Recent Posts

Recent Blog Posts

The PhishLabs Blog

DDoS Threat Advisory, Compromised cPanel Exploit Kit, Router Pharming Attacks and more | TWIC - February 27, 2015

Posted by Lindsey Havens on Feb 27, '15

TWIC_branding

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

  • DDoS Threat Advisory – SaaS Apps Vulnerable for Exploitation (PhishLabs)
    Akamai’s Prolexic Security Engineering & Research Team (PLXsert) and PhishLabs’ (R.A.I.D.) Research Analysis and Intelligence Division have worked together on a threat advisory that warns enterprises and Software-as-a-Service (SaaS) providers about new distributed denial of service (DDoS) attacks that leverage Joomla servers that have a vulnerable Google Maps plugin installed.

  • Uh-oh: EFF researchers discover signs of Superfish-style attacks in the wild (PC World)
    Researchers at the Electronic Frontier Foundation (EFF) yesterday said that they had found evidence that implies attackers have exploited a security vulnerability in the Superfish adware and a slew of other programs.

  • Compromised cPanel "Account Suspended" pages redirect to exploit kit (HelpNetSecurity)
    A recently discovered malware delivery campaign has been using an “account suspended” page to exploit vulnerabilities in the visitors' computers and deliver malware to them.

  • Hackers exploit router flaws in unusual pharming attack (Computer World)
    An email-based attack spotted in Brazil recently employed an unusual but potent technique to spy on a victim's Web traffic.

  • FCC Adopts 'Net Neutrality' Rule (BankInfoSecurity)
    The Federal Communications Commission has voted to treat high-speed broadband and mobile Internet service providers as public utilities, similar to the way telecommunications companies are regulated.

  • Lenovo Website Has Been Hacked (The Hacker News)
    Lenovo.com, the official website of world's largest PC maker has been hacked.

  • Iran hacks America where it hurts: Las Vegas casinos (TheRegister)
    US director of National Intelligence James Clapper has accused Iran of orchestrating a 2014 hack of the Las Vegas Sands casino. The attack crippled the magnificent cultural institution's IT infrastructure.

  • FBI: $3M Bounty for ZeuS Trojan Author (KrebsOnSecurity)
    The FBI this week announced it is offering a USD $3 million bounty for information leading to the arrest and/or conviction of one Evgeniy Mikhailovich Bogachev, a Russian man the government believes is responsible for building and distributing the ZeuS banking Trojan.

  • The worst of the worst phishing scams (CSO)
    The depths a phishing scammer will stoop to in order to gain a buck are remarkable. Here are some of the bottom feeders to guard against in your inbox.

Topics: Phishing, Malware, Exploit, Trojan, The Week in Cybercrime, Hacked

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Posts by Topic

see all