Tuesday, August 28, 2007

The Economics of Phishing

Years ago, phishing used to be like fishing at least in respect to the preparation and the patience required for the fisherman to catch some...
Sunday, August 26, 2007

Your Point of View - Requested!

Question : What is the most realistic scenario on what exactly happened in the recent DDoS attacks aimed at Estonia, from your point of vie...
Saturday, August 25, 2007

DIY Pharming Tools

In a previous post I discussed pharming from the perspective of abusing a DNS server and starting a wide-scale pharming attack. However, i...
Friday, August 24, 2007

Distributed WiFi Scanning Through Malware

Distributed computing through malware , OSINT thought botnets, distributed password cracking and distributed malicious economies of scale - ...

GIMF - "We Will Remain"

After having both of its blogs shut down , the Global Islamic Media Front issued a modest statement " Global Islamic Media Front: We w...
Wednesday, August 22, 2007

The Nuclear Malware Kit

Web based C&C malware kits are already a commodity, and with the source codes of MPack and IcePack freely available in the wild, modif...

Excuse Us for Our Insecurities

This Security Public Relations Excuse Bingo is very entertaining as it objectively provides random excuses that security vendors and public...
Tuesday, August 21, 2007

Offensive Storm Worm Obfuscation

Malware authors, often pissed off at the detection rates of their malware releases, tend to include offensive comments or messages within th...
Monday, August 20, 2007

RATs or Malware?

After the Shark 2 DIY Malware got the publicity it deserved as perhaps the most recent and publicly obtainable DIY malware , another DIY RA...
Friday, August 17, 2007

Analyses of Cyber Jihadist Forums and Blogs

Where are cyber jihadists linking to, outside their online communities? Which are the most popular file sharing and video hosting services u...
Thursday, August 16, 2007

534 Biographies of Jihadist Fighters

On the look for patterns of terrorist behaviour researchers often stereotype in order to portrait a terrorist. The Book of Martyrs (compiled...

PayPal's Security Key

PayPal's recently introduced Security Key two-factor authentication for the millions of its customers in cooperation with VeriSign'...

The Shark 2 DIY Malware

The Shark2 DIY malware (screenshots, its features, checksums of the builder, and the detection rates as of Saturday, 28th of July) finally ...
Monday, August 13, 2007

Pharming Attacks Through DNS Cache Poisoning

A month ago, a detailed assessment of a recently released vulnerability in BIND9 was conducted by Amit Klein to highlight the wide impact t...

DIY Phishing Kits

Rock Phish's efficiency-centered approach in terms of hosting numerous phishing pages on a single domain , often infected home user'...
Thursday, August 09, 2007

The Storm Worm Malware Back in the Game

After coming across the story on how Storm Worm is taking over the world for yet another time , I wondered - who are the novice malware auth...
Wednesday, August 08, 2007

A Cyber Jihadist DoS Tool

I've seen mail bombers courtesy of chinese hacktivists released during the China/U.S cyber skirmish , encryption tools released by cyb...

A Commercial Click Fraud Tool

India's secret army of "ad clickers" employed on a revenue sharing basis is an already well known threat to the future online...
Friday, August 03, 2007

Delicious Information Warfare, Friday, 3rd

It's time for this week's research papers, tools and services worth going through. Catch up with last week's content , stay info...