Saturday, April 5th, 2008
This afternoon, we got a highly customized email purporting to come from the IRS, which of course, does nothing more than load malware.
The email is made out to a key financial contact here at Sunbelt (name obfuscated for this post).
As you can see, it’s quite convincing. (Incidentally, “Sunbelt Software Distribution, ...
Posted in Internet, Privacy, Security | No Comments
Friday, April 4th, 2008
We have been noticing quite a few malware samples having references to or communicating with Google's SMTP servers. This post dissects one of these samples and in the process attempts to illustrate to the reader some reversing techniques and information gathering techniques, while explaining the behavior and impact of this ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Thursday, April 3rd, 2008
New Additions
Target-Based support to allow rules to use an attribute table describing services running on various hosts on the network. Eliminates reliance on port-based rules.
Support for GRE encapsulation for both IPv4 & IPv6.
Support for IP over IP tunneling for both IPv4 & IPv6.
SSL preprocessor to allow ability to not inspect ...
Posted in Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Thursday, April 3rd, 2008
Spammers are once again using web bugs to verify the validity of of email addresses. This time the trick is not done with graphics but with digital certificates. Alexander Klink from German consultants Cynops has discovered a vulnerability in Microsoft products – or possibly in the Crypto API – that ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, April 2nd, 2008
Previous versions of Firefox had the option to block or allow 3rd party cookies removed from the GUI and completely hidden from view. You had to go to about:config and change the value of network.cookie.cookieBehavior to "1" if you wanted to block them, or keep it at it's default of ...
Posted in Internet, Privacy, Security, Software | No Comments
