New browser zero-day vulnerabilities announced.

06.29.2006 - 6:55 AM
As reported by SANS (http://isc.sans.org/diary.php?storyid=1448) two new IE exploit PoCs were released via the Full Disclosure mailing list Monday. <f...
Read more »

Anti-reverse engineering protection within Crimeware.

06.28.2006 - 1:44 PM
Earlier this week we presented at the APWG Summit in Brussels. As part of the "Crimeware Session -- Stalking an Automated Criminal Intelligence", we highlighted the increased use of anti-reverse engineering tactics by malicious code authors in the areas of Crime...
Read more »

What goes up must come down.

06.26.2006 - 12:52 PM
Last Thursday, June 22, we reported on a massive SPAM campaign that looked to ...
Read more »

Korean Bakery...not so sweet!

06.26.2006 - 12:31 PM
Websense&reg; Security Labs&trade; has discovered a malicious website that appears to have been either intentionally setup or compromised in order to download and install malicious code onto visitors machines without user-in...
Read more »

High volume "pump and dump" stock spam.

06.22.2006 - 7:13 AM
Over the last 24 hours our email honeypots have received an unusually&nbsp;large volume of spam emails that appear to be another stock "pump and dump" scam. The emails simply have the phrase "here is the document" and have&nbsp;an investor alert for a penny stock which is em...
Read more »

Microsoft France defaced, zero-day ?

06.19.2006 - 8:04 AM
It wasn't much of a fathers day for the sysadmins at Microsoft France as their website was hacked and defaced. Image from: http://www.zone-h.org/inde...
Read more »

Polish NY Knick fans beware.

06.13.2006 - 9:31 AM
The "official" NY Knicks polish website appears to have been compromised and is being used to send lures to Portuguese speaking people to downloa...
Read more »

Rootkit: malware discussions.

06.12.2006 - 12:09 PM
Recently&nbsp;there was a thread started on sysinternals.com malware forum by a poster named "gmer". The topic of this thread was the discovery of a new trojan backdoor that has been labeled by Symantec as Backdoor.Rustock.A. &nbsp; Two interesting aspects...
Read more »

Hacking for Dummies

06.07.2006 - 12:03 PM
This morning one of our honeypots was getting hit with a few dozen attempts to exploit a 18-month-old PHP vulnerability. Nothing new there, this happens all the time, but this latest barrage caught our eye because it was attempting to launch a unix mail client on the compromi...
Read more »

How much would you pay for exploit code?

06.07.2006 - 11:21 AM
Recently we noticed that the folks who are selling the popular Web Attacker Toolkit (see: <font face="Arial, Hel...
Read more »

More disaster fraud: Indonesian earthquake.

06.05.2006 - 11:10 AM
Over the weekend one of our spam traps received a number of emails requesting donations for earthquake relief. The email is spoofed and is from, what appears to be, a fraudulent sender. Unlike Hurricane Katrina and other frauds in the past, the attackers request that the recipient calls a telephone number to donate funds or emails them directly. They do not have a website which is up and running. The apparent fraud is mimicking a legitimate agency with their address but uses a different phone number and domain name. <font f...
Read more »