OK – for starters, the keylogger that sunbelt talks about here is a legitimate piece of software for sale. Like anything though it could have illegit uses. Apparently retrocoder is upset that Sunbelt’s software detects spymon and gives the option of disabling it. Spymon is a commercial keylogger. They’ve claimed that it’s against their EULA and copyright law to “reverse engineer” their product. More specifically they’ve complained as such….
Category: Security
-
Linux network worm…
There is a linux network worm (virus) in the wild, which I’ve mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple years….) Myth #1) linux doesn’t get viruses…. bull, this current worm is proof. Myth #2) if linux had bigger market share there would be tons of linux viruses – Maybe, but remember that much of the internet’s backbone runs on linux (all the machines at my providers webhosting company and indeed MANY others)
-
Macromedia flash player vulnerability
A severe security vulnerability has been found in versions of the Flash Player prior to 7.0.19.0 Many sites require flash player in order to view various features on the site (depending on the site this ranges from commercials to the site navigation.) A specially crafted swf file on a remote website could allow the attacker to run arbitrary code (anything they want) on the local machine. In other words this could be an avenue for viral/spyware infection or trojan activity.
-
XML-RPC for PHP vulnerability attack attempts
Incidents.org is reporting on attacks against a recent XML-RPC vulnerability in PHP. This would affect users of PostNuke, Drupal, b2evolution, Xoops, WordPress, PHPGroupWare and TikiWiki. As far as I know there are fixes for each of these in the most recent versions of the software.
-
Botnets and spyare
“It outta be illegal” is the first thing I usually hear as I start the long process of sanitizing a spyware infested windows machine. The fact is some parts of it ARE, some are just ethically questionable. The area that’s against the law is the part that involves tacking control of someone elses computer without their permission, either manually or in an automated way (exploiting a vulnerability to install a trojan or bot.) Today Brian Krebs is reporting on The connection between botnets and spyware at the securityfix.
-
Microsoft Updates for October and bugs on the loose
Well, it’s been a bit since a post here, but if you haven’t already patch your systems with Microsoft update, as new updates were released yesterday. Incidents.org is reporting rumors of bugs in the wild. Everyone KNOWS the window between vulnerability and exploit is getting shorter and shorter, so if you have a windows system go forth and patch….
-
Another critical IE vulnerability
Say it ain’t so…. yet another security vulnerability was discovered in Internet Explorer. Users are advised to use alternative browsers (firefox, opera, netscape.) At this point it doesn’t look to be actively exploited, it can at least crash IE, but at worst allow a vulnerable system to be controlled remotely….
-
More on the Zotob/Mytob identity theft ring
The Security Fix has reported on the unraveling of a ring of identity theives after the arrests of the writers of the zotob and mytob worms. Apparently they have leads on about a dozen different people following the arrests last week of the suspected virus writers.
-
Adware, spam, bots, keyloggers, 180solutions, etc. etc. etc. oh my…
Spyware Confidential has an article and there are more details at the spyware warrior. Of a particularly bad spyware infestation triggered by the visit to ONE web site.
-
A virus writer talks….
Along the lines of “Wishlist of Spyware Slime” that I referred to last week, it appears there’s a chat transcript out from before the arrest of the suspected writer of the mytob and zotob worms. The security fix has the details.