JavaScript – Page 4 – Computer Security Articles

Credit to Author: Adam McNeil| Date: Mon, 10 Apr 2017 15:00:43 +0000

We’ve detected an uptick in USPS-themed malspam walloping users with a 1-2-3 knock-out of nasty malware designed to infiltrate your system and steal all your most valuable information. This malware-laced email is actively being distributed with various Subject and Body messages containing references to missing and/or late USPS parcels.

Categories:

Tags: JavaScript malspam malware trojan Trojan.Boaxxe Trojan.Kovter USPS

(Read more…)

The post USPS-themed malspam now delivering 1-2-3 Knock-out appeared first on Malwarebytes Labs.

Security Wired

February 14, 2017 admin

A Chip Flaw Strips Away Hacking Protections for Millions of Devices

Credit to Author: Andy Greenberg| Date: Wed, 15 Feb 2017 00:30:24 +0000

A new attack cracks a key hacking protection known as address space layout randomization, leaving millions of computers vulnerable. The post A Chip Flaw Strips Away Hacking Protections for Millions of Devices appeared first on WIRED.

Security Wired

February 14, 2017 admin

Software Can’t Fully Fix This Massive New Security Flaw

Credit to Author: Andy Greenberg| Date: Wed, 15 Feb 2017 00:30:24 +0000

A new attack cracks a key hacking protection known as address space layout randomization, leaving millions of computers vulnerable. The post Software Can’t Fully Fix This Massive New Security Flaw appeared first on WIRED.

Microsoft Security

January 23, 2017 admin

Don’t let this Black Friday/Cyber Monday spam deliver Locky ransomware to you

We see it every year: social engineering attacks that take advantage of the online shopping activities around Black Friday and Cyber Monday, targeting customers of online retailers. This year, we’re seeing a spam campaign that Amazon customers need to be wary of. The fake emails pretend to be notifications from the online retailer that a purchase has…

Microsoft Security

January 23, 2017 admin

Double-click me not: Malicious proxy settings in OLE Embedded Script

Attackers have been using social engineering to avoid the increasing costs of exploitation due to the significant hardening and exploit mitigations investments in Windows. Tricking a user into running a malicious file or malware can be cheaper for an attacker than building an exploit which works on Windows 10. In our previous blog, Where’s the…

Microsoft Security

January 23, 2017 admin

Nemucod dot dot..WSF

The latest Nemucod campaign shows the malware distributing a spam email attachment with a .wsf extension, specifically ..wsf (with a double dot) extension. It is a variation of what has been observed since last year (2015) – the TrojanDownloader:JS/Nemucod malware downloader using JScript. It still spreads through spam email attachment, typically inside a .zip file,…

Microsoft Security

January 23, 2017 admin

Gamarue, Nemucod, and JavaScript

JavaScript is now being used largely to download malware because it’s easy to obfuscate the code and it has a small size. Most recently, one of the most predominant JavaScript malware that has been spreading other malware is Nemucod. This JavaScript trojan downloads additional malware (such as Win32/Tescrypt and Win32/Crowti – two pervasive ransomware trojans…