Wednesday, January 21, 2009

Exposing a Fraudulent Google AdWords Scheme

UPDATE: Conduit's Director of Strategic Marketing Hai Habot contacted me in regard to the campaign. Comment published at the bottom of ...
Monday, January 19, 2009

A Diverse Portfolio of Fake Security Software - Part Fourteen

The following currently active fake security software domains have been included within ongoing blackhat SEO campaigns, among the many other...

Embedding Malicious IFRAMEs Through Stolen FTP Accounts - Part Two

The practice of using stolen or data mined -- from a botnet's infected population -- FTP accounts is nothing new. In March, 2008, a tool...
Wednesday, January 14, 2009

Pro-Israeli (Pseudo) Cyber Warriors Want your Bandwidth

This summary is not available. Please click here to view the post.

Domains Serving Internet Explorer Zero Day in December

December, 2008 was marked by yet another widespread Koobface campaign , next to a massive SQL injection attack targeting Asian countries an...
Wednesday, January 07, 2009

Dissecting the Bogus LinkedIn Profiles Malware Campaign

Nice catch, in the sense that LinkedIn was among the very few social networking sites left untouched by cybercriminals in 2008. With Linked...
Tuesday, January 06, 2009

Summarizing Zero Day's Posts for December

The following is a brief summary of all of my posts at Zero Day for December, 2008. You can also go through previous summaries for November...

Squeezing the Cybercrime Ecosystem in 2009

How do you trigger a change that would ultimately affect the entire cybercrime ecosystem? Going full disclosure may be the most logical opti...

Squeezing the Cybecrime Ecosystem in 2009

How do you trigger a change that would ultimately affect the entire cybercrime ecosystem? Going full disclosure may be the most logical opti...
Wednesday, December 17, 2008

Cyber Jihadists part of the GIMF Busted

In one of those "better late than never" type of situations, last month members of the Global Islamic Media Front were busted in ...
Monday, December 15, 2008

Skype Phishing Pages Serving Exploits and Malware - Part Two

Dear malware spreader, here we meet again. It's been a while since I last wrote to you, half an year ago to be precise . Since I first m...

Localized Social Engineering on Demand

If I were to come across this service last year, I'd be very surprised. But coming across it in 2008 isn't surprising at all, and th...

Localized Social Engineering on Demand

If I were to come aross this service last year, I'd be very surprised. But coming across it in 2008 isn't surprising at all, and tha...
Thursday, December 11, 2008

Summarizing Zero Day's Posts for November

The following is a brief summary of all of my posts at Zero Day for November. You can also go through previous summaries for October , Sept...
Tuesday, December 09, 2008

The Koobface Gang Mixing Social Engineering Vectors

It's the Facebook message that came from one of your infected friends pointing you to an on purposely created bogus Bloglines blog servi...
Monday, December 08, 2008

Dissecting the Koobface Worm's December Campaign

The Koobface Facebook worm -- go through an assessment of a previous campaign -- is once again making its rounds across social networking...
Thursday, December 04, 2008

Zeus Crimeware as a Service Going Mainstream

Since 100% transparency doesn't exist in any given market no matter how networked and open its stakeholders are, Cybecrime-as-a-Service ...