Wednesday, May 14, 2008

A Botnet of U.S Military Hosts

Building DDoS bandwidth capacity for offensive cyber warfare operations may seem rational, but this departamental cyber warfare approach wo...
Tuesday, May 13, 2008

The FirePack Exploitation Kit Localized to Chinese

The process of localizing open source malware, as well as publicly obtainable web malware explotation kits is continuing to receive the atte...
Monday, May 12, 2008

Major Career Web Sites Hit by Spammers Attack

What is the future of spamming next to managed spamming appliances , like the ones already offered for use on demand? It’s targeted spamming...

Custom DDoS Attacks Within Popular Malware Diversifying

One of the many Chinese script kiddies' favorite malware tools has been recently updated with several other DDoS attack capabilities bui...

Stealing Sensitive Databases Online - the SQL Style

In a perfect world from a malicious SQL-ers perspective, mom and pop E-shops filling market niches and generating modest but noticeable reve...
Friday, May 09, 2008

Skype Phishing Pages Serving Exploits and Malware

"Please, don't update your account information", at least not on recently spammed phishing pages which will not only aim at ob...
Thursday, May 08, 2008

A Chinese DIY Multi-Feature Malware

What is the current state of the Chinese IT Underground ? Are its participants copycats who just localize successful malware kits , and port...
Wednesday, May 07, 2008

Blackhat SEO Campaign at The Millennium Challenge Corporation

Among the very latest victims of a successful blackhat SEO campaign that has managed to inject and locally host 1,370 pharmaceutical pages, ...

Harvesting YouTube Usernames for Spamming

With a recently distributed database of several thousand YouTube user names, spammers continue trying to demonstrate their interest in estab...
Tuesday, May 06, 2008

Ethical Phishing to Evaluate Phishing Awareness

What is the most efficient and cost-effective way of both, measuring your employees awareness of phishing threats, and building awareness of...
Monday, May 05, 2008

MySpace Hosting MySpace Phishing Profiles

The ongoing arms race between phishers and social networking sites, is a great example of how malicious parties continue to be a step ahead ...
Friday, May 02, 2008

Segmenting and Localizing Spam Campaigns

One-to-many or one-to-one communication channel? That's the questions from a spammer's perspective. Given that spammers have long em...

Testing Signature-based Antivirus Products Contest

This is both interesting, yet irrelevant and outdated as well : " The Race to Zero contest is being held during Defcon 16 at the Rivie...
Wednesday, April 30, 2008

Detection Rates for Malware in the Wild

Yet another Early Warning Security Event System has been made available to the public, earlier this month. The Malware Threat Center is cu...

Fake Directory Listings Acquiring Traffic to Serve Malware

Malicious parties are known to deliver what the unsuspecting and unaware end user is searching for, by persistently innovating at the infect...

Response Rate for an IM Malware Attack

Remember the MSN Spamming Bot in action ? Consider this screenshot not just as a real-example of IM spamming in action, but also, pay attent...
Tuesday, April 29, 2008

New DIY Malware in the Wild

Yet another do-it-yourself malware is getting pitched as one with low detection rate due to its proprietary nature , following the logic tha...
Monday, April 28, 2008

DIY Exploit Embedding Tool - A Proprietary Release

Remember the reprospective on DIY exploit embedding tools , those cybercrime 1.0 point'n'click exploits serving generators? Despite ...

Web Site Defacement Groups Going Phishing

Following a recent post commenting on changing phishing tactics , more evidence of web site defacement groups' vertical integration in t...
Sunday, April 27, 2008

The FirePack Exploitation Kit - Part Two

Has the web malware exploitations kits cash bubble popped already? A recently released, yet another proprietary version of the Firepack malw...