Home

New Sunspot Trojan Windows Malware morphs into financial fraud platform

Below is a media alert from Amit Klein, Trusteer's CTO new research on the Sunspot Trojan a new piece of financial malware whose infection rates are similar to SpyEye and Zeus in some regions. There are confirmed fraud losses associated with Sunspot, so the threat is real.

This is a very modern malware platform with sophisticated fraud capabilities. Equally concerning, the detection rate for Sunspot by leading anti-virus programs is painfully low. According to a Virus Total analysis, only nine of 42 anti-virus programs tested, or 21%, currently detect Sunspot. It can carry out man-in-the-browser attacks including web injections, page grabbing, key-logging and screen shooting (which captures screenshots of the mouse vicinity as a user types his/her password on a virtual keyboard).

: NEIL STINCHCOMBE; InfoSecurity; Posted On Friday, 13 May 2011 16:04

TV station reveals serious security flaws with RFID-equipped credit and debit cards

Commenting on a consumer TV report into the insecurity of RFID-equipped credit and debit cards, SecurEnvoy says that the apparent ease with which researchers have been able to create a `magic wand’ that reads cards at a distance shows that more work needs to be done on wireless encryption.

: YVONNE ESKENZI; InfoSecurity; Posted On Friday, 13 May 2011 15:47

War against hackers (WAH): Imperva turns the tables on hackers...the heat is on!

Imperva’s Hacker Intelligence Initiative has turned the tables on the hacking community by delving into their cyber-underground lair to provide analysis of the trending hacking techniques and interesting attack campaigns from the past month. The first, of what will be a monthly inside scope, looks at an attack which usually flies under the radar – Remote File Inclusion (RFI).

: DULCIE MCLERIE; InfoSecurity; Posted On Thursday, 12 May 2011 17:44

SecureEnvoy's research exposes the folly of Sony's handling of its data breach double whammy

Research conducted at the Infosecurity Europe show last month reveals that - with almost a fifth of IT managers surveyed playing computer games - Sony has potentially seriously damaged its reputation with the data breaches on its two gaming names, the PlayStation Network and Online Entertainment Network.