Wednesday, May 7th, 2008
A loyal ISC reader, Rob, wrote in to point us at what looks to be a SQL Injection worm that is on the loose. From a quick google search it shows that there are about 4,000 websites infected and that this worm started at least mid-April if not earlier. Right ...
Posted in Coding, Internet, Privacy, Security | No Comments
Thursday, May 1st, 2008
As if computer viruses and worms aren't enough of a nuisance, malicious hardware, which will be much more difficult to detect, could soon become a threat too.
Today, computer viruses, which are programs downloaded either as an email attachment or when someone visits a website, are responsible for most computer attacks. ...
Posted in Hardware, Internet, Privacy, Security | No Comments
Monday, April 28th, 2008
The notorious Rock Phish gang has added a new twist to its phishing exploits that doesn’t require its victim to visit a malicious Website -- instead, it just loads a malicious keylogging Trojan onto the victim’s machine that steals information or credentials.
Both Trend Microand F-Secure over the past few days ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, April 23rd, 2008
Malware authors will often have their files display something to the user so that they actually believe the file is legitimate. Many of us have experienced such tricks, including fake errors stating that a specific file could not be found or that the application failed to load properly. Today we ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, April 23rd, 2008
The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P', automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P'. In this paper, we propose techniques for automatic patch-based exploit generation, and show that our ...
Posted in Coding, Linux, Security, Windows | No Comments
