SecurityRatty: tag: gif

Phishing Emails Generating Botnet Scaling

2008-04-18 14:57:30 by HASH0x8aef3f0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...gif" (image/gif Sender Address: "NatWest Bank On-line Banking'2008" to Recipient: Subject: Natwest OnLine Banking Important Notice From Technical Department Id: 9044 Email Content: //ver2.natwest-commercial3.com/customerupdate?tag=3D15urOBFDffkOkhOvp These directives are to be sent and followed by all members of the NatWest Private and...

Tags: bank, bank digital, ns1, bank bankline, ns2, bank internet, malware, malware variants signal, botnet

The Epileptics Forum Attack

2008-03-31 02:40:24 by HASH0x8b062fc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...gifs Mentioning the attack would mean nothing if I'm not to provide screenshots of the forum postings courtesy of user Pedrobear, and the actual seizure image used, which in the case of this attack was pics.ohlawd.net/img/seizure.gif . And if you think seizure.gif is mean, optical illusions such as this one can cause the same effects to...

Tags: epileptics forum, forum, attack, seizure, actual seizure image, epileptics, computer attack, forum postings courtesy, hackers post seizure

Obfuscating Fast-fluxed SQL Injected Domains

2008-07-17 15:31:06 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...gif to be precise. The fake .gif file in the spirit of fake directory listings for acquiring traffic in order to serve malware , is actually attempting to exploit a RealPlayer vulnerability - JS/RealPlr.LB!exploit. The deeper you go, the uglier it gets Related posts Yet Another Massive SQL Injection Spotted in the Wild Malware Domains Used...

Tags: sql, massive sql injections, sql injection campaign, sql injection attacks, popular sql injectors, massive sql injection, site sql, sql injection, campaign

Thwarting a large-scale phishing attack

2007-06-11 11:35:00 by Niels Provos in Google Online Security Blog

...gif In addition to contributing to the viral growth of the phishing attack, linking directly off of real MySpace content added to the appearance of legitimacy of these phishing pages. In fact, we received thousands of complaints from confused users along the lines of " Why won't it let any of my friends look at my pictures? " regarding our...

Tags: myspace, myspace profiles, real myspace content, myspace account, attack, dummy myspace account, phishers move, phishers, lower-value sites

Quick Tool Update: GFI EndPointScan

2007-04-30 11:11:02 by Editor in Endpoint Security: Translating Policy Into Reality

GIF just released a new tool that's targeted at keeping control of removable media & all forms of storage devices (fixed & temporary

Tags: removable media, tool, storage devices, fixed, forms, temporary, gif, control

The United Nations Serving Malware

2008-04-23 10:13:00 by HASH0x8b31c98 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...gif niha orr1.com/ Yahoo.php nihaorr1.com/ cuteqq.htm nihaorr1.com/ Ms07055.htm nihaorr1.com/ Ms07033.htm nihaorr1.com/ Ms07018.htm nihaorr1.com/ Ms07004.htm nihaorr1.com/ Ajax.htm nihaorr1 .com/ Ms06014.htm nihaorr1.com/ Bfyy.htm nihaorr1.com/ Lz.htm nihaorr1.com/ Pps.htm nihaorr1.com/ XunLei.htm and finally serve the malware, by also...

Tags: malware, attack, malware attack, anti-malware vendor, media malware gang, htm, nihaorr1, load nihaorr1, attack tactic

12 Signs that Your Company is Already in the Cloud

2008-04-25 19:14:19 by Craig Balding in Cloud Security

...GIF files You detect the presence of malware in the form of unexplained Machine Images on ITs desktops You stop finding Windows passwords under keyboards, instead you find random hex digits next to the words Access Key and Secret Key. You sigh, but at least they are setting difficult to guess passwords now If you are charged with IT security...

Tags: company, company car park, signs, cloud, company internet connection, telltale signs, credit card, credit card charges, security

Fake Directory Listings Acquiring Traffic to Serve Malware

2008-04-30 03:17:00 by HASH0x8b233c0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...gif"; header("Content-type: application/force-download"); header("Content-Transfer-Encoding: Binary"); header("Content-Disposition: attachment; filename="".basename($file)."""); readfile("$file Spammers, phishers, malware authors, and of course, black hat search engine optimizers, are known to have been using technique for enforcing...

Tags: fake directory, malicious, fake directory indexes, non-malicious download, live exploit urls, file, malicious magic, load image files, image files

Dilbert Does Canonicalization

2008-05-05 12:03:32 by Chris Eng in Zero in a bit

I was checking out the new and improved Dilbert website a few minutes ago, checking out some of the new features and lamenting the overzealous use of Flash. One new feature is called Mashups. Naturally, youd assume that this was some fancy Web 2.0 API that one might use to create a killer app combining Google Maps, Twitter, traffic delays,...

Tags: dilbert, dilbert mashups, mashups, comic, dilbert website, daily comic, comics, un-funny punch lines, dilbert comics

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo