There are a number of vulnerabilities that are currently unpatched, but have working publicly known exploits for Excel (*2) and Internet Explorer (2 vulnerabilities here as well.) Proof of Concept code has been released for both the Excel and Internet Explorer vulnerabilities. This means, with the code publicly available, it won’t be long before it’s […]
Incidents.org had an entry in the last couple days on a malware infestation that was interesting and showed a couple things. 1) You can’t bet on antivirus to keep you safe (the initial installer was not detected by most AV vendors – suspicious by 1.) (If you think about it, this makes perfect sense – […]
There is a company (well, unfortunately, WAS a company) called Blue Security. They had an innovative approach to stopping spam. A small download essentially sent opt-out return emails that were junk back to the REAL spam sender (clever concept huh? bouncing to the person that REALLY sent the message… Of course what was clever here […]
There are a couple news stories about a McAfee SiteAdvisor report about the search engines responsibility for sites that distribute malware. McAfee said Friday that the epidemic of spyware and viruses could be linked to search engines. According to research from the company, even seemingly benign search terms could bring up sites loaded with nasty […]
The security fix has some news today on some bogus security software makers (the wolves in sheeps clothing as I tend to think of them…) Anyway, they’re settling deceptive trade practice chargers that were brought by the FTC. SpywareAssassin and Spykiller were facing a civil suit over their ads which invariably found infestations on a […]
This isn’t an earth shattering issue, but as I was looking into some other problems on a Windows XP Pro system, I noticed a HUGE blank space in the Add/Remove programs area of the control panel. It was something like this, there were several entries (10 maybe) and then a huge block of blank space […]
Microsoft has posted a security advisory (912920) on the previously reported “awakening” of the Sober worm, expected January 6th. Systems that are infected with Win32/Sober.Z@mm may download and run malicious files from certain Web domains beginning on January 6, 2006 Further they give the following note…. Send article as PDF
After my Windows 98 tests which failed to exploit the system with either the first or the second vulnerability, I started wondering how well the antivirus companies were doing in detecting this second exploit variation. I had setup and updated metasploit so I could test my Windows 98 SE install against the latest version of […]
OK, I mentioned that I infested a virtual machine with the current WMF 0-day exploit. First I should probably clarify. An exploit is a means of getting in to a system. The payload is the software that is installed. In the case of my experience there was a long list of pests installed. Given that […]
Well, I’ve just spent the better part of 6 hours (maybe a bit more) “sacrificing” a virtual machine to the zero-day Windows Meta File (WMF) exploit and all the malware that comes in. I picked one site from the sunbeltblog list to infect the virtual machine with and can attest to it being quite nasty. […]
Bookmark this site now by pressing Ctrl+D
