Compromised site serves Nuclear exploit kit together with fake BSOD

Support scammers not lying about a malware infection for a change.

During our work on the development of the VBWeb tests, which will be started soon, we came across an interesting case of an infected website that served not only the Nuclear exploit kit, but also a fake blue screen of death (BSOD) that attempted to trick the user into falling for a support scam.

When a (legitimate) website includes (legitimate) advertisements, these ads themselves are rarely included in the HTML code. Rather, the HTML contains some code — typically JavaScript — that loads content from an ad server, which shows the advertisements in the browser. This means a selection of advertisements can be shown that are deemed the most interesting to the particular user, while it also allows advertisers to bid for "eyeballs".


Throwback Thursday: Riotous Assembly

This Throwback Thursday, we turn the clock back to January 1994, shortly after Cyber Riot had emerged as the first virus capable of infecting the Windows kernel.

Today, malware that affects the Windows kernel is ubiquitous - the majority of sophisticated attacks against Windows users have at least one component executing in the operating system kernel. But in 1993, the Windows kernel remained untouched by malware - and indeed Windows viruses were somewhat cumbersome and technically quite simple. That was until Cyber Riot came along.


Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution

The operating system has been patched, but it is unclear whether users will receive those patches.

Researchers at mobile security firm Zimperium have discovered a remote code execution flaw in the Stagefright media library used on Android phones. The vulnerability allegedly means it could, for instance, take one MMS message for an attacker to run code on a targeted device. In some cases, if the device is old, this code could even be run with elevated system privileges.

Few technical details have been made public so far, but Zimperium's Joshua J. Drake will present the research at the Black Hat and DEF CON security events next week.


Throwback Thursday: Sizewell B: Fact or Fiction?

This Throwback Thursday, we turn the clock back to 1993, when VB asked the key question: could a virus compromise safety at one of Britain's nuclear power plants?

2010 saw the discovery of Stuxnet, which targeted industrial control systems in general, with the specific target of a particular Iranian nuclear facility — but 2010 wasn't the first time VB had reported on a virus infection at a nuclear facility.


VB Conference

VB2015 Prague, 30 Sept - 2 Oct 2015: Covering the global threat landscape The VB conference is a major highlight of the security calendar, with many of its regular attendees citing it as the IT security event of the year. The 25th Virus Bulletin International Conference (VB2015) takes place 30 September to 2 October 2015 at the Clarion Congress Hotel, Prague, Czech Republic.

Previous VB conference delegates said:

‘My first VB conference. I am very impressed and will be back next year for sure.’


Despite a drop in the average spam catch rate of products in this month's VBSpam review, all but one of the 16 full anti-spam solutions tested achieved a VBSpam award, with four of them achieving a VBSpam+ award.. | Read more...


This month VB lab team put 14 business products and 30 consumer products to the test on Windows 8.1 Pro. The VB100 pass rate was decent, although not quite up to the perfect or near-perfect fields seen in a few recent tests. | Read more...

Date Event Location
Aug 01 - 06 Black Hat USA Las Vegas, NV, USA
Aug 04 - 05 BSides Las Vegas Las Vegas, NV, USA
Aug 06 - 09 Defcon 23 Las Vegas, NV, USA
Aug 12 - 14 USENIX Security '15 Washington, DC, USA
Sept 09 - 11 44CON London London, UK
Sept 23 - 27 DerbyCon Louisville, KY, USA
Sept 30 - Oct 2 VB2015 Prague, Czech Republic
Oct 05 - 07 BruCON Ghent, Belgium
Oct 05 - 07 VB2016 Denver, CO, USA


virusbtn:New blog: Compromised site serves Nuclear exploit kit together with fake BSOD
Fri Jul 31 12:38:54

virusbtn:New Throwback Thursday: Riotous Assembly, a look at Cyber Riot, the first virus that infected the Windows kernel
Thu Jul 30 12:54:52

virusbtn:A happy 15th birthday to the people at @smoothwall!
Tue Jul 28 16:55:08

virusbtn:From this morning: Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution
Tue Jul 28 16:28:02

Jobs Career Sidebar