Bots Use SQL Injection Tool in New Web Attack

Wednesday, May 14th, 2008

A little-known botnet has put a different spin on the recent wave of SQL injection attacks on thousands of Websites: It’s outfitting its bots with its own tool to launch SQL injection attacks on vulnerable sites. The Asprox botnet, a relatively small botnet known mainly for sending phishing emails, has been ...

New Tests Show Rootkits Still Evade AV

Tuesday, May 13th, 2008

Rootkits are still a security scanner’s worst nightmare: New rootkit detection tests recently conducted by AV-Test.org found that security suites and online Web scanners detected overall only a little more than half of rootkits. AV-Test.org, an indie security test organization based in Germany, ran two rootkit tests last month, one on ...

Music Unleashes the Malware Beast

Monday, May 12th, 2008

This definitely won’t be music to the ears of music aficionados who acquire their MP3s from peer-to-peer (P2P) networks, but it’s definitely not something they haven’t heard of either. A host of adware under the guise of media files on P2P networks have been reportedly raking up numbers of victims on ...

Firefox Plugin Shipped With Malicious Code

Wednesday, May 7th, 2008

Mozilla warned Wednesday that a malicious program inserted adware code into a Firefox plugin that has been downloaded thousands of times over the past three months. Because of a virus infection, the Vietnamese language pack for Firefox 2 was polluted with adware, Mozilla security chief Window Snyder said in a blog ...

SQL Injection Worm on the Loose

Wednesday, May 7th, 2008

A loyal ISC reader, Rob, wrote in to point us at what looks to be a SQL Injection worm that is on the loose.  From a quick google search it shows that there are about 4,000 websites infected and that this worm started at least mid-April if not earlier.  Right ...