Blog Posts Tagged with "infection"


Surviving Fileless Malware: What You Need to Know about Understanding Threat Diversification

October 13, 2017 Added by:Bogdan Botezatu

Fileless malware is completely different than file-based malware in terms of how the malicious code is executed and how it dodges traditional file-scanning technologies.

Comments  (0)


What Is Your Security Canary?

April 13, 2017 Added by:Jesse McKenna

Although traditional anti-malware approaches tend to focus on looking deep within each endpoint for suspicious activity, in the case of ransomware particularly, this equates to monitoring the coal miners and when an event happens, you’ve just lost a miner.

Comments  (0)


Fighting Code with Code

June 30, 2012 Added by:Jayson Wylie

Cleaning up some of the malware on the Internet could be accomplished by what I term as “White-Celled” code -code that can detect, remove malware from machines and then remove itself. The propagation can be Worm-like, initiated by scanned findings or a redirect on the footprint of an attack source...

Comments  (1)


Over Ten Percent of Fortune 500 Still Infected by DNSChanger

June 29, 2012 Added by:Headlines

US-CERT "encourages users and administrators to utilize the FBI's rogue DNS detection tool to ensure their systems are not infected with the DNSChanger malware. Computers testing positive for infection of the DNSChanger malware will need to be cleaned of the malware to ensure continued Internet connectivity..."

Comments  (0)


Infosec: Too Many Questions

June 20, 2012 Added by:Wendy Nather

Does having one machine on a botnet at some point automatically mean that more nefarious things are going on besides just selling V1agr4 or perhaps DDoSing the Anonymous target of the week? This is the risk calculation that we need more data to perform, and it's one that the C-suite would really appreciate...

Comments  (1)


DHS Comments on DNSChanger Malware Deadline

May 09, 2012 Added by:Headlines

Please act now. The clean servers maintained by the private sector in coordination with the FBI will expire on July 9, 2012. Internet users who have the DNSChanger malware and whose IS) has moved them to one of the clean servers, may not have access to the Internet after this date...

Comments  (2)


Trojans Dominate New Malware Development Sampled

May 07, 2012 Added by:Headlines

In the first quarter of 2012 alone, six million new malware samples were created, following the trend of increasingly of previous years. Trojans set a record as the preferred category of cybercriminals for carrying out information theft, representing 80 percent of new malware...

Comments  (0)


Checking Your System for the DNS Changer Malware

April 23, 2012 Added by:Headlines

The deadline for for systems infected with the DNS Changer malware is fast approaching. Failure to rid a device of the malware prior to the July 9 deadline could result in loss of Internet connectivity. To see if your system is infected, simply visit the following website...

Comments  (0)


HP Releases ProCurve 5400 zl Switches Security Bulletin

April 13, 2012 Added by:Headlines

"A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches containing compact flash cards which may be infected with a virus. Reuse of an infected compact flash card in a personal computer could result in a compromise of that system's integrity..."

Comments  (0)


US CERT Advisory on DNSChanger Malware

February 27, 2012 Added by:Infosec Island Admin

US-CERT encourages users and administrators to utilize the FBI's rogue DNS detection tool to ensure their systems are not infected with the DNSChanger. Computers testing positive for infection of the malware will need to be cleaned to ensure continued Internet connectivity...

Comments  (0)


Stealth Code for New Mutation of PHP Bot Infector

February 21, 2012 Added by:Brent Huston

I found a new mutation of a PHP bot infector, with zero percent detection by AV software. When I decoded the PHP backdoor I got 17 AV hits on it. This leads to the question about evasion techniques and how effective anti-virus applications are at doing code de-obfuscation...

Comments  (0)


System Compromise: What the Heck is a FeeLCoMz String?

February 03, 2012 Added by:Brent Huston

If you find those strings, they usually indicate other PHP scanners, worms or attack tools have compromised the system. Now, if you don’t find those, it does NOT mean the system is safe, the list of all of those relevant strings would be too large and dynamic to manage...

Comments  (0)


Report: Malware Creation Hit Record High in 2011

January 31, 2012 Added by:Headlines

The report attributes the increase to automation techniques being more widely used in the creation of malware variants - slightly altered signatures developed to foil anti-malware detection software. The report notes a sharp increase in the proliferation of Trojans...

Comments  (0)


Lilupophilupop SQLi Attack: One Million URLs Infected

January 05, 2012 Added by:Headlines

"When I first came upon the attack there were about 80 pages infected according to Google searches. Today, well as the title suggests we top a million, about 1,070,000 in fact - there will be duplicate URLs that show up in the searches. Still working on a discrete domain list for this..."

Comments  (1)


Malware Infection Rates – Who Has the Most Viruses?

December 07, 2011 Added by:Dan Dieterle

A look at the top viruses for each country shows a lot of cookie based viruses. Which may or may not be real viruses, but the rates are high none the less. But how does this compare to what other vendors are finding?

Comments  (0)


The Life of a Zero Day Worm

August 18, 2011 Added by:Javvad Malik

Given the number of devices currently connected to the internet, factoring in new devices that are being added daily, subtracting devices being removed, factoring in energy reserves and the possibility of a giant tsunami wiping out humanity, I have approximately 134.2 years to go...

Comments  (0)

Page « < 1 - 2 > »
Most Liked