SEARCH RESULTS
 
Showing 1-10 of 66 records
 
Expand article

The Random JS Malware Exploitation Kit

The Article has images
2008-01-15 20:49:56 by HASH0x8be7244 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...sample .js and witness the filename change on the next request combined with complete disappearance of any .js on the third visit. Here's some press coverage - " Over 10,000 trusted websites infected by new Trojan toolkit The random js attack is performed by dynamic embedding of scripts into a webpage. It provides a random filename that...
 
Tags: random, malware, random attack approach, cgi, local malware locations, cgi-bincert, cgi-binss, cgi-binoptions, cgi-binpstore
 
 
 
 
Expand article

ZDNet Asia and TorrentReactor IFRAME-ed

The Article has images
2008-03-04 09:15:20 by HASH0x8b3f7c8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Sample search queries jamie presley mari misato risa coda kasumi tokumoto jill criscuolo The IFRAME is loading 72.232.39.252/a also responding to themaleks.net . The link itself is loading an obfuscated javascript, which once deobfuscated attempts to load a-n-d-the.com/wtr/router.php (216.255.185.82 - INTERCAGE-NETWORK-GROUP2) also...
 
Tags: iframe, zdnet asia, pages, pages redirect, iframe-ed pages, torrentreactor, iframe-ing tactic remains, seo practices, torrentreactor seo practices
 
 
 
 
Expand article

Blackhat SEO Redirects to Malware and Rogue Software

The Article has images
2008-06-05 07:59:47 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...sample redirection doorway, a visualization and sample traffic of which you can see in the attached screenshots. At porntubedirect.info we have a fake counter porntubedirect.info/stat/count.php loading the redirection script from 216.240.139.234/sutra/in.cgi?3 which is a javascript serving a different site on-the-fly, courtesy of a well known...
 
Tags: sites, profile sites, multimedia sites, codec sites, zlob variants, zlob, zlob malware variants, rogue codec sites, domains
 
 
 
 
Expand article

Fear Is Unhealthy

2008-01-17 07:35:09 by schneier in Schneier on Security
 
...sample of more than 2,700 Americans before September 2001. After the attacks of Sept. 11, the scientists monitored peoples fears of terrorism over the next several years and found that the most fearful people were three to five times more likely than the rest to receive diagnoses of new cardiovascular ailments After controlling for various...
 
Tags: people terrorists kill, terrorists, terrorism, actual terrorism, kill, people, fear, million people, fearful people
 
 
 
 
Expand article

Massive Blackhat SEO Targeting Blogspot

The Article has images
2008-02-17 22:53:13 by HASH0x8ad5e0c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Sample blogs tilas--paralyze--video.blogspot.com parentdirectoryofnokia19942.blogspot.com imelodyalesana.blogspot.com iberryblack8320.blogspot.com ku990downloadwallpaper.blogspot.com blackberrypearl8100fre62265.blogspot.com motorolarazrv3amdriver90079.blogspot.com downloadcredmakerforf64090.blogspot.com smsmarathi.blogspot.com...
 
Tags: blogspot, blogspot accounts directly, entire operation, operation, content, blogs, sample blogs, firesearch, real-time content
 
 
 
 
Expand article

Got Entropy ?

2008-04-02 02:55:47 by Erik T. Heidt in Art of Information Security
 
...samples some physical phenomenon which is random, such as cosmic rays, RF noise, etc. (aka Entropy RNGs are important in Information Security because they are used to generate encryption keys, salts, etc. Historically, attacking RNGs has proven effective, such as the defeat of Netscapes HTTPS sessions Most operating systems utilize a hybrid...
 
Tags: entropy, random, 32-byte random, byte, hardware random, entropy sources, sequence, random sequence, pull entropy
 
 
 
 
Expand article

Phishing Emails Generating Botnet Scaling

The Article has images
2008-04-18 14:57:30 by HASH0x8aef3f0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...sample infected host, all of them targeting NatWest or The National Westminster Bank Plc. Here are some samples, that of course never made it out to their recipient Sender Address: "NatWest Internet Banking '2008" to Recipient: Subject: Natwest Bank Bankline: Confirm Your Login Email Content:...
 
Tags: bank, bank digital, ns1, bank bankline, ns2, bank internet, malware, malware variants signal, botnet
 
 
 
 
Expand article

Testing Signature-based Antivirus Products Contest

The Article has images
2008-05-02 06:31:36 by HASH0x8b205fc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...sample set of viruses and malcode to modify and upload through the contest portal. The portal passes the modified samples through a number of antivirus engines and determines if the sample is a known threat. The first team or individual to pass their s ample past all antivirus engines undetected wins that round. Each round increases in...
 
Tags: malware, malware authors, malware variants, signature based malware, bad guys, guys, proprietary malware tools, tools, alternative malware
 
 
 
 
Expand article

Nobody Is That Dumb ... Oh, Wait X

2008-05-05 14:26:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...samples so that we can either create an official support package for this new log source or, at least, see how such logs will fare with our log indexer (that enables LogLogic index searches and Index Reports Obviously, every vendor I ever approached loved it: after all, they might get something for nothing. If they are small, integrating with...
 
Tags: security appliance vendor, vendor, log management vendor, enables loglogic index, loglogic, logs, vendor expo, official support package, free money