Roel Schouwenberg

Iran CERT Reports New Data-Wiping Malware

Computer systems in Iran are being targeted by a new strain of malware that is capable of wiping disk partitions clean of files. Security researchers are calling the attacks simplistic, yet effective.Researchers at Kaspersky Lab said the malware launches only on pre-determined dates and will delete all files on drives D through I. It also deletes user profiles and will wipe all files on the computer’s desktop.

Fake AV Scareware Passively Served

A piece of fake anti-virus scareware, Antivirus 8, has been
infecting computers via ICQ in recent days according
to Roel Schouwenberg at Securelist.
What makes this fake antivirus popup intriguing is that it appears infecting
users who are not actively using their computer.

Some Researchers Lack Basic Ethics

By Roel Schouwenberg
upon a time we were living in a world where creating malware, then
still called viruses, was a very bad thing to do. These days, people
seem much more relaxed with the idea of someone writing malware.

Adobe vs. Microsoft on Security Response – Fri, March 6, 2009

Ryan and Roel discuss the latest zero-day vulnerabilities (and attacks) affecting Adobe and Microsoft customers and compare the response from the two software vendors.

Emergency IE Patch – Fri, January 9, 2009
Ryan and Roel dissect the latest wave of malware attacks against Microsoft Internet Explorer browser and discuss the company’s plans to ship an emergency out-of-band update.

USB Malware Mess – Fri, November 28, 2008

The boys explain the latest news around Lenovo distributing a malware-infected driver software and the network worm that forced the U.S. military to ban the use of USB drives and other forms of removable media.

Explaining AMTSO principles – Fri, November 21, 2008

Ryan grills Roel on the latest “principles” document coming out of the AMTSO (Anti-Malware Testing Standards Organizing) and the two spar over the value of such a massive effort.

In-the-wild worm attacks exploitation – Fri, November 7 2008

In this special episode, Ryan and Roel get to the bottom of the new in-the-wild worm attacks exploiting the Microsoft MS08-067 vulnerability. Listen as Roel provides a blow-by-blow of the two different Trojans now targeting Chinese-language versions of Windows.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.