A Zeus variant some AV’s call “Citadel” has received considerable attention recently, but we know that malware criminals are almost constantly modifying their wares to avoid detection and to add features. Citadel may develop into a significant risk, but in spite of its press, it appears to the RISK Team to be just another Trojan. Malware exploiting a Microsoft Office (Word) vulnerability patched in September was spotted by Symantec in targeted attacks. Cathal Mullaney at Symantec reported on “A Million-Dollar Mobile Botnet,” and no one on the RISK Team was surprised to learn it runs on Android. Webroot and M86 reported on web exploits attacking visitor’s browsers. Websense reported Blackhole related injection attacks disguised as Google Analytics code. Over the weekend ACTA protests are expected in Europe and Microsoft pre-notified for nine security bulletins on Tuesday of next week. Finally, the RSA Conference will be in a couple weeks. There’s going to be plenty of attention-seeking behavior in the InfoSec community. All of it will probably be true, but very little will ever become problems.

Tags: INTSUM

This entry was posted on Friday, February 10th, 2012 at 11:38 pm and is filed under Analysis. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.