Sunday, November 18, 2007

The "New Media" Malware Gang

Since Possibility Media's Malware Fiasco , I've been successfully tracking the group behind the malware embedded attack at each and ...

But of Course I'm Infected With Spyware

Remember those old school fake hard drive erasers where a status bar that's basically doing a directory listing is shown, and HDD activi...
Friday, November 16, 2007

Lonely Polina's Secret

Just as I've been monitoring lots of spam that's using Geocities redirectors , yesterday Nicholas posted some details on a malware c...
Thursday, November 15, 2007

First Person Shooter Anti-Malware Game

Just when you think you've seen everything "evil marketers" can come up to both, consciously and subconsciously influence your...

Cyber Jihadist Blogs Switching Locations Again

Having had their blogs removed from Wordpress in a coordinated shutdown operation courtesy of the wisdom of the anti cyber jihadist crowd , ...
Wednesday, November 14, 2007

Popular Spammers Strategies and Tactics

It's been a while since I last participated with an article for WindowSecurity.com , so here it goes - Popular Spammers Strategies and T...

Electronic Jihad's Targets List

Despite the fact that the Electronic Jihad 3.0 campaign was a futile attempt right from the very beginning, given the domains that were sup...

Scammy Ecosystem

In this example of a scammy ecosystem, you have a single IP ( 88.255.90.50 ) hosting the now, retro WebAttacker exploitation kit ( inn2comi...
Monday, November 12, 2007

Teaching Cyber Jihadists How to Hack

Yet another indication of the emerging trend of building a knowledge-driven cyber jihadist community, are such online archives with localize...

p0rn.gov - The Ongoing Blackhat SEO Operation

Want pr0n? Try .gov domains in general, ones that have been getting the attention of blackhat SEO-ers for a while, just like the most recen...

Targeted Spamming of Bankers Malware

This particular incident is interesting mostly because we have a good example that once a site gets compromised the potential for abusing t...
Friday, November 09, 2007

Yet Another Malware Outbreak Monitor

Such early warning security events systems always come as handy research tools for security analysts and reporters, and it's great to s...
Thursday, November 08, 2007

Go to Sleep, Go to Sleep my Little RBN

Yesterday, Paul Ferguson tipped me on the sudden disappearance of the Russian Business Network . And just like babies have different unde...
Wednesday, November 07, 2007

Electronic Jihad v3.0 - What Cyber Jihad Isn't

It's intergalactic security statements like these that provoked me to do my most insightful research into the topic of what is cyber ji...
Tuesday, November 06, 2007

I See Alive IFRAMEs Everywhere

During the weekend, the entire Newsland.ru which is among the most popular Russian news portals, was marked as as "this site may harm ...
Monday, November 05, 2007

Overperforming Turkish Hacktivists

Last month's Turkish/Sweden hacktivism tensions surprised me mainly because the Swedes responded to the defacements in an entirely dif...

Rebranding a Security Vendor

Rebranding by itself is a tricky process, which if not coordinated at all levels of the enterprise could result in severe channel conflicts ...
Saturday, November 03, 2007

Managed Fast-Flux Provider

Vertical integration in the spamming market means you don't just provide potential customers lists in the form of harvested emails, the ...

Detecting and Blocking the Russian Business Network

Bleeding Edge Threats recently announced the release of some very handy RBN blocking/detecting rulesets : " Call these hosts what yo...
Friday, November 02, 2007

Metaphisher Malware Kit Spotted in the Wild

Such crimeware botnet C&Cs entirely encompassing of banker trojans infected PCs can depress every financial institution's PR depart...