Aug 24 2009 8:33PM GMT
Posted by: Troy Tate
malware,
bot,
command and control,
malware research,
information security,
threat,
vulnerability
If you haven’t recently kept up to date on the malware front, a recent article at DarkReading may come as a surprise to you. ALERT: Malware has become intelligent!
Rare Malware A Hint Of Threats To Come shows that malware has come a long way and has gained some significant intelligence to avoid detection. The article mentions that some attacks are more directed than broad. These attacks go at specific organizations and even specific data at those organizations. Once the data is collected, the malware can clean up after itself and disappear.
Other “intelligent” behavior seen by researchers includes command and control systems that can determine if a device is actually an owned bot or a researcher imitating a bot. In these types of cases, the command and control system can actually blacklist the researcher’s network range so it cannot intrude on the malware environment.
Quite intriguing stuff and this is what is really happening today! You should be familiar with this stuff if you manage a computer network and are responsible for security. Remember in secURITy - U R IT (you are IT).
Thanks for reading & let’s continue to be good network citizens!
Jul 24 2009 6:03PM GMT
Posted by: Troy Tate
wireshark,
ethereal,
network analysis,
bot,
data capture,
tutorial,
education,
Laura Chappell,
information security,
packet analysis,
packet capture,
network security,
Security
My favorite Bitgirl (Laura Chappell) is at it again in this 15 minute presentation. She came across a host on a network that appears to be infected with some bot application. Take a few minutes and watch and learn! Maybe you will see something you can use or better understand some odd behavior on your local network.
Analyze a BOT infected host using Wireshark Tutorial
Beware - there is a trick question in the presentation. Think hard… you probably know the right answer!
Thanks for reading & let’s continue to be good network citizens.
Jun 24 2009 6:24PM GMT
Posted by: Troy Tate
malware,
malicious software,
Security,
information security,
integrity,
availability,
trojan,
bot,
botnet,
registry,
antivirus,
anti-virus,
av
I don’t know about you but I do get frustrated when a white paper is advertised and it has little or no meat to it. Most times it seems like the whitepapers offered by vendors today are light marketing fluff with little substance to help IT folks do their job better.
I came across a whitepaper/research document today that will help you do your job better if you manage systems that may become affected by malware. This means anyone that uses a computer could get some use from this document and website.
Check it out today. The whitepaper does not require any registration (another pet peeve of mine - check out bugmenot for Firefox if registrations bug you too!). The whitepaper is titled SYSTEM CLEANING: GETTING
RID OF MALWARE FROM INFECTED PCS.
Thanks for reading and let’s continue to be good network citizens.