Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Anti Malwares. Show all posts
malicious PDF files
Anti Malwares Confidential Data Confidential Information Cyber Security data security Malicious PDF Attachment malicious PDF files

Epstein Files Redaction Failure Exposes Risks of Improper PDF Sanitization

 

The United States Department of Justice recently released a new set of documents related to the Jeffrey Epstein investigation, drawing widespread attention after it emerged that some redacted information could be easily uncovered. On December 22, the department published more than 11,000 documents as part of the latest Epstein files release. Although many of the records contained blacked-out sections, some individuals were able to reveal hidden content using a simple, well-known technique. As a result, information intended to remain confidential became publicly accessible. 

Shortly after the release, political commentator and journalist Brian Krassenstein demonstrated on social media how the redactions could be bypassed. By highlighting the obscured areas in certain PDF files and copying the text into another document, the concealed information became visible. This incident highlighted a common issue with PDF redaction, where text is often visually covered rather than permanently removed from the file. In such cases, the underlying data remains embedded in the document despite appearing hidden.  

Security experts explain that PDF files often contain multiple layers of information. When redaction is performed by placing a black box over text instead of deleting it, the original content can still be extracted. Copying and pasting from these files may expose sensitive details. Specialists at Redactable, a company focused on AI-powered redaction tools, have warned that many users underestimate how complex proper PDF sanitization can be. They emphasize the importance of verifying documents before sharing them publicly to ensure sensitive information has been fully removed. 

The situation has raised concerns because U.S. government agencies have long had guidance on secure document redaction. As early as 2005, the National Security Agency published detailed instructions on how to safely sanitize documents before public release. In 2010, the Department of Homeland Security issued reminders stressing the importance of following these procedures. The apparent failure to apply such guidance to the Epstein files has prompted questions about internal review processes and potential security implications. 

This is not the first time redaction failures have exposed sensitive information. Legal experts and journalists have documented multiple high-profile cases involving court filings, media publications, and federal documents where hidden text was revealed using the same copy-and-paste method. The recurrence of these incidents suggests that improper PDF redaction remains a persistent and unresolved problem. 

Beyond the exposure of sensitive content, cybersecurity researchers have also warned about the risks of downloading Epstein-related documents from unofficial sources. Past investigations found that some distributed files were embedded with malware. Threat actors often exploit high-profile events to spread malicious content disguised as legitimate documents, particularly in trusted formats such as PDFs. Researchers at Zimperium’s zLabs team have reported an increase in PDF-based malware and phishing campaigns. Attackers favor PDFs because they appear credible, are widely used in professional settings, and can bypass some security defenses. 

These malicious files are often designed to mimic trusted organizations and target both desktop and mobile users. Experts advise accessing sensitive documents only from official sources and following proper sanitization practices before publication. Software providers such as Adobe recommend using dedicated redaction tools to permanently remove both visible and hidden data. The Epstein files incident underscores that visual redaction alone is insufficient and that improper handling of PDFs can pose serious security and privacy risks.
Read more »
Lawsuits
Anti Malwares Cyber Security Cyberfrauds DOJ Georgia Georgian Cyber Security IT department Lawsuits

Georgia Tech Faces DOJ Lawsuit Over Alleged Lapses in Cybersecurity for Defense Contracts

 

Researchers at the Georgia Institute of Technology, who have received over $1 billion in Defense Department contracts, are facing scrutiny for allegedly failing to secure their computers and servers, citing that doing so was too “burdensome.” Since 2013, the Department of Defense has mandated that any contractor handling sensitive data provide “adequate security” on their systems. 

However, at Georgia Tech, laboratory directors reportedly resisted developing a security plan and opposed IT department efforts to implement basic antivirus and anti-malware software. Two IT department employees filed a whistleblower lawsuit, leading the Department of Justice (DOJ) to join the case against the university and the Georgia Tech Research Corporation (GTRC), the nonprofit entity managing government contracts. The lawsuit claims that the Astrolavos Lab at Georgia Tech delayed creating and implementing a security plan, as required by the government contracts. 

When a plan was finally created in 2020, it did not cover all relevant devices, according to the DOJ. Furthermore, the lab, whose mission is to address the security of emerging technologies critical to national security, did not install or update antivirus or anti-malware tools until December 2021. The lab allegedly fabricated compliance reports sent to the Defense Department. The reasons behind these alleged security lapses reportedly stem from campus politics. The DOJ complaint suggests that researchers bringing in substantial government funding were viewed as “star quarterbacks,” using their influence to resist compliance with federal cybersecurity mandates. 

Between 2019 and 2022, GTRC secured more than $1.6 billion in government contracts, with over $423 million in 2022 alone. The whistleblowers, Christopher Craig and Kyle Koza, filed the suit under the False Claims Act, allowing them to receive a portion of any recovered funds. Georgia Tech and GTRC face nine counts, including fraud, breach of contract, negligence, and unjust enrichment, with the DOJ seeking damages to be determined at trial. The DOJ stressed the importance of cybersecurity compliance by government contractors to safeguard U.S. information against threats from malicious actors. 

Meanwhile, Georgia Tech expressed disappointment at the DOJ’s filing, arguing it misrepresents the university’s culture and integrity, claiming that the government itself had indicated that the research did not require cybersecurity restrictions. Georgia Tech has vowed to dispute the case in court, maintaining that there was no data breach or leak and reaffirming its commitment to cybersecurity and collaboration with federal agencies.  

This case is notable given recent cybersecurity threats faced by major universities, such as the University of Utah and Howard University, where ransomware attacks have resulted in significant financial losses.
Read more »
Security News
Anti Malwares Hackers News Malware Attack Malware Report Security News

Anti-Duqu available for free, 100% Accurate detection of Duqu


Duqu(similar to Stuxnet) is notorious worm that exploit Windows Zero-day Vulnerability.  Microsoft released temporary fix yesterday for this vulnerability .  NSS Labs claimed that they developed very accurate Duqu detection tool , available for free .

This tool detects all DuQu drivers installed on a system.  This tool was developed in the hopes that additional drivers can be discovered to allow us to learn more about the functionality, capabilities and ultimate purpose of DuQu.

According to the test, NSS tool Success rate is 100%, zero false positivies. Developers said it is using advanced pattern recognition techniques, it is also capable of detecting new drivers as they are discovered. 

Two new drivers were discovered after the tool was completed, and both were detected by the NSS tool with no updates required.
 
Read more »
Spam Report
Anti Malwares Malware Attack Security News Spam Report

Bloody photos of Gaddafi's death, A spam Mail leads to malware infection


Malware Attackers take advantage of The death of Libyan dictator Colonel Gaddafi to spread malwares.They have spammed out an attack posing as pictures of Gaddafi's death, tricking users into believing that they came from the AFP news agency and are being forwarded by a fellow internet user.





Spam Mail:



Subject: Fw: AFP Photo News: Bloody Photos: Libya dictator Moammar Gadhafi's Death

Message body:

Libya dictator Moammar Gadhafi's Death

Libyan dictator Moammar Gadhafi, the most wanted man in the world, has been killed, the country's rebel government claimed Oct. 20. The flamboyant tyrant who terrorized his country and much of the world during his 42 years of despotic rule was cornered by insurgents in the town of Sirte, where Gadhafi had been born and a stronghold of his supporters.

Attached file: Bloody Photos_Gadhafi_Death.rar
If windows users opened the attachement, it will lead to infection of your system.

Sophos anti-virus products detect the malware proactively as Mal/Behav-103.
Read more »
Symantec
Anti Malwares AntiMalvertising Armorize Malvertising Malware Attack Malware Report Security News Symantec

Symantec AdVantage(Anti-Malvertising): Armorize and Symantec partnered and launched


Armorize Technologies(malware blog) and Symantec joined together to fight against Malvertisement. They launched a AdVantage(Anti-Malvertising) Technology, cloud based scanner to detect the malvertising(malware advertisement) in online.

“Malvertising poses a serious risk to online publishers and their customers, reputation and revenue. Highly publicized malvertising infections can damage the reputation of even the most trusted online sites. Symantec AdVantage will provide ad publishers the tools they need to protect their businesses by fighting back against these threats.”
– Fran Rosch, Vice President, Identity and Authentication Services, Symantec Corp.

 Symantec Advantage will scan, detect and report malvertising on websites by automatically alerting publishers and identifying the location of malicious advertisements so customers can remove malicious ads that may damage their business’ reputation. A real-time performance dashboard complements these automatic reports by providing essential insights. For example, Symantec AdVantage will enable customers to compare safe ads to malicious advertisements and discover how and when malvertising occurred by visually tracing and identifying the path and source of infected advertisements .

