| |
|
 |
 |
.png) |
| |
|
| Commentary | You may have seen the Hacker Safe logo on some of the websites you've visited. The presence of the logo is intended to increase consumer confidence; the premise is that the site has been checked for remotely compromisable vulnerabilities. Unfortunately, groups such as sla.ckers have repeatedly succeeded in finding vulnerabilities on sites emblazoned with the Hacker Safe logo.
|
|
|
| |
|
The Evolution of MOver the last year, we have seen an explosive growth of IRC bots. New variants are emerging at the rate of almost 1000 a month making IRC bots the most prevalent Win32 threat in the wild. Their modular design and open source nature has allowed them to thrive, outwitting many signature based antivirus products simply due to the vast numbers of variants being produced.
This paper will examine the core features of popular IRC bots and track their evolution from a single code base. This analysis will demonstrate how many of the common IRC bots such as Agobot, Randex, Spybot, and Phatbot actually share common source code. In addition, interesting techniques utilized by specific variants will also be presented.
|
|
|
| |
|
A whole class of threats commonly known as adware and spyware has proliferated over the last few years with very few impediments. These programs are security risks that are typically used to gather marketing information or display advertisements in order to generate revenue. Not only are these threats far more widespread than traditional malware, but they also utilize techniques that are far more advanced than those used in traditional threats.
|
|
|
| |
|
This white paper explains why anti-virus software alone is not enough to protect your organization against the current and future onslaught of computer viruses. Examining the different kinds of email threats and email attack methods, this paper describes the need for a solid server-based content-checking gateway to safeguard your business against email viruses and attacks as well as information leaks.network against email threats
|
|
|
| |
|
What we can expect from worm authors in the coming months by David Sancho, Senior AV Research Engineer Trend Micro The current trend in worms seems to go the bot route. Bots-programs that operate as an agent for a user or another program-are most often seen as malware and keep attacking unsuspected users in surprisingly high numbers.
|
|
|
| |
|
In 1998 several anti-virus companies introduced heuristic scanning for 32-bit Windows viruses. As a result the number of anti-heuristic viruses is on the rise. In my paper I will introduce infection methods with special attention to the anti-heuristic infection techniques. I will also provide results achieved by testing old Win32 viruses and worms on Windows 2000. This provides a better understanding of the impact of old Win32 viruses on Windows 2000 and vice versa.
|
|
|
| |
|
On July 30, 2002, a security advisory from A.L. Digital, Ltd. and The Bunker disclosed four critical
vulnerabilities in the OpenSSL package. OpenSSL is a free implementation of the Secure Socket
Layer protocol used to secure network communications. It also provides cryptographic primitives to
many popular software packages, one of which is the Apache Web server.
Less than two months later, the Linux/Slapper worm successfully exploited one of the buffer overflows
described in the advisory and, in a matter of days, spread to thousands of machines around the world.
So far, Linux/Slapper is one of the most significant outbreaks on Linux systems. The worm could have
infected many more machines, but it intentionally skipped some private network classes, such as
10.0.0.0/8. As such, the outbreak will not spread on some local networks. The Slapper worm is similar
to the FreeBSD/Scalper worm, thus, the namesake.
|
|
|
| |
|
Virus-writers are using increasingly complex and sophisticated techniques in their bid to circumvent anti-virus software and disseminate their viruses. A case in point was the notorious Nimda virus that used multiple methods to spread itself and was based on an exploit rather than on the virus/Trojan behavior that anti-virus products typically search for. Anti-virus software, though essential, cannot combat such threats alone; an email exploit detection tool is also necessary.
|
|
|
| |
|
The hackers at sla.ckers.org are at it again, and this time they have found cross-site scripting (XSS) vulnerabilities on a dozen or so Websites emblazoned with ScanAlert's "Hacker Safe" seal. (See Hackers Reveal Vulnerable Websites and Two Vendors Deny XSS Flaws.)
|
|
|
| |
|
Add Ace Hardware, American Red Cross, GNC, HP, Johnson & Johnson, Nike, Northrop Grumman, Petco, Ritz Camera, the Red Cross, Sony, Sports Authority, World Bank, Yahoo, and Yankee Candle to the list of Hacker Safe-labeled Websites identified by sla.ckers.org as containing cross-site scripting vulnerabilities (XSS). (See 'Hacker Safe': Safe for Hackers.)
|
|
|
| |
« Start Prev
1
2
3
4
5
6
Next End»
|
|
|
