A new run of spam trying to push the dangerous Zeus, or Zbot, trojan began circulating Monday, Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, said in a blog post. The latest campaign delivers emails claiming to come from the U.S. Social Security Administration. According to the messages, recipients can view their annual Social Security statement by clicking a link, which leads to a page requesting their Social Security number. Entering that data leads users to another page that contains a malicious executable disguised as a button to view the statement. Initial anti-virus detection was minimal, Warner said. — DK
Nansen impacted by third-party breach BleepingComputer reports that Ethereum blockchain analytics firm Nansen has disclosed that its third-party authentication provider was impacted by a data breach, which resulted in the compromise of data from 6.8% of its user base over a 48-hour period.