SecurityRatty: tag: exe-file

Zero-day Microsoft Windows NSlookup.exe Vulnerability Exploited In The Wild

2008-08-15 23:07:46 by CyberInsecure in CyberInsecure.com

According to SecurityFocus, a new public zero-day Windows vulnerability is being exploited in the wild. Microsoft Windows is prone to a remote code-execution vulnerability due to an unspecified error in NSlookup.exe. Successfully exploiting this issue would allow the attacker to execute arbitrary code on an affected computer. Failed attacks will...

Tags: microsoft windows, execute arbitrary code, wild, nslookup, exe, attacks, prone, issue, error

HACKED BY THE RBN!

2008-04-01 15:52:09 by HASH0x8b24a94 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

The RBN 0wnZ 7th1$ Bl0g! April 1st, 2008, St.Petersburg, Russia. The Russian Business Network, an internationally renowned cyber crime powerhouse is proud to present its very latest malware cocktail by embedding live exploit URLs within one of the top ten blogs to be malware embedded due to their overall negative attitude regarding the RBN's...

Tags: 42jdk7dx, 42jdk7dx pinch, 42jdk7dx system, 42jdk7dx ldig0031242, 42jdk7dx inst250, 42jdk7dx bhos, 42jdk7dx win32, exe, 42jdk7dx bho

A Diverse Portfolio of Fake Security Software

2007-12-07 15:16:07 by HASH0x89688e0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

The recently exposed RBN's fake security software was literally just the tip of the iceberg in this ongoing practice of distributing spyware and malware under the shadow of software that's positioned as anti-spyware and anti-malware one . The domain farm of fake security software which I'll assess in this post is worth discussing due to the size...

Tags: domains portfolio, domains, portfolio, sample domains portfolio, fake security software, software, onerateld, content, exe

Storm-Bot stripshow analysis

2007-12-23 22:06:00 by Russ McRee in HolisticInfoSec.org

Merry Christmas from the RBN. Now on a PC near you, a stripshow from Santa's helpers. Or not The ISC reported the expected Storm surge Christmas eve at 0000 GMT hxxp://merrychristmas.com/stripshow.exe (modified to protect the innocent) yields a hash of 2BBA62FBC3B9AF85C3C7D64A82E1237C. Once executed it immediately copies itself as disnisa.exe to...

Tags: 40d9f1 connect, w32tm config syncfromflags, config, time, quick time check, w32tm config, exe, src78, dst192

Execute in PowerShell

2007-12-02 11:27:00 by Keith Brown in Security Briefs

As part of a disaster recovery script, early on I wanted to ensure that all of the vdirs on a server were using ASP.NET 2.0. That meant that I wanted to run aspnet regiis.exe -r but I didn't want to make any assumptions about what drive or directory Windows was installed in. What I wanted was something like this...

Tags: powershell, 50727aspnet regiis, env, powershell assumes, env namespace, exe, netframeworkv2, windirmicrosoft, call operator

Zango's in your Face(book)

2008-01-03 21:23:00 by Russ McRee in HolisticInfoSec.org

The Zangonistas are at it again, this time deftly disguising their "software" as a Facebook Widget. Fortinet, who discovered the issue, discusses the "Secret Crush" widget at length, so no need to repeat their extensive effort Instead, I'd like to offer a bit of analysis, then invoke a debate ANALYSIS I ran Setup.exe, as found in...

Tags: 41996b regopenkeyexa, hkey local, hkey local machinesoftware, zango, software installation programs, software, software installation, user knowingly installs, analysis

The STRIDE per Element Chart

2007-10-29 23:06:46 by sdl in The Security Development Lifecycle

Id like to talk about the STRIDE per element chart in the sixth post of my threat modeling series. Id like to talk about where its from, some of the issues that come with that heritage, and how you might customize it in your own threat modeling process Michael Howard and Shawn Hernan did an analysis of our bulletins and some CERT and CVE data....

Tags: element chart, chart, stride, specific, specific threats, cve data, data, stride chart, threats

Anton Security Tip of the Day #14: More accesslog Fun: What Are You Not GETting?

2008-03-12 13:35:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

Following the tradition of posting a tip of the week (mentioned here , here ; SANS jumped in as well ), I decided to follow along and join the initiative. One of the bloggers called it "pay it forward " to the community So, Anton Security Tip of the Day #14: More access log Fun: What Are You Not GETting In this tip, we will look at some bizarre...

Tags: web server, server, web, web browsers, security, web discussion board, anton security tip, fun, modern apache

Goodbye IE6

2006-10-17 15:01:13 by Liudvikas Bukys in Liudvikas Bukys

My installation of Microsoft Internet Explorer 6 (version 6.0.2900.2180.xpsp sp2 gdr.050301-1519) has developed the unfortunate problem of frequently (about once a day) trashing its ability to render correctly: painting its window contents at various places all over the display, rendering in the wrong font, leaving turds all over its window...

Tags: xpsp sp2 gdr, window contents, window, aggressive javascript interfaces, microsoft internet explorer, firefox andor ie7, bloglines feed selector, memory corruption, render correctly

Spreading Malware Around the Christmas Tree

2007-12-24

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo