Archive for the 'Viruses' Category


Bad malware storms brewing

Thursday, June 8th, 2006

ADTMAG.com has an interesting article talking of the convergance of spyware and more sophisticated phishing attacks. They talk about the convergance of viruses and spam engines that happened in 2003 as a real shift in the dynamic of WHERE junk mail was coming from. Today botnets account for about 90% of the spam online, and […]

Big trouble – you don’t have any viruses….

Thursday, June 8th, 2006

You know, I’ve seen soooo many antivirus vendors that are somewhat ethically challanged claim that cookie files are a big threat, or in worse cases files that the “free” antivirus test downloaded are dangerous “you should be glad we got here in time – where’s our $30 to fix things…” kind of message, but from […]

New malware sightings

Thursday, June 8th, 2006

Incidents.org had an entry in the last couple days on a malware infestation that was interesting and showed a couple things. 1) You can’t bet on antivirus to keep you safe (the initial installer was not detected by most AV vendors – suspicious by 1.) (If you think about it, this makes perfect sense – […]

Circuit City Support forum serving up trojan….

Thursday, June 1st, 2006

Embarrasing…. and a big pain in the neck for any of their visitors… It seems as though if you’ve visited Circuit City’s Support Forum with an unpatched Internet Explorer, you likely have a trojan/backdoor of some sort on your pc. (Assuming Explorer hasn’t been patched since January. In reality – if you haven’t updated explorer […]

Symantec Antivirus Remotely Exploitable Vulnerability

Friday, May 26th, 2006

This is bad – whose defending the defender? eEye security has a bulletin announced that regards a remotely exploitable vulnerability in Symantec Antivirus 10.x and Symantec Client Security 3.x They say other versions MAY be vulnerable they’re waiting for information from Symantec. Now, Symantec is probably the biggest selling antivirus package out there. It looks […]

Zero-day ( 0-day) Microsoft Word exploit

Friday, May 19th, 2006

There was some news on this last night at Incidents.org, today F-secure has some details as well on the trojan that’s dropped in this circulating, exploit. It seems as though the initial attack was very targetted against a specific organization. Antivirus packages did not recognize the trojan that the exploit file dropped as of yesterday, […]

Nugache the latest in bot-net technology… and why you should care about botnets…

Wednesday, May 17th, 2006

To show you where the threat with bot networks is going there’s a story today on Nugache (Symantec summary) which is a bot that takes advantage of a number of clever tricks to avoid having the whole bot net shut down, allow command and control on an encrypted channel and essentially have no “human readable […]

Multi-OS virus?

Saturday, April 8th, 2006

The multi-OS virus may be a proof of concept, but it could be a sign of bad things to come. Let’s face it, there have been viruses that have taken advantage of multiple ways of spreading (email/open network shares/instant messengers…) It would almost make sense that even though it’s POC…. it may be quickly incorporated […]

The Blackworm, Nyxem, KamaSutra Worm…

Wednesday, January 25th, 2006

Lot’s of news following up on the Nyxem worm in the last few days. It’s currently going under a number of names, the Kama Sutra Worm, Blackworm are some of the more common names. Sans has a page for information on the worm here. Microsoft has detailed manual removal instructions. The counter that logs the […]

A Deeper look at Nyxem

Monday, January 23rd, 2006

First I should raise an alarm of warning on this one, this virus is supposed to overwrite all accessible document files (network shares too) on the 3rd of the month, so February 3rd we may be seeing some problems. Don’t wait until then to make sure you have current antivirus definitions. The Nyxem virus though […]

Google
 
Web www.averyjparker.com