Malicious JavaScript code used to be contained in single .JS or .HTML files, which made malicious JavaScript analysis and detection pretty straightforward. However, in the past few days, a couple of distinct Web compromises caught my attention because the codes involved used the multipart malicious JavaScript technique. In this technique, malicious JavaScript codes can be divided into multiple parts to make up different files.

Continued here:
Increased Use of MultiPart Malicious JavaScripts in the Wild

Some folks read Wednesday’s post about autorun-worm infected Samsung Wave microSD cards and commented — thank goodness Windows 7 fixes that issue. Only optical media is allowed to AutoPlay on Windows 7, so USB devices can’t spread autorun-worms. Right?

Read more here:
Windows 7 AutoPlay and Virtual CDs

TrendLabs SM engineers Alvin Bacani and Jayson Pryde recently spotted a new spyware (detected by Trend Micro as OSX_OPINIONSPY.A ) that came bundled with screensavers , according to Intego , in sites that host free applications and software updates like MacUpdate, Softpedia, and VersionTracker. The said screensavers were found to be nonmalicious but did download information-stealing spyware, which robbed users of their email addresses, iChat message headers and URLs, as well as other personal data like user names, passwords, credit card numbers, and Web browser bookmarks and histories.

Read more from the original source:
Mac Sniffer Monitors IM Chats and RMTP Data Packets

Italian bank Banca Popolare di Sondrio has become phishers’ new target with the discovery of a spammed message containing a link to the supposed bank’s Internet banking site, SCRIGNO . As with previous bank-related phishing attempts, clicking the link leads users to a site that looks very much like the legitimate Internet service’s login page. The site asks users to enter their user codes and personal identification numbers (PINs).

Read this article:
Phishing Scam Targets Italian Bank

TrendLabs SM engineers recently spotted a new worm leveraging peer-to-peer (P2P) applications similar to the threat that displays copyright violation warnings. The new worm detected by Trend Micro as WORM_PITUPI.K solves the typical problem that P2P worms face, that is, hard-coded file names used to trick users by pretending to be cracks, key generators, or actual software. However, the problem with using the hard-coded technique is that the malware becomes obsolete once the software becomes outdated.

See original here:
Pirate Worm Sails the P2P Bay

Promises of freebies and other enticing promos are just a few of the tricks cybercriminals use to lure users to their profiteering schemes. TrendLabs SM engineers recently discovered suspicious-looking emails pretending to come from the iTunes Store.

Read more here:
Fake iTunes Promo Gives Away Malware

TrendLabs SM engineers noted an increase in the number of fake pharma ads spam in the past few days. As in previous cases, this slew of spam features professional-looking images to persuade users to purchase the “medicines” scammers are peddling online. Samples of these messages look like a newsletter and feature a clickable image that directs users to a malicious pharmaceutical site.

See the article here:
Fake Pharma Ads Flood Inboxes Again

The only thing worse than receiving a spammed greeting card is a one that comes with malware. TrendLabs SM senior advanced threats researcher Loucif Kharouni recently acquired a sample spam in the form of an online greeting card. The said card urges recipients to check out the greeting card by clicking the image.

View post:
Spam Greets Users with a Backdoor

TrendLabs SM engineers recently discovered an interesting Shockwave Flash (.SWF) file that displays an image and downloads a worm with code capable of initiating a denial-of-service (DoS) attack.

See the article here:
Malicious .SWF File May Trigger a DoS Attack

Beware, Twitter enthusiasts! Spam posing as Twitter email notifications are currently proliferating in the wild. The spam are of two types—the first type attempts to steal personal information or login credentials while the second attempts to infect systems with malware. A legitimate Twitter notification email looks like this: It usually begins with “Hi, *name of user*” and contains the words, “You have a direct message:,” followed by the message itself

View post:
Spam Poses as a Twitter Email Notification