Security Blog

Leave blank for all. Otherwise, the first selected term will be the default instead of "Any".
Andrew Brandt's picture
Written by
Andrew Brandt
Victims of October’s malware infection campaigns (so far) can expect to receive a triple-cocktail of threats: a particularly cavalier ransomware called CryptoLocker; clickfraud on a massive scale; and (it goes almost without saying) the theft of passwords and other personal data.
Anonymous's picture
Recently, I attended Grrcon. Grrcon is an information security and hacking conference based in Grand Rapids Michigan (grrcon.org) It was an interesting conference, because it managed to be small enough to have that close friends feel, but large enough to attract good speakers. Oh and there was free beer. Amongst the free beer, there were some presentations that I felt were worth the price of admission.
Chris Larsen's picture
Written by
Chris Larsen

A month ago, we blogged about a malvertising attack centered around fake Java updates...

We're currently tracking a similar ad-driven campaign, with a somewhat different-looking landing page:

Chris Larsen's picture
Written by
Chris Larsen, Jeff Doty

[Our "exkit expert" returns, with his take on recent changes in BHEK. --C.L.]

Today I am looking at some of the updates that we have been seeing in the Blackhole Exploit Kit.

screenshot of BHEK infection-stats page

Chris Larsen's picture
Written by
Chris Larsen

Along with the public release of information about a large, long-running malvertising campaign, I also sent the full list of steathy malvertising domains to several contacts in the WebAd/anti-malvert

Chris Larsen's picture
Written by
Chris Larsen

While poking around in our shady-traffic logs Wednesday, I found a network big enough to be worthy of a blog post.

It's what we usually call a "spam/scam" network, although the spam aspect is a bit different, being based on Facebook rather than e-mail. Here's a sample page from Facebook: