Friday, September 28, 2007

Syrian Embassy in London Serving Malware

After Bank of India was serving malware in August, next to the U.S Consulate in St.Petersburg two days later in September, now the Syrian ...
Thursday, September 27, 2007

Syrian Embassy in London Serving Malware

After Bank of India was serving malware in August, next to the U.S Consulate in St.Petersburg two days later in September, now the Syrian Em...
Wednesday, September 26, 2007

A New Issue of (IN)Secure Magazine "in the Wild"

(IN)Secure Magazine's Issue 13 was released yesterday, and as always is definitely worth printing out. What is (IN)Secure Magazine? (IN...

China's Cyber Espionage Ambitions

Must have been slow news week, so slow that all of a sudden Germany , the U.K , France , New Zealand , and the U.S got hacked by China'...

Localizing Open Source Malware

Can you find the differences in this piece of malware compared to the previous open source one I covered recently? Besides its localization...
Monday, September 24, 2007

The Dark Web and Cyber Jihad

It's interesting to monitor the use and abuse of the buzz word " Dark Web ". This press release for instance, tries to imply t...
Friday, September 21, 2007

The Truth Serum - Have a Drink!

Which security vendor would you rather choose if you were to ignore your current Return on Security Investment model ? The one telling you ...
Thursday, September 20, 2007

DIY Phishing Kit Goes 2.0

With the release of the second version of the DIY phishing kit that I covered in a previous post, next to commentary on another one and a ...
Wednesday, September 19, 2007

Custom DDoS Capabilities Within a Malware

DDoS capabilities within a malware are nothing new and are in fact becoming a commodity feature, but compared to the average DDoS-ers with ...

Two Cyber Jihadist Blogs Now Offline

Jihad Fields are Calling and The Ignored Puzzle of Knowledge are down, apparently the authors themselves decided to delete them compared t...
Monday, September 17, 2007

A Chinese Malware Downloader in the Wild

This is an example of a recently released in the wild DIY downloader with rather average features such as the ability for the malware author...

PayPal and Ebay Phishing Domains

As I needed another benchmark for a creative typosquatting next to my best finding of this World of Warcraft domain scam , I stumbled upon t...

Storm Worm's DDoS Attitude - Part Two

After commenting on Storm Worm's logical connection with the recent DDoS attacks against anti-scam web sites , SecureWorks timely releas...
Friday, September 14, 2007

U.S Consulate St. Petersburg Serving Malware

If that's not a pattern and good timing, it's a malicious anomaly. On the 31 of August, 2007, Bank of India was serving malware cou...
Wednesday, September 12, 2007

209 Host Locked

Ever came across this fake error message? A "209 Host Locked" message on a fraudulent domain is the default indication that you...
Tuesday, September 11, 2007

Storm Worm's DDoS Attitude

Stage one - infect as many end users with high speed Internet access as possible through the use of client side vulnerabilities . Stage two ...
Monday, September 10, 2007

Google Hacking for MPacks, Zunkers and WebAttackers

If wannabe botnet masters really wanted to hide their activities online, they would have blocked Google's crawlers from indexing their d...

Popular Web Malware Exploitation Techniques

Who needs zero day vulnerabilities to achieve a widescale malware infection these days? Obviously the lack of this popular in the past prere...
Thursday, September 06, 2007

Infecting Terrorist Suspects with Malware

As we've already seen in the past, cyber jihadists, thus wannabe terrorists, use commercial anti virus , anti spyware and anonymity sof...
Wednesday, September 05, 2007

Examples of Search Engine Spam

Perhaps I should say an example of a 50/50 black hat SEO, as Google's not listing the first, but has already crawled the second - cashho...