SEARCH RESULTS
 
Showing 1-10 of 24 records
 
Expand article

Malware Serving Exploits Embedded Sites as Usual

The Article has images
2008-01-09 18:04:58 by HASH0x8957398 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...htm (58.53.128.98) is such a domain that's serving a combination of these starting with Exploit-MS07-004 Result : 12/32 (37.5 File size : 3432 bytes MD5 : bafab9b8e38527e9830047fd66b39532 SHA1 : b81abcf63a2c4bcf43526f28aec20fca2f58d67c 8v8.biz/1.htm - MDAC also loads 8v8.biz/06014.html in between 8v8.biz/r.htm - real player unobfuscated,...
 
Tags: htm, load uc147, uc147, loads 8v8, 8v8, load 8v8, iframes, recent realplayer exploit, secondary iframes
 
 
 
 
Expand article

The United Nations Serving Malware

The Article has images
2008-04-23 10:13:00 by HASH0x8b31c98 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...htm (also hosted on the same server). Once loaded, the file attempts 8 different exploits (the attack last April utilised 12). The exploits target Microsoft applications, specifically browsers not patched against the VML exploit MS07-004 as well as other applications. Ominously files named McAfee.htm and Yahoo.php are also called by 1.htm but...
 
Tags: malware, attack, malware attack, anti-malware vendor, media malware gang, htm, nihaorr1, load nihaorr1, attack tactic
 
 
 
 
Expand article

MDAC ActiveX Code Execution Exploit Still in the Wild

The Article has images
2007-12-05 12:08:56 by HASH0x89e6630 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...htm dhyjagri.gov.cn/program/images/img/New/index.htm sell.c2bsales.com/look.htm nesoy.com/svcdir/index.htm qyxjxx.com/admin/inc/index.htm xi530.com jzkj.icp365.cn/index.htm 52fans.net 218.84.59.218/img/c 918a.com.cn/123/index.htm flch.net/img/img/liqiuf.htm jiashiyin.com/qq/index.htm flymir2.com/liouliang/mama/index.htm...
 
Tags: exploit, day, day vulnerabilities, htm, malware, malware exploitation kit, single exploit urls, vulnerabilities, storm worm apparently
 
 
 
 
Expand article

The DDoS Attack Against CNN.com

The Article has images
2008-04-22 19:30:53 by HASH0x8b2d1ec in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...html 80aft.com/cnn.htm tom765.cn/cnn.html ah930.com/cnn.htm 0851qiche.cn/cnn.html xdadmin.com/cnn.html ah930.com/cnn.html s234sdf3.cn.webz.datasir.com/cnn.asp bbscar.com.cn/cnn 120abc.cn/cn n.html hospltal.cn/cnn.html bbs.cityzx.cn/cnn.htm bestmf.cn/cnn.html anlycloud.com/cnn/cnn qibubbs.net/ddoscnn.htm maje.cn/cnn.html...
 
Tags: ddos, ddos-ing cnn, cnn, ddos people, warfare, information warfare attack, attack, ddos attack, chinese script kiddies
 
 
 
 
Expand article

Malware Domains Used in the SQL Injection Attacks

The Article has images
2008-05-22 08:49:38 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...html cc.buhaoyishi.com/one/hao5.htm?015 aaa.77xxmm.cn/new858.htm?075 llSging.com/ww/new05.htm?075 shIjIedIyI.net/one/hao8.htm?005 congtouzaIlaI.net/one/hao8.htm?005 aa.llsging.com/ww/new05.hTm?075 The rough number of SQL injected sites is around 1.5 million pages, in reality the number is much bigger, and there are several ongoing campaigns...
 
Tags: attacks, sql injection attacks, sql, net, decent sql injector, htm, org, malicious domains lies, malicious domains
 
 
 
 
Expand article

Massive RealPlayer Exploit Embedded Attack

The Article has images
2008-01-07 18:58:52 by HASH0x89c7e1c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...htm ; count38.51yes.com/click.aspx?id=389925362&logo=1 and s106.cnzz.com/stat.php?id=742266&web id=742266 The internal structure is as follows c.uc8010.com/1.htm - attempts MDAC ActiveX code execution (CVE-2006-0003) in between the following c.uc8010.com/046.htm - javascript obfuscation c.uc8010.com/r.htm - real player exploit...
 
Tags: exploit, realplayer exploit, uc8010 domain, domain, uc8010, exact exploit, attack uc8010, malware, malware exploitation kits
 
 
 
 
Expand article

Serving Malware Through Advertising Networks

The Article has images
2008-02-18 10:58:53 by HASH0x8bfe2fc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...htm currently trying to exploit MDAC ActiveX code execution (CVE-2006-0003) through the Neosploit malware kit. Banner.php is for the time being loading IFRAMEs to funppc.com/cgi-bin/pl/affiliates/referral.cgi?referral=3098 (63.219.176.194 look.fxlayer.net/hop.php (87.98.255.2 hartnetwork.org/cgi-bin/in.cgi?p=1018b (216.246.31.236) -...
 
Tags: malware, php attempt, php, neosploit malware kit, xtraff, exploit, live exploit urls, urls, htm
 
 
 
 
Expand article

Malware Attack Exploiting Flash Zero Day Vulnerability

The Article has images
2008-05-27 17:33:43 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...htm 0novel.com /lz.htm 0novel.com /bf.htm 0novel.com /xl.htm 0novel.com /flash.swf 0novel.com /flash1.swf Let's get back to the second domain which is not returning a valid 403 error forbidden message, woai117.cn (221.206.20.145) which has also been sharing the same IP with kisswow.com.cn ; qiqi111.cn ; ririwow.cn ; wowgm1.cn , among the...
 
Tags: flash, malware, macromedia flash content, flash content, sample flash file, adobe flash player, adobe, participation domains, domains
 
 
 
 
Expand article

The Naval Surface Warfare Center warns employees

The Article has images
2008-01-16 09:51:41 by Evan Francen in The Breach Blog
...html style="font-weight: bold;">Types of Data Names, Social Security numbers, dates of birth, job titles, salary and employment information Breach Description Officials at the Naval Surface Warfare Center Dahlgren Division were made aware of a breach involving personal information belonging to current and former employees after a criminal...
 
Tags: company data destruction, company data, employees personal information, personal information, destruction, information, information security, employees, employment information