SEARCH RESULTS
 
Showing 1-10 of 121 records
 
Expand article

A Localized Bankers Malware Campaign

The Article has images
2008-03-25 14:59:06 by HASH0x8b6136c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...campaign that I exposed in November 2007, in this post I'll assess another targeted, but also localized to Portuguese campaign with a decent degree of cyber deception applied. It appears that the latest round has been spammed two days ago, but expanding their ecosystem reveals evidence of more bankers malware on behalf of the same malicious...
 
Tags: malware, bankers malware campaign, malware malware, malware campaigns, malicious malware, banker malware, bankers malware, malware authors, campaign
 
 
 
 
Expand article

Blackhat SEO Campaign at The Millennium Challenge Corporation

The Article has images
2008-05-07 03:57:19 by HASH0x8ae4918 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...campaign that has managed to inject and locally host 1,370 pharmaceutical pages, is the Millennium Challenge Corporation ( mcc.gov ) - a United States Government corporation designed to work with some of the poorest countries in the world The injected pages are loading remote images from what looks like a secondary compromised site, in this...
 
Tags: images, images ttv-bit, sites, page rank-ed sites, ttv-bit, spam pages, spam, campaign, pages
 
 
 
 
Expand article

Phishing Campaign Spreading Across Facebook

The Article has images
2008-06-20 17:35:37 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...campaign circulating across Facebook , is a part of a bigger phishing operation, whose reliance on fast-fluxed domains used in the campaign indicates it's a part of a botnet Sample messages spammed across Facebook hey, howdy?? oh lisen i got a new friend here shex kinda new on facebook..maybe you can give her a lil tym so she can enjoy...
 
Tags: facebook, campaign, phishers, info, myspace phishers, info facebookindex, myspace, profile, facebookindex
 
 
 
 
Expand article

Obama Campaign Hopes for Better Web Security

2008-06-12 13:25:23 by Dave Lewis in Liquidmatrix Security Digest
 
...campaign wants you From PC World Two months after their Web site was hacked, the organizers of Barack Obamas presidential campaign are looking for a network security expert to help lock down their Web site Obama for America is looking for a network security expert who wants to play a key role in a historic political campaign, reads the ad,...
 
Tags: network, network security expert, web site, obama, obama campaign, security job, job, linux, white house crew
 
 
 
 
Expand article

Update on the MySpace Phishing Campaign

The Article has images
2007-12-10 21:50:56 by HASH0x899feb4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...campaign is also taking advantage of the following DNS servers Name Server: ns1.4980603.com Name Server: ns2.4980603.com Name Server: ns3.4980603.com Name Server: ns4.4980603.com Here's more coverage courtesy of the ISC assessing a previous state of the campaign in the form of different domain names used Two primary infection vectors have...
 
Tags: myspace, fast-flux networks, fast-flux, attack vectors include, campaign, server, attack, exploit content results, primary infection vectors
 
 
 
 
Expand article

The Invisible Blackhat SEO Campaign

The Article has images
2008-01-08 17:23:47 by HASH0x84733a0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...campaign, and despite that "Fresh Afield's" blog ( blogs.mdc.mo.gov ) is now clean, cached copies confirm the existence of hidden links that were embedded on each and every post on it, apparently due to a compromise. The blackhat SEO links invisible embedded within the blog's posts on the other hand point to a compromised account at the Texas...
 
Tags: blackhat seo campaign, campaign, gov url, mdc, blackhat seo pages, blogs, gov, copies confirm, fresh afield
 
 
 
 
Expand article

Fake Yahoo Greetings Malware Campaign Circulating

The Article has images
2008-04-16 15:21:03 by HASH0x8c5ff78 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...campaigns per day, in this case it's their persistence that makes them worth assessing and profiling. The botnet which I assesed in February , the one that was crunching out phishing emails and using the infected hosts for hosting the pages, and parking the phishing domains, is still operational this time starting a fake Yahoo Greetings...
 
Tags: yahoo, fake yahoo, malware, malicious, malicious backdoor trojan, backdoor, malware campaign, net, active malware campaigns
 
 
 
 
Expand article

Democratic Campaign Hacking Picks Up

2008-04-24 10:54:32 by Editor in Cheap Hack
 
...campaign, whose site is www.HillaryClinton.com . Harry Sintonen, the Finnish security researcher who found the bug in VoteHillary.org, first tried to attack HillaryClinton.com, but found no cross-site scripting errors there. Both attacks essentially bring you to the other campaign's site surreptitiously. They are essentially benign, but that...
 
Tags: campaign, cross-site, site, votehillary, site surreptitiously, attack hillaryclinton, finnish security researcher, org, clinton campaign
 
 
 
 
Expand article

Storm Worm's St. Valentine Campaign

The Article has images
2008-01-15 21:01:01 by HASH0x8b48dc8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...campaign linking to two files with love.exe and withlove.exe , using an already infected host as a propagation vector itself in the very same fashion they've been doing so far Detection rate : 3/32 (9.38 File size : 114689 bytes MD5 : 31ac9582674cad4c8c8068efb173d7c7 SHA1 : cee93d3021318a34e188b8fae812aa929cb2bc9c NOD32v2 - a variant of...
 
Tags: hkey local, burito1205-67d5 hkey local, burito1205-67d5, storm worm, binary drops burito, short term window, md5, propagation vector, email campaign