인기 태그

피드 목록

• Advanced Persistent Threats: Should your panties be in a bunch, and how do you un-bunch them?

  Marketers are starting to abuse the APT (Advanced Persistent Threat) term but that doesn't dilute the true meaning of this adversary.

  • Adobe
  • ArbitraryCodeExecution
  • Botnets
  • ComplexAttacks
  • Datatheft
  • Exploitcode
  • Flash
  • Google
  • Governments
  • Hackers
  • Malware
  • Metasploit
  • PatchWatch
  • People'sRepublicofChina
  • Punditocracy
  • ReverseEngineering
  • Russia
  • Vulnerabilityresearch
  • Zero-dayattacks
  2010/03/12 07:00 Zero Day / Ryan Naraine

• Mar 9. CVE-2010-0188 PDF+ exploit demo. Formal invitation letter from sabrena66@yahoo.com.tw 2010-03-09

  2010/03/12 06:57 contagio / Mila

• Money Mule Recruiters on Yahoo!'s Web Hosting

  Just how dumb, or perhaps ingenious is a cybecriminal that would host his money mule recruitment operations using Yahoo!'s Web Hosting services? Is the reputable hosting location, worth the risk of having their campaigns taken down much easily than if there were hosting them on the bad reputation block, an...

  2010/03/12 03:48 Dancho Danchev's Blog - Mind Streams of Information Security Knowledge / dancho.danchev@gmail.com (Dancho Danchev)

• Troyak-AS De-peered for Good?

  The victory over dozens of Zeus botnets that was declared over the past couple of days may have been premature, as the Troyak-AS upstream provider that was de-peered from its upstream providers was busy finding new peers to the internet. Yet another check shows that the provider succeeded in regainin...

  2010/03/12 03:37 ThreatFire Research Blog / ThreatFire Blogger

• Spam and Phishing Landscape: March 2010

  In February, spammers continued to use the news of the earthquake in Haiti and the recent earthquake in Chile as another vector to utilize. Scam and phishing messages accounted for 19 percent of all spam in February, which is 2 percentage points lower than in January, but nevertheless an elevated leve...

  • EndpointProtection(AntiVirus)
  • OnlineFraud
  • Security
  • Spam
  • SecurityResponse
  2010/03/12 02:39 Symantec Security Response Blog / Eric Park

• Malicious Web Attack Using Executable With facebook.com in Name

  As we were working through URLs identified as suspicious due to our GTI technology, one of the URLs that presented itself was an average “.com” site that loaded a php. As we processed this – it was interesting to see that this php actually reached out to download a file that ended ...

  • Uncategorized
  • WebandInternetSafety
  2010/03/12 01:20 McAfee Avert Labs / Paula Greve

• The ultimate faceoff between password lists

  Yes, I'm still working on making the ultimate password list. And I don't mean the 16gb one I made by taking pretty much every word or word-looking string on the Internet when I was a kid; that was called ultimater dictionary. No; I mean one that is streamlined, sorted, and will make Nmap the brutefo...

  • Nmap
  • Passwords
  2010/03/12 00:51 SkullSecurity / Ron

• Is that a bot in your pocket? Or does it just look like one?

  Results from a research project titled MOBOTS: Pocketful of Pwnage, which was designed to show how easy it would be to create a large mobile botnet.

  • Apple
  • Botnets
  • Datatheft
  • Mobile(In)Security
  • Vulnerabilityresearch
  • iPhone
  2010/03/12 00:47 Zero Day / Ryan Naraine

• Backdoor.Sykipot At Work

  Following our blog, 0-Day attack on IE6: JS.Sykipot doesn’t spare retired software, covering the recent IE 0-day, we thought it might be interesting to look at an attack in the wild using this vulnerabili

  • EndpointProtection(AntiVirus)
  • Security
  • Sykipot
  • SecurityResponse
  2010/03/11 23:31 Symantec Security Response Blog / Symantec Security Response

• Zeus-related Botnet Servers Taken Offline

  We wrote about Zeus a while back, a nasty trojan which can evade detection by Anti-virus software and is ranked as the number 1 trojan infector by numbers. About a week ok a massive sting operation took down large parts of the Mariposa botnet in Spain and the USA and the latest news is large [...]...

