuration that targets users of two leading European airline travel Web sites:  Air Berlin, the second largest airline in Germany (after Lufthansa) and AirPlus, the global provider of business travel services for companies. SpyEye exploits the user’s machine, not the websites, to carry out this fraud. The attack subjects are… Read more »

  • English-Italian Translations

    Another Android malware utilizing a root exploit

    Posted on by

    Another Android malware utilizing the root exploit “Rage Against The Cage” has been found, and we detected it as Trojan:Android/DroidKungFu.A. This new malware was embedded on a trojanized application that may require a root access in order to conceal itself. The infection occurs in two parts: Infection: Part 1 The first part is the installation… Read more »

  • English-Italian Translations

    New DroidDream Variant Found on Android Phones

    Posted on by

    Android has become the main target for mobile malware. Here’s “Hot Girls 1”, which was still yesterday available for download to your Android phone from Android Market: This application was originally harmless. However, a malicious developer called “Magic Photo Studio” downloaded the original application, modified it and re-uploaded it to Android Market. As an end… Read more »

  • English-Italian Translations

    FaceNiff – Taking FireSheep Mobile – Sniff & Intercept Web Sessions With Android

    Posted on by

    FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK). It’s kind of like Firesheep for android, but maybe… Read more »

  • Senza categoria

    Phishing Sites Hosted on Google’s Servers

    Posted on by

    Google Docs allows users to create documents, spreadsheets, et cetera at google.com (hosted in Google’s cloud): Spreadsheets can even contain functionality, such as forms, and these can be published to the whole world. Unfortunately, that means we regularly see phishing sites via Google Docs spreadsheets and hosted on spreadsheets.google.com. Here are some examples: These are… Read more »