Browsing Tag: malware

Categories: Malware, Podcasts

Over the course of a few days in February 2000, a lone hacker was able to bring some of the Web’s larger sites to their knees, using just a few dozen machines and some relatively primitive software to cripple Yahoo, eBay, E*trade, Amazon, ZDnet and others for hours at a time. No one knew it at the time, but these attacks would come to be seen in later years as some of the earlier outbreaks of what has become a massive online pandemic.Jose Nazario on Botnets and the History of DDoS Attacks Dennis Fisher talks with Jose Nazario of Arbor Networks
about the Mafiaboy attacks, the history of DDoS attacks and the botnet
epidemic.

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=1814|title=|desc=|link=none|align=right|width=115|height=115]Kaspersky Lab malware analyst Vyacheslav Zakorzhevsky has written an in-depth article describing the scareware (fake anti-virus) epidemic.  The article touches on the common distribution techniques, the tricks used to scare users into paying fraudsters for a removal tool and the way code generators are being used to create these malicious programs.  It also provides some infection statistics and some practical protection advice.  Read the full article [viruslist.com]

Read more...

Categories: Vulnerabilities

[img_assist|nid=1765|title=|desc=|link=none|align=left|width=115|height=115]The same-origin policy vulnerability in Adobe Flash that was disclosed last week by a researcher at Foreground Security is more serious than just a simple software flaw, experts say. It illustrates a fundamental flaw in the way that Flash objects are handled by Web servers and Web browsers, alike, leading to a serious weakness on both ends of the Internet communication channel.

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=1700|title=|desc=|link=none|align=left|width=115|height=115]Heads up to all Microsoft Windows users: If you’re running Windows
2000, Windows XP or Windows Server 2003, stop what you’re doing and immediately download and apply the MS09-065 update released earlier this week.

Security researchers say it’s only a matter of time — days not weeks
— before malicious hackers start exploiting one of the vulnerabilities
via booby-trapped Web pages or Office (Word or PowerPoint) documents.

Read more...

Categories: Malware, Web Security

[img_assist|nid=707|title=|desc=|link=none|align=left|width=115|height=115]By Vitaly KamlukWe’ve been looking at the infrastructure of the Gumblar malware and found some curious facts on how Gumblar operates which we would like to share to make hosting owners aware of the Gumblar threat.Analysis of some infected websites showed that the only way to inject the infection of Gumblar was by using FTP access, because those websites have no server-side scripting. Later this was proved by an analysis of FTP log files.

Read more...