February 2, 2010 - When talking about web attacks we tend to think of just defacement or malware distribution. As I shall show in this post, this is not always the case, though financial gain remains the common motive. The attack I describe below (continue reading...) Read more
February 2, 2010 - While analyzing W32.Zimuse recently I was surprised to find two different passwords used within the threat: one of these decrypts a Word document that contains information about some members of a Slovakian motorbike forum. In order to spread via USB drives, (continue reading...) Read more
February 2, 2010 - Today, I was scanning through various industry blogs when I stumbled upon an entry from Kaspersky Labs. What was interesting was that under the veil of improving testing quality, the blog openly admitted that the organization in question (continue reading...) Read more
February 2, 2010 - Ease and Security Don't Mix In the eternal quest to create easy ways for systems to communicate with people and other systems, embedded device manufacturers have created new protocols. One of the first was UPnP, or Universal Plug and Play, (continue reading...) Read more
February 2, 2010 - The other day, I came across a malware that attempts to hide its infection not in that technical but in the very unique way. “Muster” is a family of backdoor which has been using help files for hiding themselves. The help (continue reading...) Read more
February 1, 2010 - One trait that I developed since I started with Sophos is being calm under pressure. With virus and spam outbreaks, analysts needs to keep their nerves to analyze the situation and proceed to deal with the new threat. So, I (continue reading...) Read more
February 1, 2010 - As we start off the month of February, let’s look at the “20 Critical Controls” and how McAfee solutions can be used to achieve each control. Each day we will cover one of the 20 controls, highlighting key ways that (continue reading...) Read more
February 1, 2010 - Who gets mail? We all do. Mail arrives from a variety of public sector sources such as the court system inviting you to jury duty or county assessor providing you with the annual assessment and tax bill. You may also receive (continue reading...) Read more
February 1, 2010 - If your Development department (or anyone else on campus) records phone transactions, you need to take a look at the PCI Council's revised FAQ on these recordings. You may need to upgrade or replace your recording system or, failing (continue reading...) Read more
February 1, 2010 - Welcome to the Tenable Network Security Podcast - Episode 21 Announcements A new blog post has been released titled "New Nessus Videos - Scanning With Credentials" that covers how you can provide credentials to Nessus for both network-based and web application (continue reading...) Read more
February 1, 2010 - February has already begun, which means Valentine’s Day is close at hand. As usual, spammers will definitely hype up their malicious activities. It is only the first day of the so-called “love month” but we have already seen at least (continue reading...) Read more
February 1, 2010 - The Internet has grown to become a massive venue for information exchange that everything a user encounters on the Web may potentially be treacherous, including supposed antivirus software. Trend Micro Threat Encyclopedia has, so far, over 2,000 entries related (continue reading...) Read more