Aktuelle Nachrichten

TrustedSource

Following a bouncing Waledac
You know that your malware investigation day will be a pain when you reach the first iframe on the webpage… This one was pointing: iframe src=”http://[REMOVED].cn/in.cgi?[REMOVED] This iframe is a redirect to: http:// [REMOVED].hostindianet.com/index.php?[REMOVED] Now it gets interesting. This url contains a script that will send a PDF file, called readme.pdf. As an additional note, this pdf looks like part [...]

Breaking the Codec?
I ran across a new twist on the by-now well known FakeAlert series. Just in case you have been lucky enough not to have dealt with this malware, it goes roughly like this: You get an email from what looks to be a legitimate source, or visit a legitimate looking website that is offering the [...]

Cloud on the horizon
Guys from AV-Comparatives have just posted a new scanners’ review on their Web site - http://www.av-comparatives.org/comparativesreviews/main-tests: AV-Comparatives is a non-profit independent test organization based in Austria and they have been running comparative tests for many years but this last one in February 2009 was different for two reasons: Firstly, the criteria for getting awards were more stringent than ever. [...]

Patch Those Internet Printers
When I wrote a scanner plug-in this week for an old directory traversal vulnerability–CVE-2008-4419–I wondered whether there are vulnerable HP LaserJet printers online that can be controlled from the Internet. To find out, I used Google. The search listed almost 50 results, and I found that almost all of these printers are not patched, even [...]

McAfee Debuts ?Combating Threats? Series
McAfee Avert Labs will now produce more detailed documentation on prevalent threat families. The “Combating Threats” document series is designed to arm security staff within organizations with more information concerning prevalent threat families as well as to provide additional mitigation steps that can be taken. The first two documents in this series, “W32/Virut Family” [...]

Breaking News: Waledac Terror Attack in a City Near You
Users should always take care while surfing the Internet and reading mail, and today maybe more than usual: Another spam run from the Waledac botnet is on the loose, this time misusing the good reputation of the news agency Reuters. After the “President Inauguration,” “Valentine Scam,” and the “Economic Crisis,” this time the social-engineering trick [...]

Malware Again Attacks Ichitaro Word Processor
For years, the Japanese word processor Ichitaro has been attacked by malware authors exploiting flaws in the application. So it is no surprise that in the last week we discovered in the wild specially crafted Ichitaro document files exploiting a new vulnerability. This time, the crafted file (detected as the Exploit-TaroDrop.g Trojan) drops and [...]

Democrats.org Cans the Spam
Last week I blogged about how the community forum of Democrats.org was being abused to help manipulate Google’s search results; to lead people to malware.  It appeared that by the end of last week, Democrats.org began the cleanup process of removing all the bogus posts, which seems to have been completed as of this time.  [...]

Safe Mode: A Misnomer
Windows offers the useful option of ?Safe Mode? to recover from any damage caused by various malfunctions in the system. Booting in Safe Mode loads limited drivers and services that are required for the basic operation of the system, but avoids adding many extras that complicate the environment. In general, Safe Mode is very helpful [...]

Avert Passes Milestone: 20 Million Malware Samples
One month ago, my colleague Marius Van Oers posted a blog to announce the number of drivers in our DATs passed 500,000. Today, at McAfee reached another record: We received our twenty-millionth malware sample. In about 22 years, from 1986 to March 2008, 10 million samples piled up in our collection. In just the last 12 [...]