Threat Research

Security vulnerabilities in Pligg CMS version 1.0.4

September 3, 2010 - While beta testing the latest version of Acunetix WVS v7, we found a large number of security vulnerabilities in various web applications. In the following days we Read more

The correct CV(or malware)

September 3, 2010 - Today we have observed some messages which at first glance appeared to be somebody trying to correct their mistakes on the CV they sent out. All messages had the same body text that read as follows: Thank you for the chat yesterday, Read more

Zombie game inspires scammers to target your brains

September 2, 2010 - Zombies. Whether they’re shuffling Romero types, the wisecracking “send more cops” variety or even the crumbling Fulci efforts it’s important to be prepared (no, I’m not counting the ones that run. Those are stupid).As you can see, I’m Read more

We are good at finding names

September 2, 2010 - We have received this file today. Rogue creators are spending less time creating interface and spending more time to find a new name.Malware name: Adware/MySecurityShieldVirusTotal File name: 622ed7d54cbeb06ef977ee111e2b97ddf3f78dd5 Submission date: 2010-09-02 16:09:43 (UTC) Result: 24/ 43 (55.8%)Domain List report.countdom.net update1.best-pc-guardever.com update2.safe-your-pcnow.netDomain Owner Registrant Contact: UIS Garritt Kooken gkook@checkjemail.nl86.592257788 fax: Read more

To infinity and beyond

September 2, 2010 - SophosLabs has discovered a technique in anti-virus marketing, which we detect as Spin/BigNumber-P. Typical behaviour involves phrases such as “Product detects X viruses!”, where X is a large, rather exact-sounding number. Some variants involve high-tech numerical displays updated in real-time Read more

Organized Web Mobsters Getting Jobs Inside Corporations

September 2, 2010 - In 2009, there were a reported 140 million records compromised, compared to 360 million in 2008. In 2010 there have been almost 13 million records stolen. But don’t have a party just yet. Criminals are fine-tuning their craft and getting Read more

Putting BitTorrent Under the Spotlight

September 2, 2010 - We have added a new video that introduces the key security concerns swirling around BitTorrent and specifically how to manage the risks that this incredibly popular application brings to your networks. We will cover how BitTorrent has evolved to Read more

Ben Franklin’s Endpoint Security Advice

September 2, 2010 - Ben Franklin dished out some pretty good security advice in his day. In fact, he was one of the most well known security professionals of his time. Many of you may realize it was Franklin that coined the saying ‘An Read more

Safe Web Surfing Rule # 1: READ the URL

September 2, 2010 - Safe Web Surfing Rule # 2: See Rule # 1Email and social networking sites might be a global phenomena, but English remains widely used in URLs and elsewhere on the Internet. Read more

U.S. Labor Day: phishers won’t be on holiday

September 2, 2010 - Holidays are times when we see a big uptick in email retail advertising. They are also a time when we should be especially aware of threats from phishing schemes in all those ads.In that surge of emails promoting Read more

Where’s Waldo? Adjusting Law and Policy for Location-Based Services

September 2, 2010 - Last month, my colleague Christopher Burgess shared some thoughts on the “double-edged sword” of location-based services at the Huffington Post. In his post, Christopher highlighted how these services could alternately be a benefit, and where they Read more

Chilean miners tragedy used to distribute malware

September 2, 2010 - We want to warn you of a Banker Trojan that is using the news of the miners trapped in Chile to be distributed and infect users. It has been detected as Banbra.GUC.The malicious file reaches the computer with the following Read more

Tenable Security Showcase – New York City

September 2, 2010 - Please join Tenable's own Ron Gula, Renaud Deraison, Marcus Ranum and Paul Asadoorian for a Security Showcase on October 6, from 8:30am to 2:00pm at the New York Marriott East Side, 525 Lexington Ave. at 49th Street in New York Read more

Faulty Fiverrs

September 2, 2010 - Fiverr is an excellent site that allows you to buy / sell services – all of which cost $5.There’s all sorts of crazy things on there, but does it attract rogues and individuals who generally want to Read more

FakeAV, now with sounds

September 1, 2010 - Recently, creators of Fake Anti Virus software have been getting quite creative and somewhat “professional” in designing the look and feel of their fake software. Today I came across one with sounds. Read more

Cyberthieves Hit Another University

September 1, 2010 - This post isn't PCI-related, but it does address your security and your money, so read on...According to a report in Krebs on Security, cyber thieves made off with nearly $1 million from a University of Virginia Read more

Security Advisory for NetWare 6.5 OpenSSH

September 1, 2010 - Posted by Zef CekajThis is a little information clarifying the exploitability of ZDI-10-169 as discovered by ZDI researcher Francis Provencher. Novell has classified this bug as a Denial of Service and will not be issuing a patch. Novell's Read more

GFI/Sunbelt Labs quarterly briefing is on Web

September 1, 2010 - “Turn the Tables on the Bad Guys, Malware Unmasked”The Sunbelt Labs quarterly briefing “Turn the Tables on the Bad Guys, Malware Unmasked” is available for your viewing pleasure. Read more

How Do You Find 200,000 Unique Samples a Day?

September 1, 2010 - I recently received a couple of questions about signatures from a reader. 1- You said that ESET receives around 200000 unique malware samples daily, so does ESET detect most of them or detect only the malwares that their signatures are listed Read more

Mariposa: the Slovenian story

September 1, 2010 - Some weeks ago it was announced that the Slovenian police had arrested some individuals who were responsible for selling the bot that was used to build the Mariposa botnet, whose creators were also arrested in Spain last March. Many confusing Read more

Copyright © 2010 The Security Blog. All rights reserved.