Malware
Main
Security
Anti-MalwareMalware
MSNBC Security
Security Fix
Security World News
Random Feeds
Archives
| Feb 2012 | Jan 2012 | Dec 2011 | Nov 2011 | Oct 2011 | Sep 2011 | Jul 2011 | Jun 2011 | May 2011 | Apr 2011 | Mar 2011 | Feb 2011 | Jan 2011 | Dec 2010 | Nov 2010 | Oct 2010 | Sep 2010 | Aug 2010 | Jul 2010 | Jun 2010 | May 2010 | Apr 2010 | Mar 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 |Thu, 30 Sep 10
An Interview with Anonymous
http://pandalabs.pandasecurity.com/an-interview-with-anonymous/
Over the past few weeks I have been investigating the Anonymous DDoS assault against media authorities around the world. This small, but vocal Internet community launched an attack campaign called “Operation Payback”, which targeted DDoS attacks against various companies and agencies who support the anti-piracy lobby. This attack, provoked by a similar attack carried out [...]
Wed, 29 Sep 10
LinkedIn Spam Campaign
http://pandalabs.pandasecurity.com/linkedin-spam-campaign/
We’ve noticed a significant increase in realistic looking LinkedIn reminder spam e-mails over the past week.The e-mail appears to arrive from messages-noreply@bounce.linkedin.com on behalf of LinkedIn communication [communication@linkedin.com] and is an exact copy of the official LinkedIn reminder e-mail.Hovering over the link show us that the spam e-mail is attempting to direct us to a [...]
Wed, 29 Sep 10
Virus Bulletin 2010 – Vancouver
http://pandalabs.pandasecurity.com/virus-bulletin-2010-vancouver/
This week is taking place one of the main antivirus related conferences: Virus Bulletin. Hundreds of people, from different security companies, antivirus testers from around the world, people from law enforcement, universities, big companies, etc. are meeting in the beautiful city of Vancouver, in Canada. The keynote will be given by my colleage Nick Bilogorskiy, [...]
Wed, 22 Sep 10
OnMouseOver XSS Vulnerability on Twitter
http://pandalabs.pandasecurity.com/onmouseover-xss-vulnerability-on-twitter/
This morning we observed a Cross Site Scripting (XSS) attack taking place on Twitter. This particular vulnerability took advantage of the onmouseover function in JavaScript, which works by executing JavaScript code by simply moving your mouse over some text.The following status updates were observed, causing unsuspecting user feeds to fill up with images of rainbows:After [...]
Sat, 18 Sep 10
4chan Users Organize Surgical Strike Against MPAA
http://pandalabs.pandasecurity.com/4chan-users-organize-ddos-against-mpaa/
The users at 4chan, a popular image board responsible for many Internet memes such as the Rickroll, lolcats, and the “Anonymous” assault on the Church of Scientology, publicly announced a coordinated DDoS attack against the Motion Picture Association of America in retaliation for the hiring of an Indian based software firm, which carried out similar [...]
Tue, 14 Sep 10
“Here you have” worm attack could have been lauched from Spain
http://pandalabs.pandasecurity.com/%e2%80%9chere-you-have%e2%80%9d-worm-attack-could-have-been-lauched-from-spain/
Last Friday, Sean-Paul published a blog post talking about a worm that was been distributed over a brief 24 hour period. The worm known as “Here you have” was the 2nd variant of a worm, which appeared more than a month ago, and one of its characteristics was that the from address in the message [...]
Sat, 11 Sep 10
“Here you have” worm linked to cyber jihadists
http://pandalabs.pandasecurity.com/here-you-have-worm-linked-to-electronic-jihadists/
A worm collectively dubbed by the security industry as the “Here you have worm” has been making its way onto corporate networks over the past 24 hours. The worm arrives via e-mail using the subject line “Here you have” or “Just For you“ along with an executable disguised as a PDF file. The worm is [...]
Thu, 9 Sep 10
Malicious Search Suggestions with Google Instant
http://pandalabs.pandasecurity.com/malicious-search-suggestions-with-google-instant/
Google just released its brand new search technology labeled “Google Instant,” which works by dynamically accelerating search results as you type into the Google search box. Google Instant essentially predicts what users will type and rapidly makes suggestions on which search term is most relevant to what is being typed in real time.So what? Well, [...]
Fri, 3 Sep 10
We are good at finding names
http://pandalabs.pandasecurity.com/we-are-good-at-finding-names/
We have received this file today. Rogue creators are spending less time creating interface and spending more time to find a new name.
Malware name: Adware/MySecurityShield
VirusTotal
File name: 622ed7d54cbeb06ef977ee111e2b97ddf3f78dd5
Submission date: 2010-09-02 16:09:43 (UTC)
Result: 24/ 43 (55.8%)
Domain List
report.countdom.net
update1.best-pc-guardever.com
update2.safe-your-pcnow.net
Domain Owner
Registrant Contact:
UIS
Garritt Kooken gkook@checkjemail.nl
+86.592257788 fax: +86.592257788
Rue de Virton 237
Evegnee Evegnee 11111
in
Screenshot
The sample we received today:
Sample appeared in April (from malwaredatabase.net)
Fri, 3 Sep 10
Chilean miners tragedy used to distribute malware
http://pandalabs.pandasecurity.com/chilean-miners-tragedy-used-to-distribute-malware/
We want to warn you of a Banker Trojan that is using the news of the miners trapped in Chile to be distributed and infect users. It has been detected as Banbra.GUC.The malicious file reaches the computer with the following icon:When this file is run, the Internet Explorer browser is opened showing a Youtube video [...]
Thu, 2 Sep 10
Mariposa: the Slovenian story
http://pandalabs.pandasecurity.com/mariposa-the-slovenian-story/
Some weeks ago it was announced that the Slovenian police had arrested some individuals who were responsible for selling the bot that was used to build the Mariposa botnet, whose creators were also arrested in Spain last March. Many confusing news have appeared since then, but thanks to Peter Lovšin, who has been really helpful, [...]