SEARCH RESULTS
 
Showing 1-10 of 83 records
 
Expand article

The Random JS Malware Exploitation Kit

The Article has images
2008-01-15 20:49:56 by HASH0x8be7244 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...sample .js and witness the filename change on the next request combined with complete disappearance of any .js on the third visit. Here's some press coverage - " Over 10,000 trusted websites infected by new Trojan toolkit The random js attack is performed by dynamic embedding of scripts into a webpage. It provides a random filename that...
 
Tags: random, malware, random attack approach, cgi, local malware locations, cgi-bincert, cgi-binss, cgi-binoptions, cgi-binpstore
 
 
 
 
Expand article

ZDNet Asia and TorrentReactor IFRAME-ed

The Article has images
2008-03-04 09:15:20 by HASH0x8b3f7c8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Sample search queries jamie presley mari misato risa coda kasumi tokumoto jill criscuolo The IFRAME is loading 72.232.39.252/a also responding to themaleks.net . The link itself is loading an obfuscated javascript, which once deobfuscated attempts to load a-n-d-the.com/wtr/router.php (216.255.185.82 - INTERCAGE-NETWORK-GROUP2) also...
 
Tags: iframe, zdnet asia, pages, pages redirect, iframe-ed pages, torrentreactor, iframe-ing tactic remains, seo practices, torrentreactor seo practices
 
 
 
 
Expand article

Blackhat SEO Redirects to Malware and Rogue Software

The Article has images
2008-06-05 07:59:47 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...sample redirection doorway, a visualization and sample traffic of which you can see in the attached screenshots. At porntubedirect.info we have a fake counter porntubedirect.info/stat/count.php loading the redirection script from 216.240.139.234/sutra/in.cgi?3 which is a javascript serving a different site on-the-fly, courtesy of a well known...
 
Tags: sites, profile sites, multimedia sites, codec sites, zlob variants, zlob, zlob malware variants, rogue codec sites, domains
 
 
 
 
Expand article

Compromised Web Servers Serving Fake Flash Players

The Article has images
2008-08-05 14:50:04 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...sample list of participating URLs, most of which are still active and running joseantoniobaltanas .com automoviliaria .es/hotnews.html risasnc .it/fresh.html carpe-diem .com.mx/fresh.html kotilogullari .com.tr/hotnews.html ferrariclubpesaro .it/hotnews.html imobiliariacom .com.br/default.html misoares .com osniehus .de/fresh.html...
 
Tags: file, html file, html, comtopnews, detopnews, windows media player, player, web, real player exploit
 
 
 
 
Expand article

Serializable XmlDocument

The Article has images
2008-08-19 02:58:00 by keith-brown in Security Briefs
...Samples Serializable public class SerializableXmlDocument : ISerializable public SerializableXmlDocument public SerializableXmlDocument(XmlDocument value this .Value = value public XmlDocument Value { get; set region ISerializable implementation public SerializableXmlDocument(SerializationInfo info StreamingContext context byte []...
 
Tags: public class item, public, public void getobjectdata, public static byte, xmldocument, return doc, return, static byte, public class
 
 
 
 
Expand article

Fear Is Unhealthy

2008-01-17 07:35:09 by schneier in Schneier on Security
 
...sample of more than 2,700 Americans before September 2001. After the attacks of Sept. 11, the scientists monitored peoples fears of terrorism over the next several years and found that the most fearful people were three to five times more likely than the rest to receive diagnoses of new cardiovascular ailments After controlling for various...
 
Tags: people terrorists kill, terrorists, terrorism, actual terrorism, kill, people, fear, million people, fearful people
 
 
 
 
Expand article

Massive Blackhat SEO Targeting Blogspot

The Article has images
2008-02-17 22:53:13 by HASH0x8ad5e0c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Sample blogs tilas--paralyze--video.blogspot.com parentdirectoryofnokia19942.blogspot.com imelodyalesana.blogspot.com iberryblack8320.blogspot.com ku990downloadwallpaper.blogspot.com blackberrypearl8100fre62265.blogspot.com motorolarazrv3amdriver90079.blogspot.com downloadcredmakerforf64090.blogspot.com smsmarathi.blogspot.com...
 
Tags: blogspot, blogspot accounts directly, entire operation, operation, content, blogs, sample blogs, firesearch, real-time content
 
 
 
 
Expand article

Got Entropy ?

2008-04-02 02:55:47 by Erik T. Heidt in Art of Information Security
 
...samples some physical phenomenon which is random, such as cosmic rays, RF noise, etc. (aka Entropy RNGs are important in Information Security because they are used to generate encryption keys, salts, etc. Historically, attacking RNGs has proven effective, such as the defeat of Netscapes HTTPS sessions Most operating systems utilize a hybrid...
 
Tags: entropy, random, 32-byte random, byte, hardware random, entropy sources, sequence, random sequence, pull entropy
 
 
 
 
Expand article

Phishing Emails Generating Botnet Scaling

The Article has images
2008-04-18 14:57:30 by HASH0x8aef3f0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...sample infected host, all of them targeting NatWest or The National Westminster Bank Plc. Here are some samples, that of course never made it out to their recipient Sender Address: "NatWest Internet Banking '2008" to Recipient: Subject: Natwest Bank Bankline: Confirm Your Login Email Content:...
 
Tags: bank, bank digital, ns1, bank bankline, ns2, bank internet, malware, malware variants signal, botnet