Category Archives: Uncategorized

May 26, 2016, 3:17 pm
in Uncategorized , by Liviu Arsene

Bitdefender vulnerability researcher Radu Caragea presented today at the Hack In The Box Amsterdam conference a novel way to extract TLS keys from virtual machines, using an out-of-guest approach. The new technique works to detect the creation of TLS session … Continue reading

Comments Off on TeLeScope unveiled at Hack In the Box
April 26, 2016, 11:12 am
in Uncategorized , by Alexandra GHEORGHE

Facebook vulnerability breaks down the convenience of social login authentication.  Insufficient security validation allows attackers to impersonate Internet users and gain password-less access to any of their online accounts.

Comments Off on Attackers Pose as Account Owners via Facebook Login Flaw
March 3, 2016, 3:00 pm
in Uncategorized , by Bogdan Botezatu

[UPDATE] The main protection mechanism provided by the Cryptowall Vaccine relied on exploiting a programming flaw in the Cryptowall Trojan itself. The Cryptowall operators have modified the way they check whether a system has been infected or not, which renders the Cryptowall Vaccine … Continue reading

Comments Off on Cryptowall vaccine discontinued
February 24, 2016, 4:24 pm
in Uncategorized , by Liviu Arsene

Windows ransomware has inflicted financial losses for the past couple of years, especially since almost half of victims end up paying to recover their files. However, cybercriminals have apparently been eyeballing other platforms as well, as our Android report for … Continue reading

Comments Off on Ransomware and SMS-Sending Trojans: Top Threats in Bitdefender Android H2 2015 Report
February 5, 2016, 2:08 pm
in Uncategorized , by Razvan Stoica

The Bitdefender CTF Team  – PwnThyBytes – came in fifth in the SECCON international capture the flag competition finals that took place in Tokyo, Japan, improving on the 6th position obtained in the online qualifiers round that pitched 1251 teams … Continue reading

Comments Off on Big in Japan
December 17, 2015, 10:35 am
in Uncategorized , by Liviu Arsene

Bitdefender researchers have uncovered a massive global intelligence-gathering operation and performed an in-depth analysis of the cyber-espionage malware used to harvest intelligence from top political figures, government institutions, telecommunication, e-crime services and aerospace companies Read the fully detailed APT28 whitepaper (click … Continue reading

Comments Off on APT28 Under the Scope – A Journey into Exfiltrating Intelligence and Government Information
September 1, 2015, 1:55 pm
in Uncategorized , by Liviu Arsene

Bitdefender has found a Stored XSS vulnerability in PayPal that could allow attackers to upload maliciously crafted files to perform attacks on PayPal customers. The vulnerability can be weaponized to deliver malicious content or files to users, allowing a wide … Continue reading

August 28, 2015, 8:16 am
in Anti-Malware Research, Uncategorized , by Liviu Arsene

An arbitrary code execution in the JetAudio Basic (v8.1.3) and JetVideo media players for Windows could allow an attacker to craft a malicious “.asf” file and compromise the host, according to findings of the Bitdefender Research Team.

Comments Off on Vulnerability in JetAudio and JetVideo Media Players Allows for Arbitrary Code Execution
June 23, 2015, 7:36 am
in Uncategorized , by Liviu Arsene

The Bitdefender Research team analyzed popular Android app Instapaper and found it can be vulnerable to man-in-the-middle attacks that could expose users’ signup/login credentials when they try to log in into their accounts. The vulnerability may have serious consequences, especially … Continue reading

March 4, 2014, 2:03 pm
in Uncategorized , by Razvan Stoica

The paper by Bitdefender developer Andrei Serbanoiu, titled Digging into Facebook ads: finding clues that indicate a scam pattern and presented at the recent Virus Bulletin conference, is now available from the Bitdefender website, here.

Comments Off on Digging into Facebook ads: finding clues that indicate a scam pattern