SEARCH RESULTS
 
Showing 1-10 of 20 records
 
Expand article

Video: Classification, detection of application backdoor attacks

2008-03-05 15:25:07 by Chris Wysopal in WhatIs: Enterprise IT tips and expert advice
 
Application backdoor attacks bypass authentication and can result in systems or data within those systems being compromised. Listen as Veracode's Chris Wysopal explains static detection methods for finding the four major types of backdoor attacks
 
Tags: backdoor attacks, major types, systems, data, veracode, result
 
 
 
 
Expand article

Backdoor in G-Archiver

2008-03-11 14:02:11 by Chris Wysopal in Zero in a bit
 
...backdoors are being placed into free applications. A programmer, Dustin Brooks, was inspecting a free Gmail backup utility, called G-Archiver , with reflector and noticed that not only did it have the authors Gmail credentials baked in, but is was sending the Gmail credentials of every user of the program to the author This is an example of...
 
Tags: mailmessage message, message, backdoor, smtpclient client, client, gmail, gmail credentials, credentials, people
 
 
 
 
Expand article

Fake Yahoo Greetings Malware Campaign Circulating

The Article has images
2008-04-16 15:21:03 by HASH0x8c5ff78 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Backdoor.Agent.AJU Upon visiting www4.yahoo.american-greeting.com.tag38.com/ecards/view.pd.htm it redirects to www3.yahoo.americangreetings.com.id759.com/ecards/view.pd.htm id759.com is currently responding to 24.161.232.218; 24.192.140.204; 68.36.236.67; 76.230.108.105; 83.5.203.163; 85.109.42.164; 216.170.109.206 and also to set45.net ;...
 
Tags: yahoo, fake yahoo, malware, malicious, malicious backdoor trojan, backdoor, malware campaign, net, active malware campaigns
 
 
 
 
Expand article

Phishing Emails Generating Botnet Scaling

The Article has images
2008-04-18 14:57:30 by HASH0x8aef3f0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Backdoor.Agent.AJU malware infected hosts Within the first five minutes, thirty three (33) phishing emails attempted to be delivered out of a sample infected host, all of them targeting NatWest or The National Westminster Bank Plc. Here are some samples, that of course never made it out to their recipient Sender Address: "NatWest...
 
Tags: bank, bank digital, ns1, bank bankline, ns2, bank internet, malware, malware variants signal, botnet
 
 
 
 
Expand article

Squirreling Backdoors Into Distribution Points

2007-12-19 22:16:35 by Chris Eng in Zero in a bit
 
...backdoored. Similar to some high-profile backdoors in the past, this was done by modifying the distribution tarball on rather than infiltrating the source code repository [1] . In this case, the backdoor was detected when a user noticed that the MD5 published on SquirrelMails website didnt match the calculated MD5 from the SourceForge...
 
Tags: md5 collisions, md5, md5 hashes, distribution, php, execute php code, execute, code, md5 unsafe
 
 
 
 
Expand article

Risk vs Vulnerability

2007-12-18 17:51:44 by Chris Wysopal in Zero in a bit
 
...backdoor safely unlocked (a vulnerability) in the suburbs of Boston in Concord, MA. I wouldnt do the same thing in Brooklyn, NY. Same vulnerability, different threat environment. Everyone readily admits that Macs have less risk on average due to their population and user base. This does not mean they are more secure. Move them into a high...
 
Tags: vulnerability, risk, vulnerability counts, risk environment, backdoor, backdoor safely, secure, average due, hacker challenge
 
 
 
 
Expand article

Romanian Script Kiddies and the Screensavers Botnet

The Article has images
2008-04-08 03:48:40 by HASH0x8ae5de0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...BackDoor.Flood; Backdoor.IRC.Zapchast File size: 735139 bytes MD5 ...: 015e5826084f2302b4b2c3237a62e244 SHA1 ..: 7d05949f6dfffdc58033c9d8b86210a9bd34897c Sample traffic output NICK Mq2kC01 USER las "" "pic.kauko.lt" :Px7aW6 USER las "" "Helsinki.FI.EU.Undernet.org" :Px7aW6 USERHOST Mq2kC01 NICK :Rk1zK50 AWAY :Eu te scuip in cap si'n gura, tu...
 
Tags: botnet, botnet masters, script kiddies, romanian script kiddies, botnet courtesy, ny2fw15, alternative botnet, irc, irc bot
 
 
 
 
Expand article

ImageShack Typosquatted to Serve Malware

The Article has images
2008-06-11 08:47:17 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Backdoor.Win32.SdBot.eiu in this case, the host joins an IRC channel where the botnet masters continue issuing commands for the campaign to spread Scanners Results : 14/32 (43.75 Backdoor.Win32.SdBot.eiu; a variant of Win32/Injector.AV File size: 31040 bytes MD5...: eef33ca4036a5bf709f62098c55fb751 SHA1..:...
 
Tags: imageshack, malware, fake imageshack site, malware authors, real imageshack site, irc channel, channel, botnet masters continue, scanners results
 
 
 
 
Expand article

MySpace Bug Leaks 'Private' Teen Photos to Voyeurs

2008-01-18 23:50:07 by Editor in Digg / Security
 
A backdoor in MySpace's architecture allows anyone who's interested to see the photographs of some users with private profiles -- including those under 16 -- despite assurances from MySpace that those pictures can only be seen by people on a user's friends list
 
Tags: myspace, friends list, backdoor, photographs, users, assurances, architecture, people, user