Thursday, March 27th, 2008
The Honeynet Project has released a new freebie honeypot client tool that lets security pros and researchers automatically detect and dissect bot infections and other malware attacks on client machines.
Capture-HPC v2.1 is an updated and enhanced version of the Honeynet Project’s high-interaction Capture-HPC client honeypot, which the organization last year ...
Posted in Internet, Networking, Privacy, Security | No Comments
Thursday, March 27th, 2008
A couple of weeks ago, we received a CHM, or Windows Help file, embedded in e-mail as part of a targeted attack campaign against an NGO. Virus detection was near zero. On Virustotal.com, two solutions actually flagged it as malicious.
After decompiling the CHM file, which you can easily do using tools ...
Posted in Coding, Internet, Privacy, Security | No Comments
Thursday, March 27th, 2008
While there might not be new malicious threats under the sun, there are plenty of new ways to spin old virus attacks. Trend Micro researchers discovered last weekend a new variation of a MBR rootkit released in the wild, which contains new technology to prevent detection. When combined with Web ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, March 26th, 2008
winlockpwn is a memory analysis tool released by Adam Boileau of storm.net.nz. This utility exploits firewire's direct memory access. The operating system allows firewire devices to directly read/write memory without having to go through the processor. Sounds handy right? I installed winlockpwn on Ubuntu 7.10 and a fully patched Windows ...
Posted in Internet, Linux, Privacy, Security, Windows | 2 Comments
Wednesday, March 26th, 2008
The Mozilla project is distributing version 2.0.0.13 of its popular open source Firefox browser. This release fixes several critical vulnerabilities which could be exploited by attackers to inject malicious code or fake page content.
The browser's JavaScript engine contains several of the security vulnerabilities. Due to incorrect processing, attackers can execute ...
Posted in Internet, Linux, Privacy, Security, Software, Windows | No Comments
