F-Secure Antivirus Research Weblog

Weblog of F-Secure Antivirus Research Team

Latest articles

New Home: labsblog.f-secure.com

This blog – News from the Lab – was started 4,232 days ago to monitor the Mydoom worm's DDoS attack on sco.com.A bit more than 11 years and two months… and we're now moving this blog to a new home.https://labsblog.f-secure.comIf you follow News from the Lab via an RSS feed, point your reader of choice here. (We'll setup a 301 redirect in the near future.)You...

Soon…

Posted by Sean @ 12:52 GMTOur "construction project" is progressing nicely.And it should resolve this…Fix mobile usability issues?Translation: your site doesn't help us sell more Android phones and ads.But whatever, the "issues" should be fixed soon enough. On 18/08/15 At 12:52 PM

Soon...

Our "construction" work is progressing nicely.Fix mobile usability issues?Translation: your site doesn't help us sell more Android phones and ads.But whatever, the "issues" should be fixed soon enough. On 18/08/15 At 12:33 PM

Work In Progress

Posted by Sean @ 13:25 GMTRegular readers will have noticed it's been slow here of late.Under ConstructionWe're finally undertaking an upgrade from Greymatter 1.7.3. This may be the world's oldest Greymatter blog… that will now change.More info coming soon.In the meantime, you can still catch us on Twitter. On 13/08/15 At 01:25 PM

"IOS Crash Report" Update: Safari Adds Block Feature

Ask, and sometimes, you shall receive.Last Friday, we wrote about call center scammers targeting iOS. And today, Apple released a new (beta) feature that should help.Apple released iOS 9 Public Beta 2:And it appears that one of Safari's new features allows people to block fraud-focused JavaScript.We tested a scam-site and after a few attempts to dismiss...

Duke APT group's latest tools: cloud services and Linux support

Recent weeks have seen the outing of two new additions to the Duke group's toolset, SeaDuke and CloudDuke. Of these, SeaDuke is a simple trojan made interesting by the fact that it's written in Python. And even more curiously, SeaDuke, with its built-in support for both Windows and Linux, is the first cross-platform malware we have observed from the...

'Zero Days', The Documentary

VPRO (the Dutch public broadcasting organization) produced a 45-minute documentary about hacking and the trade of zero days. The documentary has now been released in English on YouTube.The documentary features Charlie Miller, Joshua Corman, Katie Moussouris, Ronald Prins, Dan Tentler, Eric Rabe (of Hacking Team), Felix Lindner, Rodrigo Branco, Ben Nagy,...

IOS Crash Report: Blocking "Pop-Ups" Doesn't Really Help

The Telegraph published an article on Thursday about a scam targeting iOS users. Here's the gist: scammers are using JavaScript generated dialogs to display warnings of so-called "IOS Crash" reports prompting people to call for tech support. Near the end of the Telegraph's article, the following advice is offered:"To prevent the issue happening again,...

Hacking Team 0-day Flash Wave with Exploit Kits

After Hacking Team was compromised, a lot of information were publicly disclosed beginning 5th of July, particularly its business clients and a zero-day vulnerability for the Adobe Flash Player that they have been using. Since the info about the first zero-day was made freely available, we knew attackers would swiftly move into using it. As expected,...

The Trusted Internet: Who governs who gets to buy spyware from surveillance software companies?

When hackers get hacked, that's when secrets are uncovered. On July 5th, Italian-based surveillance technology company Hacking Team was hacked. The hackers released a 400GB torrent file with internal documents, source code, and emails to the public - including the company's client list of close to 60 customers. The list included countries such as Sudan,...

Discover, share and read the best on the web

Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters! Get unfiltered news feeds or filter them to your liking.

Get Inoreader
Inoreader - Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!