Thursday, May 24, 2018

Dancho Danchev's Blog Going Private - Request Access

Dear blog readers, it's been several years since I last posted a quality update following my disappearance in 2010. I wanted to take the time and thank everyone including researchers and colleagues who participated in the search including colleagues and vendors who offered expertise and advice including possible career opportunity.

As I've recently launched InfoWar Monitor 2.0 I decided that the time has come for me to take my blog to a new level by offering proprietary invite-only commercial access to selected readers who request access. The access guarantees unlimited access to daily cybercrime research information security topics coverage including an unlimited supply of actionable threat intelligence research on a daily basis including access to InfoWar Monitor 2.0 security podcast subscription security mailing list security newsletter a closed security community and a hacker E-zine released by the community including unlimited access to proprietary research reports and articles.

How to request access?
Users interested in requesting access can approach me with the following details:

How long have you been reading my blog?
How much would you be willing to invest to obtain access on a monthly basis?

I can be reached at


Tuesday, May 22, 2018

Summarizing Webroot's Threat Blog Posts for January - 2012

In this post I'll summarize Webroot Threat Blog Posts for January, 2012. Feel free to check out some of the latest research published at the blog here and consider subscribing to its RSS feed.

01. Cybercriminals generate malicious Java applets using DIY tools
02. A peek inside the uBot malware bot
03. Researchers intercept a client-side exploits serving malware campaign
04. How phishers launch phishing attacks
05. A peek inside the Umbra malware loader
06. How malware authors evade antivirus detection
07. Inside AnonJDB – a Java based malware distribution platforms for drive-by downloads
08. hacked, 24 million users affected
09. Inside a clickjacking/likejacking scam distribution platform for Facebook
10. A peek inside the Cythosia v2 DDoS Bot
11. A peek inside the PickPocket Botnet
12. Mass SQL injection attack affects over 200,000 URLs
13. Email hacking for hire going mainstream
14. Millions of harvested emails offered for sale

Monday, May 14, 2018

Security News - Safe Browsing protection from even more deceptive attacks - Commentary

Google's security initiatives, continue, indicating, the search engine market's leader, ambitions, towards, building, a vibrant, ecosystem, for, protecting, end users, from malicious attacks, and, further, position, the company, as, an emerging, leader, whose, activities, contribute, to the, overall security level, of the entire ecosystem.
"Safe Browsing has been protecting over one billion people from traditional phishing attacks on the web for more than eight years. The threat landscape is constantly changing—bad actors on the web are using more and different types of deceptive behavior to trick you into performing actions that you didn’t intend or want, so we’ve expanded protection to include social engineering."

The latest, indication, of this, trend, is the company's, introduction, of, social engineering attack, warnings, fully capable, of preventing, widespread damage, and to prevent, a malicious attack, from taking, place, in the early stages, of the campaign. With malicious actors, continuing, to utilize, visual social engineering campaigns, to serve, malicious software, and potentially unwanted applications, compromising, the confidentiality, integrity, and, availability, of information, visual social engineering, will, continue, to represent, a growing attack vector, to be utilized, by malicious actors, that, needs, better, protective, mechanisms, on behalf, of ecosystem participants.

This post has been reproduced from Dancho Danchev's blog. Follow him on Twitter.