2 month ago
deusx : MAKE: Blog: Malware bots as papercraft - "These are fun, paper craft malware bots from Symantec to educate folks on PC viri/bad software"
# copy
6 month ago
nelson : Major browser exploit - I know two people whose WoW accounts were stolen recently; this javascript attack may be how
# copy
11 month ago
wearehugh : Hacker Economics 1: Malware as a Service - CIO.com - Business Technology Leadership
# copy
11 month ago
nelson : Storm superworm - The other way to build a supercomputer
Rod Begbie : Gathering 'Storm' Superworm Poses Grave Threat to PC Nets - Analysis of the "Storm" worm. Cunningly designed to be as undetectable as possible, it's a frightening vision of what modern malware can be. [via] #
# copy
15 month ago
deusx : Substitute teacher's conviction for porn popups set aside | The Register - "Julie Amero, the substitute teacher convicted of four felony counts when a computer in her classroom subjected seventh-graders to pornographic images, has been granted a new trial in light of fresh forensic information that came to light following h
# copy
23 month ago
plasticbag : Google has built in Malware warnings! - Was looking for the official site for GECompanion, opened a bunch of windows and found this among them. It's a pretty smart thing for them to be doing...
# copy
30 month ago
gleuschk : what is that file? - excellent resource to point family at
# copy
32 month ago
kayodeok : Malicious Malware: attacking the attackers, part 2 - Now in part two we finish the discussion by looking at how to own a malicious attacker's precious resources, which he planned to use against us, and then use these resources as a stepping stone to fully achieve our goals
# copy
32 month ago
kayodeok : Malicious Malware: attacking the attackers, part 1 - This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discuss
# copy
32 month ago
kayodeok : Implementing and Detecting an ACPI BIOS Rootkit - Why target the BIOS?: (1). Survives Reboots and Power Cycles. (2). Leaves no trace on disk (3). Survives and reinfects installations of same OS (4). Survives and reinfects installations of new OS (5). Hard to detect (6). Hard to remove
# copy
32 month ago
kayodeok : Researchers: Rootkits headed for BIOS - Insider attacks and industrial espionage could become more stealthy by hiding malicious code in the core system functions available in a motherboard's flash memory, researchers said on Wednesday at the Black Hat Federal conference
# copy
32 month ago
kayodeok : StopBadware.org: Regaining Control of Our Computers - Badware is a term we use to encompass the broad range of malicious software that is sneaking onto people's computers, including spyware and deceptive adware. It can subvert your computer for the benefit for a third party, frustrate you with unwanted adver
# copy
32 month ago
kayodeok : Mark's Sysinternals Blog: Inside the WMF Backdoor - In my opinion the backdoor is one caused by a security flaw and not one made for subterfuge. I sent my findings to both Steve and to Microsoft Monday morning, but because the issue continues to draw media attention I’ve decided to publicly document
# copy32 month ago
kayodeok : Rootkits in Commercial Software - Microsoft was faced with a predicament very similar to Symantec’s when they implemented Windows XP System Restore. Instead of cloaking the directory that stores restore points they create a directory in the root of each volume named System Volume I
# copy
32 month ago
kayodeok : Looking at the WMF issue, how did it get there? - This was a different time in the security landscape and these metafile records were all completely trusted by the OS. To recap, when it was introduced, the SetAbortProc functionality served an important function
# copy
32 month ago
kayodeok : The Windows MetaFile Backdoor? - (The Windows MetaFile ) has the feeling of something that Microsoft deliberately designed into Windows. Given the nature of what it is, this would make it a remote code execution "backdoor."
# copy
33 month ago
kayodeok : Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919) - Patching Time!
# copy
33 month ago
kayodeok : BREAKING NEWS! Microsoft's OFFICIAL SECURITY UPDATE leaked onto the Internet early (and it works great!) - The updated GDI32.DLL file contained in this patch, was built in the evening of December 28th, LAST WEDNESDAY. It is clear that Microsoft jumped on this problem - and had it resolved - almost immediately. But the nature of the installed base of Windows sy
# copy
33 month ago
kayodeok : A Naive User's Guide to Running Windows More Securely - OSNews.com - A Naive User's Guide to Running Windows More Securely
# copy
33 month ago
kayodeok : Microsoft Security Advisory (912920): Systems that are infected with Win32/Sober.Z@mm may download and run malicious files from certain Web domains beginning on January 6, 2006 - On systems that are infected by Win32/Sober.Z@mm, the malware is programmed to download and run malicious files from certain Web domains beginning on January 6, 2006.
# copy
33 month ago
kayodeok : Microsoft Statement Concerning Windows Meta File Vulnerability - Microsoft has completed development of a security update to fix the vulnerability and is now testing it for quality and application compatibility, with a goal of releasing the fix worldwide on Jan. 10
# copy
33 month ago
kayodeok : Jesper's Blog : Conscientious Risk Management and WMF - Conscientious Risk Management and WMF
# copy
33 month ago
kayodeok : The PC Doctor: WMF exploit - Quick Guide - WMF exploit - Quick Guide
# copy
33 month ago
kayodeok : SANS - Internet Storm Center - Updated version of Ilfak Guilfanov's patch - Ilfak Guilfanov has released an updated version of his unofficial patch for the Window's WMF issue. We have reverse engineered, reviewed, and vetted the version here
# copy
