SEARCH RESULTS
 
Showing 1-10 of 42 records
 
Expand article

Compromised Cpanel Accounts For Sale

The Article has images
2008-08-18 10:42:50 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...tactic on the verge of irrelevance, and if so, what has contributed to its decline? Have SQL injections executed through botnets turned into the most efficient way to infect hundreds of thousands of legitimate web sites? Depends on who you're dealing with A cyber criminal's position in the "underground food chain" can be easily tracked down...
 
Tags: sql, sql injections, sql injection attacks, massive sql injection, profile site, site, site sql, sql injection, tactic
 
 
 
 
Expand article

Cached Malware Embedded Sites

The Article has images
2007-12-16 18:18:26 by HASH0x8a09e44 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...tactic than the one discussed in the article, where an attacker will supposedely embedd malware at different sites, let the search engines crawl and cache it, than remove the sites and wait for the visitors to use the cache, thereby infecting themselves. Case in point - the U.S Consulate's site for instance wasn't even flagged by Google as...
 
Tags: sites, sites wrongly, web sites, malware, malicious site, site, single site offers, sites notification services, popular sites
 
 
 
 
Expand article

Phishing Tactics Evolving

The Article has images
2008-04-21 11:18:17 by HASH0x85bed5c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...tactic in which I'm seeing an increased interest as of recently. Here are some example of recently spammed phishing campaigns hosting the phishing pages on end user's PCs pool-71-116-244-232.lsanca.dsl-w.verizon.net user-142o3ds.cable.mindspring.com /online.lloydstsb.co.uk/customer.ibc/logon.html user-142o3ds.cable.mindspring.com...
 
Tags: halifax-online, halifax, mem binformslogin, user, user-142o3ds, web application vulnerabilities, mem binhalifax loginformslogin, vulnerable sites, turkish defacement
 
 
 
 
Expand article

MySpace Hosting MySpace Phishing Profiles

The Article has images
2008-05-05 02:29:00 by HASH0x8adc538 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...tactic that I'll assess in this post, demonstrates the adaptability of phishers whose efforts to adapt to MySpace's current security practices in place, have greatly improved their chances for tricking a large number of visitors. How come? They are not using the natural profile.myspace.com.bogusdomain.info as usual, but are actually using...
 
Tags: myspace, phishers, phishers shift, myspace phishers, authentic myspace, scale myspace, profile, natural profile, fake profile
 
 
 
 
Expand article

Summarizing August's Threatscape

The Article has images
2008-09-10 06:57:32 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...tactic of choice due to the template-ization of malware serving sites for the sake of efficiency 04. Pinch Vulnerable to Remotely Exploitable Flaw With Zeus vulnerable to a remotely exploitable flaw allowing cybercriminals to hijack other cybercriminal's Zeus botnet, private exploits targeting the still rather popular at least in respect to...
 
Tags: malware, facebook malware campaigns, usefulness pinch malware, banker malware kits, malware campaigns, botnet, diy botnet kit, distribute malware, banker malware
 
 
 
 
Expand article

More Compromised Portfolios of Legitimate Domains for Sale

The Article has images
2008-11-12 16:19:49 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...tactic of choice? In both of these propositions, the seller is citing vulnerabilities within the web hosting providers as an attack tactic The continues supply of such access is, however, a great indicator for the upcoming development of this segment within the underground marketplace in 2009
 
Tags: portfolios, domains, produce anecdotal situations, continues supply, web interfaces, supply, attack tactic, web, access
 
 
 
 
Expand article

Corporate Spying

2008-01-16 12:21:41 by schneier in Schneier on Security
 
...tactics already practiced by private investigators. One such ploy is pretexting -- obtaining information by pretending to be somebody else. While private detectives have long posed as freelance reporters or job recruiters to get people to talk, former agents have elevated pretexting to an art Similarly, ex-agents have helped popularize the...
 
Tags: agents, intelligence agents, wal-mart, off-duty police officers, officers, wal-mart employee fired, cell-phone calls, phone calls, obtain
 
 
 
 
Expand article

Virtual Eyes

2007-08-01 19:25:00 by jack in adware and spyware
 
...tactic but sometimes, spyware or malware is used to be able to commit criminal acts such as identity fraud by stealing passwords and vital credit information This spyware business is an extremely difficult and potentially dangerous program. It runs undetected within your system so that you are unaware that your computer activities are being...
 
Tags: spyware, anti-spyware downloads, spyware business, anti-spyware programs, spyware attacks, free spyware, internet, internet users pause, internet access
 
 
 
 
Expand article

Localizing Cybercrime - Cultural Diversity on Demand

The Article has images
2008-02-21 17:06:11 by HASH0x8b1e62c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...tactic with a higher probability of success if there were to also request that spammers can segment the harvested email databases for better campaign targeting. The Release of Sage 3 - The Globalization of Malware In this issue we look at the growing trend of localization in malware and threats. Cybercriminals are increasingly crafting...
 
Tags: future, future malware trend, trend, malware, malware authors, demand, russian malware, services, demand translation services