SEARCH RESULTS
 
Showing 1-10 of 93 records
 
Expand article

Pinch Vulnerable to Remotely Exploitable Flaw

The Article has images
2008-08-07 10:22:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...remotely exploitable vulnerabilities allowing them to competely hijack someone's command and control, and consequently, their botnet. The Zeus crimeware kit , which I've been discussing and analyzing for a while, is the perfect example of how once a popular underground kit start acting as the default crimeware kit, cybercriminals themselves...
 
Tags: popular crimeware kits, crimeware kits, pinch, crimeware, zeus crimeware kit, popular pinch crimeware, malware, banker malware kit, default crimeware kit
 
 
 
 
Expand article

The Zeus Crimeware Kit Vulnerable to Remotely Exploitable Flaw

The Article has images
2008-06-18 17:45:15 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...remotely exploitable vulnerability according to a proof of concept code I obtained recently . The vulnerability allows the injection of logins and passwords within any misconfigured web interface, due to the way in which Zeus is processing php scripts (web shells and backdoors) from the directory in which it stores the stolen data....
 
Tags: zeus, russian business network, crimeware kit, zeus users, vulnerability, vulnerability research, kit, security community, security community starts
 
 
 
 
Expand article

iPhone Feature Discovered By Hacker Allows Apple To Remotely Disable Unwanted Apps

2008-08-11 14:55:39 by CyberInsecure in CyberInsecure.com
 
According to iPhone hacker Jonathan Zdziarski, Apple has prepared a blacklisting system which allows the company to remotely disable applications on any iPhone device. Apparently, the new 2.x firmware contains a URL which points to a page containing a list of unauthorized apps, a move which suggests that the device makes occasional contact with...
 
Tags: iphone device, remotely disable applications, device, apple, apps, occasional contact, apparently, suggests, move
 
 
 
 
Expand article

Can you hear me now?

2008-06-27 10:56:10 by Gunnar Peterson in 1 Raindrop
 
...remotely. The firewall is a speed bump at best. At any rate external sources is a primary concern in Web services security, because - hey look our Web service front end just made your Mainframe/As400/Unix DB/ CICS/whatever accessible remotely. This is great from a functionality standpoint, but the issue is that these back end systems were...
 
Tags: web services, web services world, web services security, data breach report, report, attack, massive attack surface, companies follow verizon, data
 
 
 
 
Expand article

Summarizing June's Threatscape

The Article has images
2008-07-01 07:05:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...remotely exploitable flaw in the Zeus crimeware kit allowing both, researchers and malicious parties to assess the severity of a particular banker malware campaign, the increasing use of malicious doorways next to ICANN and IANA's DNS hijacking, all speak for themselves and how diverse the threats and, of course, the abilities to maintain a...
 
Tags: site, fake youtube site, web site defacements, malware, malware hosts, web site defacer, sites, vulnerable sites, malicious
 
 
 
 
Expand article

76Service - Cybercrime as a Service Going Mainstream

The Article has images
2008-08-13 08:08:43 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...remotely exploitable vulnerability in yet another malware kit about to go mainstream? Definitely, unless of course backdooring it and releasing it doesn't achieve the obvious results of controlling someone else's cybercrime ecosystem Related posts The Underground Economy's Supply of Goods and Services The Dynamics of the Malware Industry -...
 
Tags: 76service, service, malware, malware kit, cybercrime, malware botnet, botnet, mysterious 76service server, web service
 
 
 
 
Expand article

Summarizing August's Threatscape

The Article has images
2008-09-10 06:57:32 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...remotely injected redirection scripts at legitimate sites next to on purposely introduced malware oriented domains, was perhaps the most aggressive one during the month. Fake flash players, fake windows media players and fake youtube players are prone to increase as a social engineering tactic of choice due to the template-ization of malware...
 
Tags: malware, facebook malware campaigns, usefulness pinch malware, banker malware kits, malware campaigns, botnet, diy botnet kit, distribute malware, banker malware
 
 
 
 
Expand article

Phishing Tactics Evolving

The Article has images
2008-04-21 11:18:17 by HASH0x85bed5c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...remotely SQL injecting or remotely file including phishing pages on vulnerable sites, as for instance, someone's actively abusing vulnerable sites, which are apparently noticing this malicious activities and taking care of their web application vulnerabilities. Some recent examples include kclmc.org /components/www.halifax.co.uk/ mem...
 
Tags: halifax-online, halifax, mem binformslogin, user, user-142o3ds, web application vulnerabilities, mem binhalifax loginformslogin, vulnerable sites, turkish defacement
 
 
 
 
Expand article

Blackhat SEO Campaign at The Millennium Challenge Corporation

The Article has images
2008-05-07 03:57:19 by HASH0x8ae4918 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...remotely loading images at the top of the page, and placing the original at the bottom The campaign's main URl is ttv-bit.nl/rr/c.php where a redirector is forwarding to canadiandiscountsmeds.com, and these are some of the remotely loading images ttv-bit.nl/rr/s.JPG ; ttv-bit.nl/rr/l.JPG ; ttv-bit.nl/rr/c.JPG ; ttv-bit.nl/rr/v.JPG Moreover,...
 
Tags: images, images ttv-bit, sites, page rank-ed sites, ttv-bit, spam pages, spam, campaign, pages