  • Malware
  • Privacy
  • botnetsting
  • botnettakedown
  • botnets
  • ddos
  • dos
  • malware
  • mariposa
  • mariposabotnet
  • scansafe
  • trojans
  • troyak
  • TroyakISP
  • viruses
  • zeus
  • zeusbotnet
  • zeustrojan
  • zeuswatch
  2010/03/11 18:42 Darknet - The Darkside / Darknet

• New IE Zero-Day Exploit (CVE-2010-0806)

  Hot on the heels of this month’s security bulletin, a new vulnerability exploit surfaces with a malware in tow. The new zero-day vulnerability, as described in a previous post, prompted Microsoft to release Security Advisory (981374) while investigations are still underway. This Internet Explorer (IE...

  • Exploits
  • Vulnerabilities
  2010/03/11 17:07 TrendLabs | Malware Blog - by Trend Micro / Ria Rivera (Technical Communications)

• When too much is not enough too much.

  News has spread pretty quickly about the latest IE 0-day exploit (http://www.microsoft.com/technet/security/advisory/981374.mspx). Unfortunately, in trying to publicize the quality of his employer’s product in relation to this new exploit, according to Ryan Naraine (http:...

  2010/03/11 11:41 Kaspersky Lab Weblog / Josh Phillips

• A Special Offer From Our Sponsor

  2010/03/11 08:22 Zero Day /

• IE zero-day flaw leaks out; Exploit code published

  Using obvious clues from a McAfee blog post, an Israeli hacker was able to pinpoint the latest Internet Explorer zero-day vulnerability and create working exploit code

  • ArbitraryCodeExecution
  • Browsers
  • Datatheft
  • Exploitcode
  • Malware
  • Metasploit
  • Microsoft
  • PatchWatch
  • Responsibledisclosure
  • Vulnerabilityresearch
  • Zero-dayattacks
  2010/03/11 08:22 Zero Day / Ryan Naraine

• McAfee Labs Publishes ‘March Spam Report’

  McAfee Labs today published its March Spam Report. This month authors Adam Wosotowsky and Elan Winkler discuss a possible charity scam in France that takes advantage of sympathy for the victims of the Haitian earthquake, examine a “ham campaign” regarding events in Haiti, and look at another fraudu...

  • GeneralComputerSecurity
  • Scams
  • SpamandPhishing
  • WebandInternetSafety
  2010/03/11 07:23 McAfee Avert Labs / Dan Sommer

• Zero-Day attack on IE6 – JS.Sykipot Doesn’t Spare Retired Software

  Internet Explorer 6 may have taken its path to retirement but it still remains a good target for exploits, as we can see from JS.Sykipot.

  • EndpointProtection(AntiVirus)
  • MaliciousCode
  • Security
  • Vulnerabilities&Exploits
  • SecurityResponse
  2010/03/11 07:11 Symantec Security Response Blog / Andrea Lelli

• Freshly patched Adobe PDF flaw under 'active attack'

  Malicious hackers have pounced on a newly patched Adobe PDF Reader vulnerability to plant Trojan downloaders on tardy Windows users.

  • Adobe
  • ArbitraryCodeExecution
  • Botnets
  • Browsers
  • Datatheft
  • Malware
  • Microsoft
  • SpamandPhishing
  • VirusesandWorms
  • Vulnerabilityresearch
  2010/03/11 06:52 Zero Day / Ryan Naraine

• Microsoft Internet Explorer iepeers.dll use-after-free exploit (meta)

  A new Microsoft Internet Explorer 0day exploit has been found circulating in-the-wild. According to Microsoft, there are targeted attacks attempting to use this vulnerability. Microsoft published a security advisory for this vulnerability here: Microsoft Security Advisory (981374): Vulnerability in Inter...

  2010/03/11 06:22 Recognize-Security / Trancer

• Hackers can locate and exploit the Energizer USB charger backdoor

  Hackers using the freely available Metasploit tool can locate infected systems on the local network or gain access to a system running the Energizer backdoor.

  • ArbitraryCodeExecution
  • Botnets
  • Datatheft
  • LocallyRunningWebServers
  • Malware
  • Metasploit
  • Pentesting
  • Responsibledisclosure
  • Vulnerabilityresearch
  2010/03/11 06:21 Zero Day / Ryan Naraine

• New Twitter Feature Looks For Malicious URLs

  Meanwhile, one in eight Twitter accounts is either malicious, suspicious, or suspended, according to a new report from Barracuda Networks

  2010/03/11 04:53 DarkReading - All Stories /