background preloader

Malware

Facebook Twitter

Malware Protection Center Home Page. How to remove the Superfish malware: What Lenovo doesn’t tell you. If you have a Lenovo system that includes the Superfish malware, you'll want to remove it.

How to remove the Superfish malware: What Lenovo doesn’t tell you

Blowing away your system and reinstalling Windows is one way to do this, but while it's a relatively straightforward process, it's a time-consuming one. Using Lenovo's own restore image won't work, because that will probably reinstate Superfish anyway. Performing a clean install from Windows media will work, but you'll have to reinstall all your software and restore all your data from backup to do the job fully. An alternative is to remove the malware itself. How to remove Superfish malware from Lenovo PCs. Lenovo’s been caught going a bit too far in its quest for bloatware money, and the results have put its users at risk.

How to remove Superfish malware from Lenovo PCs

The Most Dangerous Malware Trends for 2014. The common thread running through the malware trends we’ve seen in recent months is the evolution, maturation and diversification of the attacks and fraud schemes they facilitate.

The Most Dangerous Malware Trends for 2014

Malware, once purpose-built, is clearly becoming a flexible platform — in many respects, it is now almost a commodity. GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271, CVE-2014-7169) Systems Affected GNU Bash through 4.3.Linux and Mac OS X systems, on which Bash is part of the base operating system.Any BSD or UNIX system on which GNU Bash has been installed as an add-on.Any UNIX-like operating system on which the /bin/sh interface is implemented as GNU Bash.

GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271, CVE-2014-7169)

Overview A critical vulnerability has been reported in the GNU Bourne-Again Shell (Bash), the common command-line shell used in many Linux/UNIX operating systems and Apple’s Mac OS X. Heartbleed Bug. Carberp Family Malware Targeting the Banking Sector -HackSurfer. A challenge incident responders and fraud analysts for firms in the banking and financial services sector (BFSS) will soon be faced with is an increased incidence of customer take-over fraud from a very advanced malware family that was recently released into the wild (Cohen, 2013, July 9).

Carberp Family Malware Targeting the Banking Sector -HackSurfer

After the historic ZeuS Trojan was released into the wild more sophisticated programmers transformed this already powerful banking Trojan into the very virulent Citadel Trojan. The Citadel permutation was even more resilient, evasive, and sophisticated than the ZeuS Trojan (ibid. p.1). Many are now expressing concern about an even more notorious Russian Trojan that can easily be modified to target BFSS firms in the U.S. (Krebs, 2013, June 13). Zeus (malware) "Zbot" redirects here.

Zeus (malware)

For the action figures, see Zbots. Zeus is very difficult to detect even with up-to-date antivirus software as it hides itself using stealth techniques[citation needed] It is considered that this is the primary reason why the Zeus malware has become the largest botnet on the Internet: some 3.6 million PCs are said to be infected in the U.S. alone[citation needed]. Security experts are advising that businesses continue to offer training to users to teach them to not to click on hostile or suspicious links in emails or Web sites, and to keep antivirus protection up to date. Antivirus software does not claim to reliably prevent infection; for example Browser Protection says that it can prevent "some infection attempts".[4]

The Father of Zeus: Kronos Malware Discovered. While major players like Zeus, Gozi, Citadel and other advanced financial malware dominate the malware threat landscape, newcomers and challengers always try to get a share of the cyber crime market.

The Father of Zeus: Kronos Malware Discovered

One such new malware that was recently made available for purchase in a Russian underground forum is the Kronos malware. Equation Group: Meet the NSA 'gods of cyber espionage'. Over the last couple of years we have been hearing about ever more sophisticated pieces of malware.

Equation Group: Meet the NSA 'gods of cyber espionage'

From Stuxnet and Flame to Gauss and most recently Regin, all have shown increasing levels of technical prowess and all have been linked in some way with the US government. These were thought to be the pinnacle of a huge investment in offensive cyber capabilities by the world's wealthiest country. That was, until we learned about Equation. How the NSA's Firmware Hacking Works and Why It's So Unsettling.

One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code.

How the NSA's Firmware Hacking Works and Why It's So Unsettling

The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen. An Unprecedented Look at Stuxnet, the World's First Digital Weapon. This recent undated satellite image provided by Space Imaging/Inta SpaceTurk shows the once-secret Natanz nuclear complex in Natanz, Iran, about 150 miles south of Tehran.

An Unprecedented Look at Stuxnet, the World's First Digital Weapon

AP Photo/Space Imaging/Inta SpaceTurk, HO In January 2010, inspectors with the International Atomic Energy Agency visiting the Natanz uranium enrichment plant in Iran noticed that centrifuges used to enrich uranium gas were failing at an unprecedented rate. The cause was a complete mystery—apparently as much to the Iranian technicians replacing the centrifuges as to the inspectors observing them. Five months later a seemingly unrelated event occurred. A computer security firm in Belarus was called in to troubleshoot a series of computers in Iran that were crashing and rebooting repeatedly.

Stuxnet, as it came to be known, was unlike any other virus or worm that came before. Stuxnet. Stuxnet is a computer worm[1] that was discovered in June 2010. It was designed to attack industrial programmable logic controllers (PLCs). PLCs allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines, amusement rides, or centrifuges for separating nuclear material. Exploiting four zero-day flaws,[2] Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software.

Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.[3] Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g. in the automobile or power plants), the majority of which reside in Europe, Japan and the US.[4] Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges.[5] Discovery[edit]

The Real Story of Stuxnet. Computer cables snake across the floor. Cryptic flowcharts are scrawled across various whiteboards adorning the walls.