archives
March 2009

Psyb0t: varying the angle of attack

DroneBL, a site that tracks IP addresses that considered vulnerable to abuse that some sites use for its DNSBL (blocking list), blogged yesterday on the fact that it’s been subjected to a Distributed Denial of Service attack (DDoS), apparently by systems infected with malware going by the name of psyb0t. According to the blog, this

Adobe Patches & Communication

Well, Adobe are still not speaking to me: I’ve had no information about updates to address the recent Acrobat vulnerability/exploits to either of the addresses I subscribed to its Security Notification Service. (See PPPS below.) However, something positive is happening out there in the old clay homestead: updates have arrived for a machine on which

Virus Bulletin Anti-Spam Tests

Virus Bulletin have announced the results of a trial run of its new anti-spam product testing, where one product scored platinum, two scored gold, and two scored silver, based on their average scores in the test. However, you won’t actually get to know which products they were on this occasion: quite rightly, VB has anonymised the results

Fake AV Spam and Selling Free Software

[Updated after further investigation.] For the past few days, I’ve been seeing spam to one of my accounts offering me various bits of software. Nothing unusual about that, of course, but this one was better constructed than usual, and consistent, and I made a mental note to look more closely when I’m a little less

TinyURL and Anti-Spyware Toolbar

Further to our previous blog about the use of TinyURL to obscure malicious links, a family member drew my attention to a problem she was having with the TinyURL site. Every time she tried to access a TinyURL link, she got a page advertising security products. (She was using their free firewall.) It turned out, though, that this

Comodo Backs BBC against AV

The Tech Herald have brought it to our attention that Comodo, a security company who include an antivirus product in their range, have backed the BBC’s action in buying and exploiting a botnet for the Click programme’s story. This is clearly swimming against the tide – virtually all the mainstream anti-malware companies who’ve commented have

There’s more to Jacques Tits Than Meets the Eye

My good friend Righard Zwienenberg received one of these emails claiming that Jacques Tits wanted to register his company’s name. You can read of his experiences at http://norman.com/Virus/Blog/righard_zwienenberg/56117/en-us. I just had a little fun with the scammers. Righard strung them along for a while. It is an interesting read complete with email exchanges. My emails

Arggghhh Google

So far, Google’s response to my blog has been identical to the response you get from abuse@blogspot.com, except without the delayed and failed delivery notifications. Yes, I actually did get a delayed delivery notification from the email I sent to abuse@blogspot.com, and then later a delivery failure. I suspect that from Google’s perspective there is

About The Domain Scam, etc.

A few Days ago I posted a blog titled “The Tits Alternative”. As it turns out, I was not the only one to see this scam. Trefor Davies, the CTO at Timico wrote a post about this also at http://www.trefor.net/tag/domain-names/ If you search for “Jacques tits” AND “Domain” you will find this scam has also

Excel Exploit

There was a comment posted today on an article on the SC Magazine site from someone who seemed to think we were talking up an obsolete exploit. He seems to have been thinking about this one: "Microsoft Security Bulletin MS08-014 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)". (Which fixes this issue,

Support Requests

Just a reminder that we can’t usually handle support issues here. Not that we want to be unhelpful, but the Research team simply isn’t resourced for that sort of work. Someone just posted a problem they had with V.4 here, and I mailed them back, but the message bounced, so I’ll summarize here. As it

BBC Botnet: Another View or Two

And still the controversy rages: several people have pointed out that it’s unlikely that the PCs in the BBC’s botnet are all in the UK, suggesting that there could be additional legal issues relating to other jurisdictions. The H reiterated the point that Ofcom regulations state that payment shouldn’t be made to "convicted or confessed

Urban Legends

Oh, no, I hear you say, not another hoax? Not exactly. Not directly connected with chain letters, anyway. But if you do happen to share my fascination with 20th/21st century mythmaking, you might be amused for a minute or two by a quiz here addressing the truth or falsehood of some common myths Depressingly, given my

The Strange World of Twitter

A number of people have found my Twitter account and asked to "follow" me (that is, receive my micro-blog messages). I have it set up so that no-one can follow me unless I approve the request first, and since the account was set up specifically for work purposes, I normally only approve co-workers. Most of the others,

Is it Safe? – Book Review

Still trying to catch up with blogs previously promised. I did say that I might review Michael Miller’s book "Is it safe? Protecting your computer, your business, and yourself online", and indeed I did. However, the review was published in this month’s Virus Bulletin (March 2009), so I can’t use it here. Here’s a somewhat

When is a Hoax not a Hoax?

Embarrassingly, I keep catching myself promising to come back to a topic and never getting round to it, however often I try to blog here. (The server is gradually filling up with my half-completed drafts!) There are just too many interesting things happening and not enough time to record them all here – this isn’t, after

BBC Botnet Revisited

[update] Commentary by Larry Seltzer for eWeek:   http://www.eweek.com/c/a/Security/The-British-Botnet-Corporation-324874/ I don’t promise that this is my last word on the subject, but, having now seen the full Click programme and the BBC’s response to some of the criticism they’ve received, I found I had a few more things to say on the topic. If you aren’t

Google – The Pirate’s First Mate

When it comes to software piracy, it is hard to find a more complicit, competent, and friendlier ally than Google, assuming you are a pirate. Google owns the popular blogging site “Blogspot.com”. If you want to know how to illegally gain access to software, blogspot is probably one of the premier resources on the internet

More on the BBC’s Botnet

Update: several nice, thoughtful blogs on the subject from John Graham at http://john-graham.me.uk/. International law firm Pinsent Mason’s Struan Robertson seems to agree (at least in part) with commentatory in the security industry that the BBC have broken the UK’s Computer Misuse Act. Robertson, focused on the Click program’s unauthorised access to 22,000 bot-compromised PCs in order to

BBC Controversy: Click Fraud?

I spend so much time on this blog, that I’ve been neglecting the other blogs I’m supposed to contribute to from time to time (including my own, though I’ve just started to put some papers up there – more about that later). However, as the issue with the BBC’s possible breach of the UK’s Computer

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.