All 10 Posts
All 12 Posts
All 11 Posts
All 4 Posts
InfoSecurity, a great site for computer security news, just put up a story asking the very old question: “Why don’t AV vendors name malcode consistently.” The lead on the piece was: “…Fortinet, Sunbelt Software, and Kaspersky all published their lists of the most prevalent malware strains for the last month of 2009, but they didn’t match up, leading to an admission that users will inevitably be confused by the results.” Great observation, sort of. ...
Have you stood outside the restaurant and thought whether to go inside? Google solves this problem very easily. It has come out with yet another mind bobbling feature with Andriods and the iPhone. This Feature is known as ‘Near Me Now’. When you open google.com in your mobile like Andriods or iPhone, you see a small new addition to homepage that is ‘Near Me Now’ option below your search box. ...
Following the addition of Win32/Hamweq to the MSRT last month, MMPC will continue cleaning PCs in 2010 by adding another prevalent worm, Win32/Rimecud, to this month’s removal tool. This is due not only to Win32/Rimecud’s high detection numbers, which immediately follow those of Win32/Hamweq, but also to the similarities the two families share with each other. In fact, as part of its payload, Win32/Hamweq may download Win32/Rimecud, contributing to Rimecud’s suitability as the next target for MSRT. ...
This Black Tuesday was different as anticipated – Microsoft releases only one security bulletin, but other companies “jumped in” and deliver updates now as well. For the windows operating systems, only one Security Bulletin was released. MS10-001 deals with a vulnerability in the decompression routines of the Embeded OpenType Font Engine. This means that especially in Windows 2000, programs like Internet Explorer, Word or PowerPoint for example which render EOT fonts can put the system at risk when viewing manipulated contents. In newer operating systems the flawed code is used differently so that Microsoft assumes that it isn’t exploitable there. ...
McColo (Nov. 08), Torpig (May 09), MegaD (Nov. 09), Lethic (Jan 10) The Darkreading.com site is reporting that researchers with communications security firm Neustar, of Sterling, Va., working with ISPs has taken over the command-and-control servers and shut down the Lethic botnet. The owners of the Lethic network specialized in diploma, pharmaceutical and replica spam. It is believed that Lethic was responsible for 10 percent of spam. Other recent botnet takedowns include: — McColo (Nov. 08), — Torpig (May 09), — MegaD (Nov. 09) ...
SysDefenders is the latest addition to the clones of the WiniGuard rogue anti-spyware family. if your computer is infected above malware, you should remove it soon, Click Here to learn how to remove it soon.
Looking at a random new incoming malware sample in F-Secure sample automation systems. Notice the Mutex names it uses: Hey STFU yourself, why don’t you? P.S. It’s detected as Email-Worm:MSIL/Agent.MXK
The spammers and malware authors profited of the holiday time when a lot of people are at home and sent a large amount of emails just before the official free days. As can be seen in the graphic below, we registered a higher activity in the two days before the holidays and immediately after them. The red bars are either weekend days or holidays (25.12 and 1.1). What kind of spam was sent? ...
I received an interesting IM from a friend via BlackBerry Messenger [BBM] this weekend. She was worried that it could do damage to her shiny new BlackBerry and, as she knew I work for [a security company], she forwarded it to me for my opinion. As soon as I read it, I knew it was a hoax and told her just to delete it. It didn’t really surprise me that these Hoaxes are now being spread via BBM as the devices are becoming increasingly popular. I’m sure all of you have received the usual one via E-mail about a Virus which burns the whole hard disc C of your computer , well now I believe you will be seeing them on your BlackBerry. ...
Malware authors love to innovate when it comes to persistence and hiding their nefarious creations from detection, and although most of the schemes are not unknown to analysts, they still show that malware authors are constantly on the prowl and evolving their techniques. The example I have is of yet another registry-centric malware which by the nature of its construction has several advantages to defeating naive security software. The sample, detected as Troj/RegExec-A, is essentially a multi-component threat of sorts comprising of at least 3 components (Dropper/installer, Payload and Loader.) ...