Think Information. Think Security.
Watch out if you get email messages with attachments named like “Financial_Statement.exe” or “Postal_document.exe” – they mean trouble.

During these past few days we’ve seen here at BitDefender millions of spam messages either bundled with malware or containing a dangerous link. In this particular case I chose to present here, cyber-crooks tried to con the users by exploiting the natural and justified concern for their financial situation, serving them unsafe though extremely appealing attachments.

So, all in the name of money deposited in bank accounts and goods delivered via the postal service, there have been circulating e-mails with attached financial statements or postal documents. These are basically two facets of the same piece of malware – a downloader (identified by BitDefender asTrojan.Generic.KDV.280912) masquerading a Microsoft Word icon but bearing an .exe extension.

Eminem fans, be aware this scam and phishing attack.

Earlier today, BitDefender has detected a new spam wave claiming to originate from one of the most visited portals in the country and informing the recipient about rap star Eminem being shot dead in Detroit.

The unsolicited message also contains a link to an alleged “Full story”, but instead, when clicked, takes the user to a malicious file. In order to trick the user into running it, the downloaded file bears a double extension (jpg.exe) and an icon that resembles a thumbnail of Eminem’s picture. If clicked, the executable file installs a backdoor (identified by BitDefender as Trojan.Zapchast.NBF).

The PDF vulnerability apparently still lingers in iOS.

Last week Germany's Federal Office for Information Security issued a warning claiming that a security hole in several versions of iOS leaves users vulnerable to malicious code contained in infected PDF files.

The exploit, originally uncovered by a team of hackers at, grants the hacker administration privileges over Apple's devices, giving access to passwords, banking information, email, contact information and even allows for telephone conversation interception... all of which is undetected by the user. So far, the only available patch released to resolve the issue is for jailbroken Apple devices. And so far, there have been no reports of hackers actually taking advantage of this newly-discovered exploit.

Computers components and other electronics imports may increasingly contain malicious software, according to a Congressional cyber-security expert, adding to the growing list of cyber-security threats affecting the U.S. government.

Hackers may be able to inject bad code into components imported from overseas plants, planting tools to help them launch cyber attacks on the U.S., according to Representative Jim Langevin (D., R.I.).

"Corrupting hardware and software is embedded in the supply chain," Langevin said. "We have a real challenge on our hands to better secure the supply chain."

It seems that malware is becoming a regular thing for Android base devices. This is something that Google should look into seriously if they really want to maintain their status as a major player in the mobile market.

ZeuS, also known as ZBot, is one of most well-known malware in the industry. The main purpose of this malware is to steal information, primarily banking credentials that are used to perform electronic fraud. In September of 2010 a new variant of ZeuS was discovered targeting mobile devices (Symbian, Blackberry and Windows Mobile) which basically will intercept SMS’s sent to the user by the bank and forward the captured mTANs to a remote server in order to defeat the SMS-based banking two-factor authentication.

It's been almost a year since we revealed our Binary Planting research project which identified 520+ remote execution vulnerabilities in almost all Windows applications. During this period, hundreds of binary planting vulnerabilities have been publicly reported and some have actually been fixed.

While some in the security community still seem to have a hard time understanding that binary planting doesn't only affect the loading of libraries but also stand-alone executables, we went further and "extended" the problem to all file types. This blog post reveals an interesting sample from our current research on what we call File Planting.

There have been a number of high-profile security breaches in the last few months that have exposed the email addresses of millions of users. In December, Gawker Media's servers were hacked, and over 500,000 email accounts were compromised, and in April, Epsilon, one of the largest email marketing companies announced that its database had been breached. Epsilon said the breach was limited to only 2% of its clients - only about 50 companies. But those 50 companies include Citigroup, Capital One, Walgreen, Best Buy, Target, Hilton, Kroger, Tivo, Disney, The College Board and Marriot. 

Now that the Lulzboat has run aground during its three hour tour, and the rats have gone overboard in search of the relative safety of a pineapple under the sea, the computer media continues with the personal soap operas of "Anonymous" and "AntiSec" with the kids engaged in their infighting, whereas the attention of security people returns once again to the larger, more serious issues that involve the client side of the world.

When we last left our heroes, Microsoft had announced the takedown of a major botnet known as "Rustock." Well... not a complete takedown of course, but it's dwindled a bit aseWeek reports. Rustock had a good run before it was wrestled to the ground (almost) given that it first appeared in 2006.

A mere five year half life for malware is considered perfectly acceptable these days in the computer security realm.

A brand new spam campaign that promotes a fake Windows update is currently circulating on the Web.

The past few days have brought another mid-sized spam wave impersonating update reminders for the Windows operating system. Building on the awareness campaigns initiated by anti-malware vendors, cyber-crooks are now attempting to serve Windows users various OS updates that in the end prove to be rigged with malware.

While most spam campaigns use sloppy text that often makes no sense for a native English user, this time cyber-crooks invested a lot of effort into giving a touch of “authenticity” to this social engineering attack. And this specific wave of messages can easily mislead the untrained eye of a user who wants an operating system update.

Get used to it: Malware can't be completely blocked or eliminated. But you can manage your PCs, mobile devices, and networks to function despite being infected.
How can you be sure your organization doesn't have insidious viruses or other malware lurking within systems and applications, waiting to inflict damage? You can't.

Malware has grown sophisticated to the point where there's no guarantee that it's actually gone, even when you've applied the latest antivirus software. Making matters worse, IT infrastructures are becoming much more complex -- with an ever-growing population of devices that give malware even more possible entry points.

These days, you have to assume there are some infected PCs or other devices on the corporate network.