Archive for malware

You are browsing the archives of malware.

An Evil Index for AI

The article below is not about Artificial Intelligence (AI). But it is about the ethics of algorithms that are likely to be used as building blocks in developing AI. Algorithms use decision trees to function and if the decision points embed a bias, the results are likely to be biased. If the subset of data […]

NSA APT? – “THE EQUATION GROUP”

Kaspersky Lab uncovers online spy tools with potential NSA connections – [youtube.com] Equation Group: The Crown Creator of Cyber-Espionage – [kaspersky.com] For several years, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been closely monitoring more than 60 advanced threat actors responsible for cyber-attacks worldwide. The team has seen nearly everything, with attacks becoming […]

Stuxnet Advanced Attack

Stuxnet appears to be one of the most sophisticated cyber attacks ever detected. The size and scope of the effort required to launch the attack leads analysts to suspect it came from a national security cyber team with tremendous resources. And the target may have been the SCADA control systems inside the Bushehr nuclear plant […]

DLL Hijacking

DLL hijacking vulnerabilities – [sans.edu] For the last couple of days there have been a lot of discussions about a vulnerability published by a Slovenian security company ACROS. HD Moore (of Metasploit fame) also independently found hundreds of vulnerable applications and, as he said, the cat is now really out of the bag. In order […]

How Botnets Are Built

A Botnet is a collection of many computers that have been compromised by an attacker and are being used surreptitiously for some purpose usually related to cybercrime. Botnet Methodology: Compromising Systems Email with infected attachment or link to infection site Website with infected code Other protocols: IM, IRC, FTP, P2P, twitter, and more… Controlling the […]

AV Bypass Attack

An attack that can bypass Anti-Virus defenses has been detailed in a research paper by matousec.com. Matousec developed an engine called KHOBE (Kernel HOok Bypassing Engine) that uses an “argument switch” strategy, or SSDT hooking, to convince the AV scanner that everything is okay. KHOBE – 8.0 earthquake for Windows desktop security software – [matousec.com] […]

Kneber-Zeus

A trojan horse backdoor called “Zeus” is being used by a botnet named “Kneber” by researchers. This botnet has been operational for over a year and has compromised many organizations and collected a vast amount of data that was intended to be confidential. Hackers Mount New Strike – [wsj.com] Hackers in Europe and China successfully […]

2009 Security Report

Symantecs MessageLabs Intelligence 2009 Annual Security Report offers some very interesting information about the past year and assumptions about the near future of malware and other security threats. Here are a few teasers that should encourage you to read the entire report: 3.2.4. Command and Control: Mysterious Messages and Covert Channels In the 12-months since […]

Malware Evolution

This thoroughly researched paper by Dave Dittrich at the University of Washington, reflects on how malware and cyber criminals have evolved their techniques and activites over recent years. Hybrid combinations of penetration methods make it more difficult to defend against the malware and good use of social engineering increases the success percentage. Nugache in fact […]

Malware Hash Registry

Malware Hash Registry The Malware Hash Registry (MHR) project is a look-up service similar to the Team Cymru IP address to ASN mapping project. This project differs however, in that you can query our service for a computed MD5 or SHA-1 hash of a file and, if it is malware and we know about it, […]