Wednesday, October 10, 2007

Compromised Sites Serving Malware and Spam

Wish it was the average .cn domain I'm referring to, in this case it's the web sites of three U.S towns, namely the City of Chetek ,...

Incentives Model for Pharmaceutical Scams

Sometimes, it's unbelievable how easy is in fact to social engineer people on their way to "make a deal" online, especially wh...
Monday, October 08, 2007

Assessing a Rock Phish Campaign

The majority of Rock Phish campaigns usually take advantage of a single domain that's hosting numerous different phishing scams targe...
Friday, October 05, 2007

People's Information Warfare Concept

Malicious Culture of Participation DoS battle stations operational in the name of the " Please, input your cause ". Preventing a m...
Wednesday, October 03, 2007

DIY CAPTCHA Breaking Service

Given that spammers and phishers are already breaking, bypassing our outsourcing their CAPTCHA breaking needs, the introduction of a DIY ( ...

CISRT Serving Malware

The Chinese Internet Security Response Team is reporting that it has found embedded IFRAMEs serving malware within some of its pages. And d...
Tuesday, October 02, 2007

The Dynamics of the Malware Industry - Proprietary Malware Tools

The Underground Economy's Supply of Goods and Services The demand for private malware tools such as crypters, loaders and droppers is i...
Monday, October 01, 2007

Love is a Psychedelic Too

Compared to a previous example of an over-performing image spammer whose efforts to bypass spam filters make it virtually impossible for so...
Sunday, September 30, 2007

Don't Play Poker on an Infected Table

The scammy Euro VIP Casino is making another round this afternoon and trying to entice the spammed European users into downloading its soft...

Zero Day Vulnerabilities Market Model Gone Wrong

It's one thing to allow legitimate buyers, presumably the affected vendors themselves to bid for a zero day vulnerability discovered wi...
Saturday, September 29, 2007

DIY Chinese Passwords Stealer

This DIY passwords stealer courtesy of a chinese hacking group is pitched as Vista Compatible, with a server size in less than 20kb, process...

A New DDoS Malware Kit in the Wild

On the majority of occasions, malware authors either put efforts into implementing a set of standard features within a malware enabling them...
Friday, September 28, 2007

Syrian Embassy in London Serving Malware

After Bank of India was serving malware in August, next to the U.S Consulate in St.Petersburg two days later in September, now the Syrian ...
Thursday, September 27, 2007

Syrian Embassy in London Serving Malware

After Bank of India was serving malware in August, next to the U.S Consulate in St.Petersburg two days later in September, now the Syrian Em...
Wednesday, September 26, 2007

A New Issue of (IN)Secure Magazine "in the Wild"

(IN)Secure Magazine's Issue 13 was released yesterday, and as always is definitely worth printing out. What is (IN)Secure Magazine? (IN...

China's Cyber Espionage Ambitions

Must have been slow news week, so slow that all of a sudden Germany , the U.K , France , New Zealand , and the U.S got hacked by China'...

Localizing Open Source Malware

Can you find the differences in this piece of malware compared to the previous open source one I covered recently? Besides its localization...
Monday, September 24, 2007

The Dark Web and Cyber Jihad

It's interesting to monitor the use and abuse of the buzz word " Dark Web ". This press release for instance, tries to imply t...
Friday, September 21, 2007

The Truth Serum - Have a Drink!

Which security vendor would you rather choose if you were to ignore your current Return on Security Investment model ? The one telling you ...
Thursday, September 20, 2007

DIY Phishing Kit Goes 2.0

With the release of the second version of the DIY phishing kit that I covered in a previous post, next to commentary on another one and a ...