Thursday, November 29, 2007

Malware Serving Online Casinos

Don't play poker on an infected table part two. The following three online casinos are currently serving embedded malware in the form o...
Wednesday, November 28, 2007

66.1 Host Locked

Having found a static pattern for identifying a Rock Phish domain a couple of months ago in the form of the bogus " 209 Host Locked ...

Which CAPTCHA Do You Want to Decode Today?

Once you anticipate your success, you logically start putting more efforts into achieving a decent level of efficiency in the process of bre...
Tuesday, November 27, 2007

A TrustedSource for Threats Intell Data

Following the series of posts on early warning security events systems , Secure Computing have just announced a major upgrade of their thr...

Are You Botnet-ing With Me?

Informative and recently released study by ENISA on the problem of botnets , especially the emphasis on how client side vulnerabilities sur...

I See Alive IFRAMEs Everywhere - Part Two

The never ending IFRAME-ing of relatively popular or niche domains whose popularity is attracting loyal and well segmented audience, never e...
Monday, November 26, 2007

But Malware is Prone to be Profitable

Read this a couple of times , than read it several more times, and repeat. It's usually "powerful stuff" that prompts such con...

Exposing the Russian Business Network

It was about time someone comes up with an in-depth study summarizing all of the Russian Business Network's activities, as for me person...
Friday, November 23, 2007

The State of Typosquatting - 2007

The recently released " What’s In A Name: The State of Typo-Squatting 2007 " is a very in-depth and well segmented study into the ...
Wednesday, November 21, 2007

A Botnet of Infected Terrorists?

Redefining malware to minimize the negative public outbreak by renaming it to Remote Forensic Software, now that's a evil marketing depa...

Mass Defacement by Turkish Hacktivists

At first it appeared that it was just the official site of Goa's DoIP , that's been defaced by Turkish defacers , but looking furthe...
Tuesday, November 20, 2007

Large Scale MySpace Phishing Attack

In need of a "creative phishing campaign of the year"? Try this, perhaps the largest phishing attack spoofing MySpace and collecti...
Sunday, November 18, 2007

The "New Media" Malware Gang

Since Possibility Media's Malware Fiasco , I've been successfully tracking the group behind the malware embedded attack at each and ...

But of Course I'm Infected With Spyware

Remember those old school fake hard drive erasers where a status bar that's basically doing a directory listing is shown, and HDD activi...
Friday, November 16, 2007

Lonely Polina's Secret

Just as I've been monitoring lots of spam that's using Geocities redirectors , yesterday Nicholas posted some details on a malware c...
Thursday, November 15, 2007

First Person Shooter Anti-Malware Game

Just when you think you've seen everything "evil marketers" can come up to both, consciously and subconsciously influence your...

Cyber Jihadist Blogs Switching Locations Again

Having had their blogs removed from Wordpress in a coordinated shutdown operation courtesy of the wisdom of the anti cyber jihadist crowd , ...
Wednesday, November 14, 2007

Popular Spammers Strategies and Tactics

It's been a while since I last participated with an article for WindowSecurity.com , so here it goes - Popular Spammers Strategies and T...

Electronic Jihad's Targets List

Despite the fact that the Electronic Jihad 3.0 campaign was a futile attempt right from the very beginning, given the domains that were sup...

Scammy Ecosystem

In this example of a scammy ecosystem, you have a single IP ( 88.255.90.50 ) hosting the now, retro WebAttacker exploitation kit ( inn2comi...