About Aaron

Security by Passion !
Website: https://www.mobilesecuritythreat.com//
Aaron has written 137 articles so far, you can find them below.

Kickstarter hacked – gained access to customers’ data

On Febrauary 15th, Kickstarter sent an email to its customers and published a news on its blog about a data breach on kickstarter. The accessed information includes usernames, email addresses, mailing addresses, phone numbers and encrypted passwords.  The sophistication on the hacker is not known yet but its possible that passwords can be extracted by […]
Share Button
Continue reading →

US Veterans of Foreign Wars website compromised by IE Zero day Exploit (CVE-2014-0322)

Recently  a zero day vulnerability in Internet Explorer was discovered(CVE-2014-0322)). Researchers from Fireeye has identified that hackers are using this vulnerability in targeting US military personals. Furthermore they also suspect that this may be a very strategic campaign (Operation Snowman) during the President’s day weekend. FireEye researchers observed  drive-by-download attack which  alters HTML code of the […]
Share Button
Continue reading →

Careto/Mask APT cyber-espionage operations running and undetected for 7 long years

Its almost sounded unbelievable when Kaspersky research published a cyber espionage APT campaign MASK (Careto) that’s been running in the wild since 2007, undetected, targeting 31 countries.   The complexity of the tools used for MAST by the attackers are very sophisticated which makes its very special. This includes an extremely sophisticated piece of malware, a […]
Share Button
Continue reading →

IoS 7 Vulnerability Allows ‘FIND MY IPHONE’ Security Feature to be Disabled without password

Bradley Williams, a security researcher has discovered a vulnerability in iOS 7 that can allow the disabling of ” Find My iPhone” without having to enter a password. This new vulnerability  allows someone who has access to your i-phone to quickly disable  “Find My iPhone” service, which is used to track the location of all registered […]
Share Button
Continue reading →

Snapchat app is vulnerable to DDoS attack, can crash your iPhone,reacts to it very stubborn.

Jamie Sanchez, a security researcher discovered a vulnerability within Snapchat mobile app which can crash your iphone by Denial of Service attack. The vulnerability can enable a hacker to launch DoS attacks which can potentially crash a users phone or requires that the user perform a hard reset. He further says with a video that […]
Share Button
Continue reading →

Brazilian Encrypted Java Archive trojan banker spreads via Playstation phishing email – Kaspersky

Researchers from Kaspersky discovered a Brazilian Java Trojan that spreads via phishing email. Dmitry Bestuzhev explains that he never owned a Playstation but received an email with an attachment with a unusual ways of spreading Trojan bankers via .Jar files ( 14KB). It appeared to be a strange Trojan because even if  a user just clicks on a .jar […]
Share Button
Continue reading →

Largest Website in Sweden Aftonbladet serves Malicious Code for Internet Explorer users

Its very common lately for sites spreading malware from ads. The ad which are served from Google and Microsoft may relie on third party syndication may potentially be compromised which may lead to malware distribution.  A similar incident happened as reported by Kaspersky that the largest website of sweden was spreading scare-ware to its users. […]
Share Button
Continue reading →

Adobe released Emergency Flash Player update for critical zero day threat – CVE-2014-0497

Adobe released an emergency patch for a critical vulnerability affecting Flash Player for Windows, Linux and OS X, the exploitation of which can result in an attacker gaining remote control of the compromised systems. The security flaw exists in Adobe Flash Player 12.0.0.43 and earlier versions  Adobe thanks Alexander Polyakov and Anton Ivanov of Kaspersky Labs […]
Share Button
Continue reading →

PNG Image Metadata leads to New iFrame Injections

Peter Gramantik, a malware researchers from Sucuri has discovered a new way to distribute malware that relies on reading  JavaScript code stored in an obfuscated PNG file’s metadata to trigger iFrame injections. This injection makes it very harder for antivirus detection because the injection  method is  deeply engrained in the image’s metadata. This iframe can be seen […]
Share Button
Continue reading →

GameOver Latest Zeus variant uses Encryption to bypass Detection – Gary

  GameOver Zeus is a notorious malware family that makes fraudulent transactions from your bank accounts from the infected host. A new variant of GameOver Zeus uses encryption to hide itself while propagation which makes it almost impossible to be detected by modern day antivirus. The malware encrypts itself so well that it can pass the […]
Share Button
Continue reading →