Symantec AdVantage is scheduled to be made available to publishers and ad networks through a free early access program beginning in November 2011.

The service will be available here:
http://advantage.symantec.com/

Reference:
Few days back, the famous site " KickAssTorrent(KAT.ph)" served malvertising, detected by Armorize.
Read more »
Software Release
Anti Malwares Malware Analyzers Malware Attack Security Tools Software Release

Malware Analyzer v3.3 Released ~Security Tools

 
Malware Analyser is a freeware tool to perform static and dynamic analysis of the malwares.

Features:
  • String based analysis for registry, API calls, IRC Commands, DLL’s called and VMAware.
  • Display detailed headers of PE with all its section details, import and export symbols etc.
  • On distros, can perform an ASCII dump of the PE along with other options (check –help argument).
  • For windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
    ASCII dump on windows machine.
  • Code Analysis (disassembling)
  • Online malware checking (www.virustotal.com)
  • Check for Packer from the Database.
  • Tracer functionality: Can be used to identify
  • Anti-debugging Calls tricks, File system manipulations Calls Rootkit Hooks, Keyboard Hooks, DEP Setting Change, Network Identification traces.
  • Signature Creation: Allows to create signature of malware.
  • Batch Mode Scan to Scan all DLL and Exe in directories and sub-directories

Malware Analyzer v3.3 rleased.

Changelogs:
--Added Traces signatures
--Improved parsing
--Bug fixes

Read more »
Software Release
Anti Malwares iScanner Security Tools Software Release

iScanner detects and remove malicious codes and web page malwares

iScanner is a free open source tool lets you detect and remove malicious codes and web page malwares from your website easily and automatically. iScanner will not only show you the infected files in your server but it's also able to clean these files by removing the malware code ONLY from the infected files.

This tool has been programmed by iSecur1ty using Ruby programming language and it's released under the terms of GNU Affero General Public License 3.0.

Current Features:

  • Ability to scan one file, directory or remote web page / website.
  • Detect and remove website malwares and malicious code in web pages. This include hidden iframe tags, javascript, vbscript, activex objects, suspicious PHP codes and some known malwares.
  • Extensive log shows the infected files and the malicious code.
  • Support for sending email reports.
  • Ability to clean the infected web pages automatically.
  • Easy backup and restore system for the infected files.
  • Simple and editable signature based database.
  • You can easily send malicious file to iScanner developers for analyzes.
  • Ability to update the database and the program easily from iScanner's server.
  • Very flexible options and easy to use.
  • Fast scanner with great performance.
  • Yes, it's FREE!!


Read more »
Mobile Security
Android Applications Anti Malwares Antivirus Mobile Security

Free AVG Mobilation Application for Android ~ Anit Malware



Android becomes popular , at the same time  malware for Android mobiles started to increase rapidly.  In order to provide mobile security AVG released AVG Mobilation App for Android.  There are two versions available , Free and Pro.   They offer the full "pro" version with a value of around € 7

AVG Pro
"AVG Pro Mobilation" scans Android under individual applications, and media files for viruses. In addition, you can locate your cell phone using GPS on a Google Map. This is especially handy if you have lost your Android device, or it was even stolen. However, you must advance your device via e-mail address registered on the app

The security app also allows you to create backups in order to recover critical applications and data at any time. This service is still in beta phase. Next you delete with "AVG Pro Mobilation" individual tasks that reduce the speed of your mobile phone.

How safe are Mobilation AVG Pro
Exclusive to the Pro version of AVG Mobilation app you will also receive protection from virus-infected message. Also, you can block spam messages with the app.

The anti-virus feature is updated regularly, of course. New features in this version, however you will not be recorded via an update - unless you purchase "AVG Pro Mobilation" later bought.

AVG Anti-virus Free
"AVG Anti-Virus Free" Android scans under a single application, and media files for viruses. In addition, you can locate your cell phone using GPS on a Google Maps map. This is especially handy if you have lost your Android device, or it was even stolen.

The free app that allows to create backups in order to recover critical applications and data at any time. Next you delete with "AVG Anti-Virus Free 'individual tasks that reduce the speed of your mobile phone.

Get Free version from Here.

Read more »
Subscribe to: Comments (Atom)