Browsing Category: Malware

Categories: Malware, Podcasts, Web Security

Welcome to the Show – Mon, October 20 2008

In this show, we introduce ourselves and recap the Virus Bulletin 2008 conference. We talk about the MBR Trojan (bootkit), the controversy surrounding anti-virus testing standards, information on the blackmarket for online gaming passwords and some data from Microsoft’s malicious software removal tool (MSRT).
(Download)

Read more...

Categories: Malware

In a statement on Monday, the BBC said that its decision to purchase and use a botnet to espose the malware epidemic had been “in the public interest”.
“It was not our intention to break the law,” the BBC told ZDNet UK on Monday. “There is a powerful public interest in demonstrating the ease with which such malware can be obtained and used; how it can be deployed on thousands of infected computers without the owners even knowing it is there; and its power to send spam e mail or attack other websites undetected.”

Read more...

Categories: Malware

Dave Kennedy and Kevin Long from Verizon’s security team are offering some of the best advice I’ve seen regarding the ongoing attacks against an unpatched Adobe Acrobat/PDF vulnerability.
I’ve complained bitterly about the lack of mitigation guidance from Adobe and I’m happy to see the Verizon researchers filling in the blanks and offering suggestions to reduce your exposure to these attacks.

Read more...

Categories: Malware

On the Microsoft Secure Windows Iniative blog, software engineer Chengyun discusses the default behaviour of ActiveX controls embedded in Office documents.  The software giant also provides information on how can an attacker abuse ActiveX and how Office users can change the behavior of ActiveX controls embedded in Office documents.

Read more...