Irregular Expressions:



August 26, 2012  10:49 PM

What Is The Gauss Payload?

Posted by: Dan O'Connor
exploits as munitions, Gauss, malware, malware analyzing, malware engineering, Stuxnet, stuxnet source code

If you have not seen this yet, Gauss is something that appears to have come out of the same labs or workshop as Flame and Stuxnet. This specifically seems to be targeted against the financial industry in the middle east. Here is a Guardian article with some excellent information;

August 21, 2012  12:35 AM

Posted by: Dan O'Connor
backdoor, malware, malware analyzing, malware engineering, remnux, trojan

I picked up another similar listener to the Groupon one the other day. This again is an attached ZIP file with an exe inside. It says its from depending on your font the i will look like a L. The exe looks like it has been reused but I don't see any mention of it's original file...

February 14, 2011  12:02 PM

The problem with mischief

Posted by: Dan O'Connor

This is an issue I have with casual and even malicious malware, in the majority of cases the goal of this software is to steal money or identities. But when this software gets onto a network that does something that lives depend on, it's a pretty big...

November 30, 2010  5:01 PM

Stuxnet specifics – Part 2

Posted by: Dan O'Connor
malware, Stuxnet

So what else did it have? Two command and control servers, both were gone with-in 24 hours of the worms discovery. During the initial release of the information the sites carrying the information came under a denial of service attack for 24 hours so who every was running the network had...

November 30, 2010  4:50 PM

A few more Stuxnet specifics – Part 1

Posted by: Dan O'Connor

So I have been doing a little more reading about stuxnet and I have some interesting details that I have collected. What is known is that stuxnet has the ability to jump between machines using removable media. If you read in to that, it makes you think that what ever it was targeting was...

November 27, 2010  12:38 AM

New ATM skimming in EU

Posted by: Dan O'Connor
atm, malware, mp3

This is some pretty creative stuff with a mp3 player although the link is kinda vague on any details about anything really. The shimming attack also mentioned sounds very neat, but again a lack of...

March 18, 2010  8:54 PM

Protecting system state

Posted by: Dan O'Connor
malware, sandboxie, system state

Sometimes you need to run an application that you really just don't know what it will do to your system. This is a great utility to sandbox your application, the running application will think that it's editing the system but you have the ability to delete the contents of the sandbox and revert...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: