JavaScript – Page 3 – Computer Security Articles

Mass WordPress compromises redirect to tech support scams

September 20, 2018 admin bitcoin, Bitcoin Code, browlock, Indicators of compromise, injections, JavaScript, Social engineering, tech support scams, Threat analysis, TSS, wordpress, Zues

Credit to Author: Jérôme Segura| Date: Thu, 20 Sep 2018 17:42:47 +0000

Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.

Categories:

Tags: bitcoin Bitcoin Code browlock Indicators of compromise injections JavaScript tech support scams TSS wordpress Zues

MalwareBytes Security

Explained: regular expression (regex)

August 31, 2018 admin Business, ddos, JavaScript, node.js, redos, regex, search, Server, Technology, Vulnerability

Credit to Author: Pieter Arntz| Date: Fri, 31 Aug 2018 15:00:53 +0000

What is regular expression (regex) and what makes it vulnerable to attack? Learn how to use regex safely and avoid ReDoS attacks in the process.

Categories:

Tags: ddos JavaScript node.js redos regex search server vulnerability

(Read more…)

The post Explained: regular expression (regex) appeared first on Malwarebytes Labs.

Microsoft Security

Machine learning vs. social engineering

July 8, 2018 admin antispam, Artificial Intelligence, cybersecurity, fileless malware, JavaScript, machine learning, macro malware, macros, malware, Next-gen antivirus, non-PE threats, phishing, phishing attacks, Security Intelligence, Security Response, Social engineering, VBScript, windows, Windows 10, Windows 10 S, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV

Credit to Author: Windows Defender ATP| Date: Thu, 07 Jun 2018 13:00:56 +0000

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning has helped us to protect hundreds of thousands of customers against ransomware,

QuickHeal Security

CVE-2018-4990 – Adobe Reader Double Free (Zero Day) vulnerability alert!

May 16, 2018 admin adobe, Adobe Reader, HeapSpray, JavaScript, malware, microsoft windows, PDF, ROP, Vulnerability, Zero-Day

Credit to Author: Prashant Kadam| Date: Wed, 16 May 2018 13:10:48 +0000

The recent zero-day vulnerability CVE-2018-4990 in Adobe Reader enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-09 on May 14, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions…

Independent Krebs

Who and What Is Coinhive?

March 26, 2018 admin A Little Sunshine, Andre Krumb, AuthedMine, Badges2Go UG, Blackberry, Blockchain Future, Browsealoud, cha0s, coinhive, Die Welt, Dominic Szablewski, Dustweb Inc., Eroxell Limited, Eroxell Ltd, g4m8l3r, Gamb, int13h, JavaScript, Lars-Marten Nagel, Malwarebytes, Mattias Moench, Politifact, pr0gramm, pr0miner, publicwww, Reinhard Fuerstberger, SHOWTIME, Starbucks, Suntainment SL, Sylvia Klein, The Los Angeles Times, Troy Mursch, UA-571256, Who is Coinhive?, Youtube

Credit to Author: BrianKrebs| Date: Mon, 26 Mar 2018 12:12:31 +0000

Multiple security firms recently identified cryptocurrency mining service Coinhive as the top malicious threat to Web users, thanks to the tendency for Coinhive’s computer code to be used on hacked Web sites to steal the processing power of its visitors’ devices. This post looks at how Coinhive vaulted to the top of the threat list less than a year after its debut, and explores clues about the possible identities of the individuals behind the service.

QuickHeal Security

An in-depth analysis of a new, emerging “.url” malware campaign – by Quick Heal Security Labs

March 21, 2018 admin Botnet, CVE, email, JavaScript, malware, phishing, Security, SMB, spam campaign, URL

Credit to Author: Pradeep Kulkarni| Date: Mon, 19 Mar 2018 14:19:13 +0000

Last week, we had blogged about the emergence of a new attack vector ‘.url’ which is used to spread malware. In this blog post, we will deep-dive into the attack chain of this ‘.url’ vector and elaborate on the Quant Loader malware which is actively making use of it. Let’s…

QuickHeal Security

An in-depth analysis of a new, emerging “.url” malware campaign – An analysis by Quick Heal Security Labs

March 19, 2018 admin Botnet, CVE, email, JavaScript, malware, phishing, Security, SMB, spam campaign, URL

Credit to Author: Pradeep Kulkarni| Date: Mon, 19 Mar 2018 14:19:13 +0000

Security Sophos

Gierig, lautlos, unberechenbar – ein gigantisches Auge schaut uns online über die Schulter

December 11, 2017 admin JavaScript, Querbeet, Security Tips

Credit to Author: Jörg Schindler| Date: Tue, 05 Dec 2017 13:30:17 +0000

Gierig, lautlos, unberechenbar – JavaScript ist der neue Stern am Cyberschurken-Himmel und vermiest einem gehörig das Surfen oder virtuelle Shoppen. Das nächste Mal, wenn man eine Webseite öffnet, stelle man sich vor, dass gleichzeitig eine Filmcrew eintrifft. Ein Kameramann platziert seine Kameralinse direkt über der eigenen Schulter und zwar so blitzartig schnell, dass die Webseite, die […]<img alt=”” border=”0″ src=”https://pixel.wp.com/b.gif?host=news.sophos.com&blog=834173&post=44471&subd=sophos&ref=&feed=1″ width=”1″ height=”1″ /><img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/4Ik8K_Bngj0″ height=”1″ width=”1″ alt=””/>