Kaspersky Security Bulletin 2018. Top security stories

Introduction The internet is now woven into the fabric of our lives. Many people routinely bank, shop and socialize online and the internet is the lifeblood of commercial organizations. The…

The Rotexy mobile Trojan – banker and ransomware

On the back of a surge in Trojan activity, we decided to carry out an in-depth analysis and track the evolution of some other popular malware families besides Asacub. One…

AgriLife Extension provides information on biopesticides

Writer: Kay Ledbetter, 806-677-5608, skledbetter@ag.tamu.eduContact: Dr. Ed Bynum, 806-677-5600, ebynum@ag.tamu.edu AMARILLO – Producers may have additional biological pesticides to add to their arsenal of control methods for pests such as…

Texas Insider Report: AUSTIN, Texas – Today Texas Land Commissioner George P. Bush announced the Texas General Land Office (GLO) has approved all nine methods of distribution (MODs) proposed by…

Local plans, comments, and responses included as Amendment 1 to the State Action Plan Texas Insider Report: AUSTIN, Texas – Today Texas Land Commissioner George P. Bush submitted Amendment 1…

For the last two years we have been monitoring a Russian-language cyberespionage actor that focuses on Central Asian users and diplomatic entities. We named the actor DustSquad and have provided…

Octopus-infested seas of Central Asia

For the last two years we have been monitoring a Russian-language cyberespionage actor that focuses on Central Asian users and diplomatic entities. We named the actor DustSquad and have provided…

MuddyWater expands operations

Summary MuddyWater is a relatively new APT that surfaced in 2017. It has focused mainly on governmental targets in Iraq and Saudi Arabia, according to past telemetry. However, the group…

Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system

In Q2 2018, Kaspersky Lab published two blogposts about Roaming Mantis sharing details of this new cybercriminal campaign. In the beginning, the criminals used DNS hijacking in vulnerable routers to…

Amendment 1 to the State Action Plan outlines allocations for $2.3 billion in housing recovery funds Texas Insider Report: AUSTIN, Texas – Today Texas Land Commissioner George P. Bush announced posting…

IT threat evolution Q2 2018

Targeted attacks and malware campaigns Operation Parliament In April, we reported the workings of Operation Parliament, a cyber-espionage campaign aimed at high-profile legislative, executive and judicial organizations around the world…

How do file partner programs work?

It’s easy to notice if you’ve fallen victim to an advertising partner program: the system has new apps that you didn’t install, ad pages spontaneously open in the browser, ads…

Feral hog workshop set for Aug. 10 in Seguin

Contact: Ward Ling, 979-845-6980, wling@tamu.edu SEGUIN — The Geronimo and Alligator Creeks Watershed Partnership will present a Feral Hog Workshop Aug. 10 at the Texas A&M AgriLife Extension Service office…

To crypt, or to mine – that is the question

Way back in 2013 our malware analysts spotted the first malicious samples related to the Trojan-Ransom.Win32.Rakhni family. That was the starting point for this long-lived Trojan family, which is still…

Pbot: evolving adware

The adware PBot (PythonBot) got its name because its core modules are written in Python. It was more than a year ago that we detected the first member of this…

A MitM extension for Chrome

Browser extensions make our lives easier: they hide obtrusive advertising, translate text, help us choose in online stores, etc. There are also less desirable extensions, including those that bombard us…

Tackling mosquito, tick problems in Texas

Experts convene as part of Western Gulf Center of Excellence for Vector-Borne Diseases Writer: Blair Fannin, 979-845-2259, b-fannin@tamu.edu Contact: Dr. David Ragsdale, 979-845-2510, dragsdale@tamu.edu WESLACO – With ticks posing an…

Roaming Mantis dabbles in mining and phishing multilingually

In April 2018, Kaspersky Lab published a blogpost titled ‘Roaming Mantis uses DNS hijacking to infect Android smartphones’. Roaming Mantis uses Android malware which is designed to spread via DNS…

The King is dead. Long live the King!

In late April 2018, a new zero-day vulnerability for Internet Explorer (IE) was found using our sandbox; more than two years since the last in the wild example (CVE-2016-0189). This…

Roaming Mantis uses DNS hijacking to infect Android smartphones

In March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized…