Custom Search
|
Recent months have produced little of interest among worms written in Java and script languages such as JavaScript and VBScript. The main reason behind this was the limited proficiency of the virus writers, whose creations were anything but remarkable. However, a couple of malware samples grabbed our attention; their complexity is testimony to the fact … On Feb 12th 2013, FireEye announced the discovery of an Adobe Reader 0-day exploit which is used to drop a previously unknown, advanced piece of malware. We called this new malware “ItaDuke” because it reminded us of Duqu and because of the ancient Italian comments in the shellcode copied from Dante Alighieri’s “Divine Comedy”. Previously, … While working on the release of the latest version of the McAfee Network Security Platform, which offers advanced malware and botnet protection, we tested a sample of the malware Red October. With the help of our in-house advanced botnet analysis framework, we analyzed the network traffic generated by this sample and tracked its communications with the … We recently came across a sample of a back door remote access tool (RAT) written entirely in Java. The RAT is freely distributed on underground forums, free for any registered forum user to download. It is named Frutas, which means “fruit” in Spanish. Figure 1. Frutas logo The Frutas RAT allows attackers to create a connect-back client … Last week I kicked off a series of blogs with a discussion of how an effective IPS solution can fight obfuscation techniques by malware. This week, we’ll look at how JavaScript poses a danger when combined with PDF files. One of the easiest and most powerful ways to customize PDF files is by using JavaScript. JavaScript … You may want to open the first blog post we did on Fake AV in December 2009, three years ago, side by side with this post. See if you can spot the differences… fake antivirus pages in 2012 are nearly the same as they were three years ago and most AV solutions still fail to … More than half of all web servers on the Internet use Apache, so when we discovered a malicious Apache module in the wild last month, being used to inject malicious content into web pages displayed by compromised web servers, we were understandably concerned. Our concern deepened when we discovered that this malware was being used … I’ve been hunting fake “Canadian Pharmacy” sites since last week and managed to find thousands of unique domains associated with this scam. I have some fun points to share as part of my tips in hunting these: Recently, most of fake Canadian Pharmacy sites are using “medic”, “health” and “doctor” keywords in their domain names … |
Custom Search
|
|
Copyright © 2010 - 2013 DataProtectionCenter.com – Tech and Security - All Rights Reserved
Powered by WordPress & Atahualpa |
||
