Monday, July 14, 2008

Malware and Office Documents Joining Forces

Common office files as documents, presentations, spreadsheets and PDF files, are the most widely abused ones in targeted attacks, which when...

Monetizing Compromised Web Sites

Despite that pure patriotic hacktivism is still alive and kicking, compromised sites are largely getting monetized these days, starting fro...
Friday, July 11, 2008

Violating OPSEC for Increasing the Probability of Malware Infection

Are malware authors and the rest of the participants in fact willing to violate their OPSEC (operational security) for the sake of increasin...
Thursday, July 10, 2008

The Template-ization of Malware Serving Sites

Just like web malware exploitation kits and phishing pages turned into a commodity underground good , allowing easy localization to diffe...
Wednesday, July 09, 2008

Mobile Malware Scam iSexPlayer Wants Your Money

A bogus media player ( iSexPlayer.jar ) targeting Symbian S60 3rd edition devices according to several affected parties, is currently being ...

Storm Worm's U.S Invasion of Iran Campaign

The Storm Worm-ers are keeping themselves busy, with two campaigns in less than a week, following the latest on the 4th of July . Now, they ...
Tuesday, July 08, 2008

Fake Porn Sites Serving Malware - Part Two

This summary is not available. Please click here to view the post.
Monday, July 07, 2008

The Risks of Outdated Situational Awareness

It's been two months since I analyzed the proprietary email and personal information harvesting tool targeting major career web sites -...

The ICANN Responds to the DNS Hijacking, Its Blog Under Attack

Last week, the ICANN has issued an official statement regarding last month's DNS hijackings of some of their domains : " The DNS r...

Lithuania Attacked by Russian Hacktivists, 300 Sites Defaced

Last week's mass defacement of over 300 Lithuanian sites hosted on the same ISP, an upcoming attack that was largely anticipated due to...
Friday, July 04, 2008

The Antivirus Industry in 2008

The folks at Ikarus Security Software seem to have enjoyed drinking of the truth serum , to come up with such a realistic retrospective of ...
Thursday, July 03, 2008

Gmail, Yahoo and Hotmail’s CAPTCHA Broken

It's one thing to start efficiently registering thousands of email accounts at reputable email providers by automatically breaking their...
Wednesday, July 02, 2008

Chinese Bloggers Bypassing Censorship by Blogging Backward

With China trying to silence over 30,000 rioters during the weekend, by deleting forum postings and deactivating accounts mentioning the rio...
Tuesday, July 01, 2008

Decrypting and Restoring GPcode Encrypted Files

The futile attempt to directly attack the encryption algorithm used by the GPcode ransomware, is prompting Kaspersky Labs to invest in a mor...

Summarizing June's Threatscape

June's threatscape that I'll summarize in this post based on all the research conducted during the month, was a very vibrant one. Wi...
Monday, June 30, 2008

The Malicious ISPs You Rarely See in Any Report

The recently released badware report entitled “ May 2008 Badware Websites Report " lists several Chinese netblocks tolerating maliciou...
Friday, June 27, 2008

ICANN and IANA's Domain Names Hijacked by the NetDevilz Hacking Group

The official domains of ICANN , the Internet Corporation for Assigned Names and Numbers, and IANA , the Internet Assigned Numbers Authority ...