Wednesday, May 7th, 2008
A loyal ISC reader, Rob, wrote in to point us at what looks to be a SQL Injection worm that is on the loose. From a quick google search it shows that there are about 4,000 websites infected and that this worm started at least mid-April if not earlier. Right ...
Posted in Coding, Internet, Privacy, Security | No Comments
Thursday, May 1st, 2008
As if computer viruses and worms aren't enough of a nuisance, malicious hardware, which will be much more difficult to detect, could soon become a threat too.
Today, computer viruses, which are programs downloaded either as an email attachment or when someone visits a website, are responsible for most computer attacks. ...
Posted in Hardware, Internet, Privacy, Security | No Comments
Monday, April 28th, 2008
The notorious Rock Phish gang has added a new twist to its phishing exploits that doesn’t require its victim to visit a malicious Website -- instead, it just loads a malicious keylogging Trojan onto the victim’s machine that steals information or credentials.
Both Trend Microand F-Secure over the past few days ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, April 23rd, 2008
Malware authors will often have their files display something to the user so that they actually believe the file is legitimate. Many of us have experienced such tricks, including fake errors stating that a specific file could not be found or that the application failed to load properly. Today we ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, April 23rd, 2008
The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P', automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P'. In this paper, we propose techniques for automatic patch-based exploit generation, and show that our ...
Posted in Coding, Linux, Security, Windows | No Comments
Wednesday, April 23rd, 2008
The number of online threats will have grown tenfold by the end of 2007, according to researchers at anti-malware firm Kaspersky.
Kaspersky analysts said at Infosec Europe 2008 that new malicious programs recorded on the internet, including viruses, worms and Trojans, amounted to 2.2 million in 2007, representing a fourfold increase ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, April 23rd, 2008
Our columnist shows you how to get rid of spyware, shrug off spam, and stay safe on unsecured public networks.
Viruses, spyware, and worms. Oh, my!
We all know the dangers inherent in accessing the Internet, and we all take precautions. Yet our PCs still occasionally get infected because we can't know ...
Posted in Internet, Privacy, Security | No Comments
Monday, April 21st, 2008
Almost everyone knows what CSRF or better unauthorized requests are. I never really embraced CSRF as the correct term for unauthorized request issues, because the term is outdated and inadequate to contemporary hacking. For me, an unauthorized request is the layer or automation of a hacking procedure without direct interference ...
Posted in Internet, Privacy, Security | No Comments
Friday, April 18th, 2008
A bot is a computer program installed on a compromised machine which offers an attacker a remote control mechanism. Botnets, i.e., networks of such bots under a common control infrastructure, pose a severe threat to today’s Internet: Botnets are commonly used for Distributed Denial-of-Service (DDoS) attacks, sending of spam, or ...
Posted in Internet, Privacy, Security | No Comments
Monday, April 7th, 2008
Storm has once again turned its eye to the blogging community, specifically the Blogspot.com community.
Several blogger sites with random or very quirky names have been sporting a love theme, Storm style. These sites appear to have been created solely for Storm's purposes and no legitimate blogger site has of yet ...
Posted in Coding, Internet, Privacy, Security | No Comments
