For those of our readers who follow PlayStation 3 discussions, it would have been hard to miss the discussion about a new "jailbreak" for PS3. News of a USB dongle that breaks the security model of the game console to enable execution of third party software (as well as pirated games) have been going around like wildfire.

Zeus continues to be one of the most common malware we run into.

Just now we've been watching a spam run with malicious ZIP files attached to them.

Inside the ZIP is always the same Zeus variant (md5 92671afe999e12669315e220aa9e62c2) but the name varies. So far, we've seen these filenames:

  •  2010 Contract With LC Change 051005.exe
  •  Flight Attendant-0600003A.exe

Honestly, how many times have you won free stuff by clicking on links? And no… those spam, trojan, and spyware do not count as free stuff.

We recently found a scam that promises a free iPad to application testers. Apparently, the site lures the person into joining an iPad application testing program while the site owner makes profit from SMS fee charges and affiliation programs. To enroll in the program, "testers" are required to complete two steps.

Here's the bad news: several additional malware families are now attempting to exploit Microsoft's LNK vulnerability (2286198).

But here's the good news: so far, the new exploit samples are detected by us, and by many other vendors. Basically we're seeing new payloads using the same basic exploit method, which is being detected generically, and not new versions of the exploit.

There's a couple of new developments in the Stuxnet rootkit case. Last night, the analysts in our Kuala Lumpur lab added detection for another digitally signed Stuxnet driver. This one uses a certificate from JMicron Technology Corporation.

Our detection for this new binary is Rootkit:W32/Stuxnet.D.

While malware updating via public resources is nothing new in itself, the RSA FraudAction Research Lab recently witnessed this hosting method being used to operate a banking Trojan; specifically a variant of...

There's a new threat that spreads via USB storage devices, by exploiting a previously unknown flaw in Windows shortcuts.

We have added detection for the shortcut LNK exploit as Exploit:W32/WormLink.A. The shortcut file used in this case is 4.1 KB. Files associated with the trojan-dropper, backdoor, rootkit are detected as the Stuxnet family.

The Register has interesting article on 50 people that were arrested in Romania for using smart phone spying tools to spy on their spouses, competitors, and other people who fell victim for one or another motivation.

Ace from our Kuala Lumpur lab has written a technical white paper on the internals of the highly advanced TDL3 trojan. The paper goes deep into the features of this advanced backdoor/rootkit.

You can download "The Case of Trojan DownLoader TDL3" from here [2MB PDF file].

Zynga's FarmVille is a popular social networking game and perhaps it should come as little surprise that many players want to learn FarmVille secrets and cheats. And so they turn to search engines to find them.

Currently, "farmville cheats" is a highly ranked suggestion:

Sad but true.