Sunday, July 27th, 2008 Chinese hackers are sending out malware masquerading as the Trend Micro Virus Clean Tool, according to Trend. The example in the linked Trend blog is in Chinese, so perhaps the threat is only real in China (and Taiwan). But the example is instructive.The threat arrives as an e-mail which looks ...
Posted in Internet, Privacy, Security, Software | No Comments
Saturday, July 5th, 2008 As predicted, hackers tried to trick users into downloading the Storm bot Trojan Friday by unleashing a flood of Fourth of July spam bearing links to malicious sites, several security companies reported.The spam campaign, anticipated earlier in the week by MX Logic Inc., used messages with subject headings ranging from ...
Posted in Internet, Security, Software | No Comments
Tuesday, June 24th, 2008 The MSRC released an advisory today that discusses the recent SQL injection attacks and announces three new tools to help identify and block these types of vulnerabilities. The advisory discusses the new tools, the purpose of each, and the way each complements the others. The goal of this blog post is ...
Posted in Coding, Internet, Security, Software | No Comments
Tuesday, June 3rd, 2008 For a while now I’ve been using different web browsers to compartmentalize my risk. Most of my primary browsing is in one browser, but I use another for potentially risky activities I want to isolate more. Running different browsers for different sessions isolates certain types of attacks. For example, unless ...
Posted in General BS, Internet, Linux, Privacy, Security, Software | No Comments
Monday, June 2nd, 2008 Yesterday's post discussed a mystery PDF file that was boopytrapped to drop a backdoor.Today we'll look at how these documents are created.Here's an example of a tool called Y08-04 aka GenMDB.When run, it displays this user interface:The apparent purpose of this tool is to create trojanized PDF files. You select ...
Posted in Coding, Internet, Security, Software | No Comments
