Friday, September 21, 2007

The Truth Serum - Have a Drink!

Which security vendor would you rather choose if you were to ignore your current Return on Security Investment model ? The one telling you ...
Thursday, September 20, 2007

DIY Phishing Kit Goes 2.0

With the release of the second version of the DIY phishing kit that I covered in a previous post, next to commentary on another one and a ...
Wednesday, September 19, 2007

Custom DDoS Capabilities Within a Malware

DDoS capabilities within a malware are nothing new and are in fact becoming a commodity feature, but compared to the average DDoS-ers with ...

Two Cyber Jihadist Blogs Now Offline

Jihad Fields are Calling and The Ignored Puzzle of Knowledge are down, apparently the authors themselves decided to delete them compared t...
Monday, September 17, 2007

A Chinese Malware Downloader in the Wild

This is an example of a recently released in the wild DIY downloader with rather average features such as the ability for the malware author...

PayPal and Ebay Phishing Domains

As I needed another benchmark for a creative typosquatting next to my best finding of this World of Warcraft domain scam , I stumbled upon t...

Storm Worm's DDoS Attitude - Part Two

After commenting on Storm Worm's logical connection with the recent DDoS attacks against anti-scam web sites , SecureWorks timely releas...
Friday, September 14, 2007

U.S Consulate St. Petersburg Serving Malware

If that's not a pattern and good timing, it's a malicious anomaly. On the 31 of August, 2007, Bank of India was serving malware cou...
Wednesday, September 12, 2007

209 Host Locked

Ever came across this fake error message? A "209 Host Locked" message on a fraudulent domain is the default indication that you...
Tuesday, September 11, 2007

Storm Worm's DDoS Attitude

Stage one - infect as many end users with high speed Internet access as possible through the use of client side vulnerabilities . Stage two ...
Monday, September 10, 2007

Google Hacking for MPacks, Zunkers and WebAttackers

If wannabe botnet masters really wanted to hide their activities online, they would have blocked Google's crawlers from indexing their d...

Popular Web Malware Exploitation Techniques

Who needs zero day vulnerabilities to achieve a widescale malware infection these days? Obviously the lack of this popular in the past prere...
Thursday, September 06, 2007

Infecting Terrorist Suspects with Malware

As we've already seen in the past, cyber jihadists, thus wannabe terrorists, use commercial anti virus , anti spyware and anonymity sof...
Wednesday, September 05, 2007

Examples of Search Engine Spam

Perhaps I should say an example of a 50/50 black hat SEO, as Google's not listing the first, but has already crawled the second - cashho...

Storm Worm's Fast Flux Networks

Following my previous posts on " Storm Worm Malware Back in the Game " and " Storm Worm's use of Dropped Domains ", ...
Tuesday, September 04, 2007

Login Details for Foreign Embassies in the Wild

Login details for international embassies have been in the wild since August 30th in a full disclosure style : " Here is a list with...

DIY Exploits Embedding Tools - a Retrospective

Great analysis by the Spywareguide folks -- Chris Boyd and Peter Jayaraj in this assessment -- especially my deja vu moment with the King...
Monday, September 03, 2007

Spammers and Phishers Breaking CAPTCHAs

The emergence of CAPTCHA based authentication was a logical move in the fight against automated brute forcing of login details, registration...
Friday, August 31, 2007

Bank of India Serving Malware

Ryan at ZDNet's Security blog is reporting on the breached site of Bank of India , which in the time of blogging is still serving malw...

Malware as a Web Service

Popular malware tools such as binders and downloaders usually come in a typical software application form. Moreover, when I talk about malwa...