malware | Page 23

Well that would be the usual boring answer from the guy down at the pub who isn't really entering in to the spirit of the conversation. How about this one... Be shot out of a cannon - that's pretty dangerous. But with a little thought we can make it safer. For a start, how big is the cannon? Where is it aiming? Can I wear a crash helmet? Can I land in a very large safety net? Can I get someone else to do it for me? Of course, reading email can be a pretty dangerous business to, with all those requests from your bank, or someone else's bank, to... [Read More]
by RSS Darren Turnbull  |  Apr 07, 2009  |  Filed in: Security Research
Our March 2009 Threat Landscape Report is now available, recapping a month of threat activity from exploits and malware, to spam. Here are some key movements from the report along with comments: After a year long battle, W32/Virut.A finally lands in top spot - surpassing Netsky. This parasitic file infector proves to be quite virulent, and has generated enough activity to land in our malware top 10 for twelve solid months. On top of infecting multiple local files on a PC, the virus can spread through file shares and/or removable media such as USB... [Read More]
by RSS Derek Manky  |  Mar 27, 2009  |  Filed in: Security Research
Over the past two years, rarely did a worm get as much attention that Conficker (aka Downadup) is getting now. Its last variant, the infamous W32/Conficker.C, which surfaced in early March and is set to time-bomb on April 1, is literally all over the media. Of course, its features are well known and documented and some papers (such as SRI's excellent analysis and a blog post from Sourcefire) even give interesting insights on the reverse engineering process. Indeed, while understanding the behavior of the malware is important to most people, learning... [Read More]
by RSS Rex Plantado  |  Mar 26, 2009  |  Filed in: Security Research
While malicious servers hosting "drive-by-install" scripts are continuously evolving, their goal remain the same: to silently drop and run malicious files on the victim's computer. The flaws exploited by those Web Attacks Toolkits have been quite the same for a while, so what's new in "malscripts" world? As we pointed in a previous post, malicious web-based exploits writers worked out some advanced obfuscation methods to hide their malicious scripts from detection. It seems that this trend is taming down and being replaced by a simpler yet effective... [Read More]
by RSS David Maciejak  |  Mar 04, 2009  |  Filed in: Security Research
If you have received an email that appears to be from UPS, please be careful. Do not rashly open the attachment of the email. Some spammers are disguising themselves as UPS to spread malware. Here’s a screenshot of the sample email: The attachment of this email is shown as a compression archive. It actually contains a malware which looks like a Microsoft Word or Excel file. If your system is set to hide the known file extension names, you can be easily cheated. The malware samples that we have collected have the names like: UPS_letter.doc.exe,... [Read More]
by RSS Tiejun Wang  |  Jan 28, 2009  |  Filed in: Security Research