Hula All!
Back to blogging after a long time. Well, as the saying goes “Be late then never”
Back to Security world there are quite an important news around.
1. Gumblar.cn : This trojan is reported to be spreading rapidly using mainly the adobe vulnerability and other techniques. It captures your key logs, web traffic etc for any sensitive login credentials. Reportedly it mainly targets for FTP credentials. Then it infects the hosted site by injecting the malware download link into its html content. Scansafe has suggested a way of checking if your system is infected?? Good Read.
2. HPP: A subcategory of variable manipulation attack vector. Well, this is technique is not a new face to most of the security testers. Two researchers presented the details at OWASP, Poland. As per the presentation, HPP can be used to
Read more »
Application Security, Evil particles, Information Security, Network Security, Vulnerability Assessment | w0lf | May 28, 2009 | 
Comments (3)
adobe, gumblar.cn, HPP, http parameter pollution, IIS webdav, microsoft
Well this is an article written by me for Palaside -magazine. This is just a brief article (good for begineers) about basic stages of malware and virtual keyboard fight.
Ahaa!! Microsoft seems to be really pissed off by the impact of conficker worm that it has announced an award of $250000 for the arrest of its author. Conficker is the real latest worm that has badly hit millions of users using Microsoft Windows. Well good luck for catching the author but here I will mention some tips which can help in conficker arrest.
1. Admin access. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Also a study also found that eliminating Admin rights would have stopped or mitigated: Read more »
Hi All
Win32/Conficker.B is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives and weak administrator passwords. It disables several important system services and security products.Remember even one unpatched machine is enough to have this worm spread through the entire network.Ms08-67 worm is spreading infection over millions of computers.
http://www.f-secure.com/weblog/archives/00001579.html
Read more »
An article at Microsoft gives technical details of Worm:Win32/Conficker.A which is supposed to be in wild.
The details can be briefed as follows:
Read more »
Well this has nothing to do with Obama’s illegal links with underworld hacker community. But this has certainly to do with innocence of people w.r.t good security practices. Obama’s win has been used (rather misused) by hackers and Malware authors to social engineer people into clicking a link claiming to be a webpage containing details of Obama’s acceptance speech. But actually those webpages were some hacked websites used to distribute malicious rootkits
According to Mr. Singh the attackers had hacked into a well known travel site. It was then used to host an information-stealing Trojan Horse downloader file called ‘BarackObama.exe’. ‘BarackObama.exe’ executed and unpacked phishing kits locally..
Read more »
Just happened to come across this interesting article (PDF Format) discussing how in today’s world, we (BANK preferably) need to continue business with customers even though their systems are infected with different malwares. This paper discusses many of the best practices businesses can adopt for their Web application design and back-office support processes in order to minimize this growing threat, along with helping to reduce several of the risks posed with continuing to do business customers likely to be operating infected computers.
Read more »
