Thursday, January 10, 2008

Malware Serving Exploits Embedded Sites as Usual

The combination of the recent RealPlayer exploit and MDAC is a fad, but the very same is getting embraced in the short-term by malicious p...
Tuesday, January 08, 2008

The Invisible Blackhat SEO Campaign

Count this as a historical example of a blackhat SEO campaign, and despite that "Fresh Afield's" blog ( blogs.mdc.mo.gov ) is ...
Monday, January 07, 2008

MySpace Phishers Now Targeting Facebook

The "campaigners" behind the MySpace phishing attack which I briefly assessed in previous posts seem to have started targeting F...

Massive RealPlayer Exploit Embedded Attack

This malware embedded attack is massive and ugly, what's most disturbing about it is the number of sites affected, which speaks for coo...
Friday, December 28, 2007

The New Media Malware Gang - Part Two

This summary is not available. Please click here to view the post.

Riders on the Storm Worm

During the last couple of days the folks behind Storm Worm have started using several new, and highly descriptive domains. It seems they...
Monday, December 24, 2007

Spreading Malware Around the Christmas Tree

Stormy Wormy is back in the game on the top of Xmas eve, enticing the end users with a special Xmas strip show for those who dare to downloa...

Pinch Variant Embedded Within RussianNews.ru

This is a perfect and currently live example demonstrating how a once compromised site can also be used as a web dropper compared to the def...
Thursday, December 20, 2007

ClubHack 2007 - Papers and Presentations

Informative presentations and papers from ClubHack 2007- India's premier security event : " ClubHack is one of its kind hackers...

Russia's FSB vs Cybercrime

In what looks like a populist move from my perspective, the FSB , the successor of the KGB, have "Pinch-ED" the authors of the DIY...
Wednesday, December 19, 2007

Pushdo - Web Based Malware as Usual

Interesting assessment , especially the explanation of the GET variables, however, such descriptive use of POST variables to a malware's...
Monday, December 17, 2007

Cyber Jihadist Hacking Teams

These groups and fractions of religiously brainwashed IT enthusiasts utilizing outdated ping and HTTP GET flooding attack tools, represent t...
Sunday, December 16, 2007

Cached Malware Embedded Sites

Google, with its almost real-time crawling capabilities, has rarely proved useful while researching malware embedded sites who were cleaned ...
Saturday, December 15, 2007

Have Your Malware In a Timely Fashion

Keep your allies close, the human right violators closer. French officials have been receiving lots of criticism by human rights groups reg...
Wednesday, December 12, 2007

Combating Unrestricted Warfare

It's February, 1999, and two senior colonels from China's PLA, namely Qiao Liang and Wang Xiangsui depressed the world's militar...

Phishing Metamorphosis in 2007 - Trends and Developments

WindowSecurity.com have just published my second article entitled " Phishing Metamorphosis in 2007 - Trends and Developments " : ...
Tuesday, December 11, 2007

Update on the MySpace Phishing Campaign

It seems that the parties behind the Large Scale MySpace Phishing Attack which I covered in a previous post, have recently changed the main...
Monday, December 10, 2007

Inside the Chinese Underground Economy

Here's a very detailed , and recently released event-study on Malicious Websites and Underground Economy on the Chinese Web , and this ...

Phishers, Spammers, and Malware Authors Clearly Consolidating

In a recent article entitled " Popular Spammers Strategies and Tactics " I emphasized on the consolidation that's been going o...

The Shark Malware - New Version's Coming

Remember Shark, the DIY malware pitched as a Remote Administration Tool (RAT) , whose publicity among script kiddies, and the press given t...