SQL Injection Worm on the Loose

Wednesday, May 7th, 2008

A loyal ISC reader, Rob, wrote in to point us at what looks to be a SQL Injection worm that is on the loose.  From a quick google search it shows that there are about 4,000 websites infected and that this worm started at least mid-April if not earlier.  Right ...

Malicious hardware may be next hacker tool

Thursday, May 1st, 2008

As if computer viruses and worms aren't enough of a nuisance, malicious hardware, which will be much more difficult to detect, could soon become a threat too. Today, computer viruses, which are programs downloaded either as an email attachment or when someone visits a website, are responsible for most computer attacks. ...

‘Long-Term’ Phishing Attack Underway

Monday, April 28th, 2008

The notorious Rock Phish gang has added a new twist to its phishing exploits that doesn’t require its victim to visit a malicious Website -- instead, it just loads a malicious keylogging Trojan onto the victim’s machine that steals information or credentials. Both Trend Microand F-Secure over the past few days ...

A Look at a Bank Worm

Wednesday, April 23rd, 2008

Malware authors will often have their files display something to the user so that they actually believe the file is legitimate. Many of us have experienced such tricks, including fake errors stating that a specific file could not be found or that the application failed to load properly. Today we ...

Reverse-Engineering Exploits from Patches

Wednesday, April 23rd, 2008

The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P', automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P'. In this paper, we propose techniques for automatic patch-based exploit generation, and show that our ...