Blog

Community news and analysis: December 2014

Posted on January 16, 2015 - 14:12 by ccondon

Here's a quick (late) roundup of security community happenings from last month. Naturally, the SoakSoak malware campaign has been foremost on our minds, but December brought a number of other announcements and some neat malware analysis from our partners, too.

Security news

  • Google released code for End-to-End Chrome extension to open source (GitHub repository). As of last month, the extension, which enables end-to-end encryption for Gmail within Chrome, was not yet ready for the Chrome Web Store.
  • Qualys on December Patch Tuesday

Malware 

  • ESET and Sophos on Win32/VirLock, a parasitic, polymorphic hybrid strain of ransomware
  • Sucuri on the massive SoakSoak malware campaign, the RevSlider vulnerability that led to it, and infection evolution
  • Automattic on scanning for SoakSoak and how to begin fixing a compromised site
  • Fortinet: Analysis of a JAR obfuscated malware packer

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.