VB Migration

Mindblown: a blog about philosophy.

  • Grum botnet’s command-and-control servers shut down

    Spam-sending botnet believed to be third largest in the world. International co-operation between a number of parties has led to all command-and-control servers of the ‘Grum’ botnet being taken down. The takedown gives a good insight into how these operations work, and how co-operation is essential: During the weekend, two command-and-control servers, based in the…

  • Thousands of websites infected with .htaccess redirect attack

    Various anti-detection methods applied. Thousands of legitimate websites have seen .htaccess files compromised and as a consequence have been used to serve the ‘Milisenco’ trojan, researchers at Symantec report. .htaccess is a configuration file used by a number of webservers, including the popular Apache server. It allows for decentralised management of the server and requires…

  • VBConnect: the Virus Bulletin conference goes social

    New tool aims to enhance conference networking opportunities. For many in the security industry, the Virus Bulletin conference is the highlight of their busy events calendar, and one of the most valuable aspects of the event is the opportunity to network with other industry members. Since the inaugural event in 1991, the VB conference has…

  • Flame worm one of the most complex threats ever discovered

    Malware possibly used for cyber-espionage. The jury is out on whether ‘Flame’ (also known as ‘Flamer’ or ‘Skywiper’) is ‘the most lethal cyberweapon to date’ as some have claimed , or just a highly complex and sophisticated piece of malware. But simply from looking at the volume of security vendors’ blog posts dedicated to the…

  • Microsoft to publish security bulletins in CVRF format

    Standard will streamline process of reviewing patches. Software giant Microsoft has announced that it has started to publish its monthly security bulletins in the CVRF format. CVRF, or Common Vulnerability Reporting Framework, is a standard developed by the Industry Consortium for Advancement of Security on the Internet (ICASI), which was founded in 2008 to address…

  • FBI warns against malware installed via hotel networks

    Malware poses as fake update of popular software. The FBI has warned travellers against fake software updates served through hotel connections which actually attempt to install malware. The agency reports that it has seen instances where travellers connecting to a hotel room’s Internet connection are presented with a pop-up of what looks like an update…

  • Android malware served via compromised websites

    Malware downloaded automatically, but requires user permission to be installed. Researchers at mobile security company Lookout have discovered a number of compromised websites that make Android devices automatically download (but not install) a malicious application. Drive-by downloads are a common threat to PCs and Macs: they are generally served through compromised websites and use unpatched…

  • PayPal spam leads to exploit kit

    Clicking on links leads to Blackhole rather than phishing site. Fake PayPal receipts were being spammed out this morning, with links leading to a version of the Blackhole exploit kit. The emails look like typical PayPal confirmation emails and suggest that funds have been sent from the user’s account. The supposed recipient of these funds…

  • Significant rise in malicious spam and phishing

    Over one quarter of malicious emails contain eight-year-old malware. Email security firm eleven has reported a significant rise in both malicious emails and phishing emails in the first quarter of 2012. In its latest quarterly report, the company says that while spam levels stayed more or less constant, the volume of emails with malware attached…

  • Android malware hides inside JPG image

    New LeNa variant no longer depends on rooted devices. Researchers at Lookout have discovered a new version of the ‘LeNa’ trojan for Android that does not require user interaction to gain root access to the device. A previous version of the trojan, which was detected last summer, depended on the device being rooted; a minority…

Got any book recommendations?

Get In Touch