You are currently browsing the category archive for the ‘malware’ category.

stalkdailyA few reports came out of a possible new Twitter virus making the rounds that will spam, err, tweet  “Dude, is awesome. What’s the fuss?” if you happen to visit the “booby-trapped” website.

But the truth is, nobody seems to know what is the cause of the auto-tweet and updated its website which I posted here.

However, I did a quick check on the site, no iframe whatsover, so, the mystery is yet to be solved. It is more likely that someone has hacked into Stalkdaily’s Twitter account and uses it to spam its followers.

Well, I am not surprise that with Twitter’s growing popularity, we shall see more hackers targeting it with spam or copy-cats and even Twitter-squatting, I guess, that’s the price you pay when you get popular.

One quick tip though, never login to your Twitter account when you are not using it and don’t auto-save the password as well.


Leslie Stahl of 60 Minutes host this segment about Conficker, titled “The Internet is Infected.” You can watch the video below, which at the end of the segment, shows some footage of teen Russian hackers, as young as 14 years old ripping off Americans.

How do you know if your PC is infected with Conficker? If you tried to browse to Microsoft or Symantec and you can’t, that is one symptom that your PC has Conficker.  Joe Stewart came out with a Conficker Eye Chart, which will explain which variant of Conficker may have infected your PC or it’s a false alarm.

This WindowsSecrets article is very comprehensive on removing and preventing Conficker, great write up.

Vodpod videos no longer available.

Tipping Point tweeted some amazing development as one hacker after another managed to hack all three browsers that were patched to the tilt with the latest patch there is.

Safari was hacked in seconds by Charlie Miller and a German hacker known only as Nils managed to hack all three browsers, unheard of in the history of Pwn2Own contest.

So with the new bug uncovered, will Microsoft delay the release of Internet Explorer ver 8 RTM supposedly scheduled on Thursday noon, US time?

Update 01: Microsoft officially announced availability of IE8 RTM for download. Typical of Microsoft, security is never a priority over product launch date. If Microsoft is serious of security bug on IE8, it should have delayed the launch, get it properly fixed and announce a new date for the launch. A few days of delay wouldn’t hurt, in fact, it gives Microsoft more credibility that its serious when comes to security.


Recently BBC’s Click program got itself into a dicey situation when it showed a program of how it went and procured a botnet and later demonstrated how hackers use the botnet to do their dirty deeds, in this case, spamming and distributed denial of access (DDOS).

And not just that, at the end of the program, Click also modified the wallpaper of those infected PCs to inform the owner that their PCs were part of a botnet, which means their PCs are zombie PCs, effectively being control by hackers.

It’s all done for the good intention of educating the public and raising the awareness of the danger of the Internet, however, many security practitioners cried foul that by modifying the wallpaper act itself, Click has over stepped the boundary and broke the Computer Misuse Act.

Come to think of it, the scandal did bring in the publicity and Click succeed in generating the attention it wanted after all, but at what cost?

Update 17 March: Guest blogger Roel Schouwenberg tears apart BBC’s defense in Zero Day entitled “BBC  botnet buy: What were they thinking.”

Watch Symantec’s video on botnet below.

adobe01Adobe managed to get the update out a day ahead of schedule which is great because the problem with the pdf bug seems to be getting worst by the day.

On the same day itself, US-CERT published an advisory of a new attack vector discovered by Didier Stevens that require no user intervention to trigger the attack. Also you can read more about it here in DarkReading.

Basically, both said the same thing, all it is required is the Windows Indexing Service and Acrobat 9 to trigger the attack when the PDF file that is loaded with the bug gets triggered by the indexing process.

adobe_updateYou need to download and install the entire package to get to version 9.1, which is puzzling because, there is an update function in version 9.0, which can be configured to check for updates on regular basis but it’s not being use as another channel to push the fix.

I would have thought Adobe would have preferred to use this method instead of asking users to download the entire package.

Not automating this process makes it harder to get the fix out there quickly and rate is lower as well. Maybe Adobe should start following what Google and Firefox did for their software, continuous background checks and self-update.

Another major concern is how many other applications out there today that have embedded Acrobat Reader? Usually, this application requires Acrobat to generate PDF files as an output of its reporting tool.

These companies need to start thinking of releasing their own updates of Acrobat, where one company I know have an Acrobat version stucked at version 4 and never seen a patch since year 2000.

Update 01:

adobe_internetAdditional security measures can be configured to not allow PDF files to connect to the Internet.

Go to Preferences, Trust Manager & Internet Access from PDF files outside the web browser, click Change Settings.

Update 28 March: Qualys Inc. reported that 2 weeks after Adobe releases Acrobat patches, less than 10% of users bother to patch them.


July 2018
« Apr    

Blog Stats

  • 1,702 hits