Security Blog

Chris Larsen's picture
Written by
Chris Larsen

A couple of years ago, we published an in-depth series of blog posts looking at the world of Search Engine Poisoning attacks (SEP).

Andrew Brandt's picture
Written by
Andrew Brandt

As the year winds down, it seems like a good time to take a look back at the past 12 months and review the hazards chucked into our inboxes by spammers sending us hostile code of one form or another. Not only does such a retrospective serve an illustrative, instructional purpose, but we get one last opportunity to mock them before the year ticks over to 2015.

It's been a strange, though still incredibly dangerous, year for spam-borne hazards. While most of the campaigns I've summarized below seem to broadly target random strangers over the Internet, several were clearly spear-phishing attempts at obtaining sensitive information from individuals (including myself, as recently as a week ago).

For the most part, there haven't been many notable differences in the payloads delivered via email (I've been referring to the most common payloads of malicious spam as "The Usual Suspects" for most of the past year), and almost no variation in the methods used to deliver those payloads.

Instead, the spammers seem to have spent most of their time building up a large cache of unexpectedly varied social engineering scams designed to convince the recipient that the email message originates from a legitimate source. But that doesn't mean there haven't been technological advances, as well.

Among the oddest social engineering tricks used in spam this year were fake "NYPD Homicide Suspect" bulletins and Pizza Hut "coupon" emails, but these ended up lumped in with the vast majority of equally dangerous, if not quite so bizarre, targeted spam campaigns that were more plausible.

Felix Leder's picture
Written by
Felix Leder, Ryan W. Smith

Blue Coat researchers have discovered new Android malware targeting high-profile victims in sectors such as government, finance, military and engineering. We have evidence that this malware has targeted victims in at least 37 countries.

Maureen Oconnell's picture
Written by
Snorre Fagerland and Waylon Grange

 

·        One of the most sophisticated malware attacks Blue Coat Labs has ever seen

·        Initially targeted at Russia, but expanding globally

Kiel Wadner's picture
Written by
Kiel Wadner
Thanks to Waylon Grange and Snorre Fagerland for their help during analysis.
 
Chris Larsen's picture