Security Corner:

Malware


February 10, 2009  3:02 AM

OpenDNS Service to Track and Block Conficker Worm



Posted by: Ken Harthun
Anti-malware, Conficker, Cybercrime, Malware, OpenDNS, Security, Worm

With some estimates placing the number of computers infected by the Conficker worm at 10 million or more, Conficker has the potential to become one of the biggest botnets ever. Given that many system administrators probably don't...

January 30, 2009  4:23 AM

“Victim” of Cybercrime Found Searching for Illegal Porn



Posted by: Ken Harthun
Anti-malware, Cybercrime, Malware, Trojan

Talk about irony. You get infected by a cybercriminal's illegal bot (Ozdok/Mega-D in this case) which takes a screen shot that shows you searching for illegal underage porn; then, security researchers get hold of some screen shots from the bot's command and control (C&C) server; while going...


January 23, 2009  2:15 AM

Will They Ever Learn to Patch?



Posted by: Ken Harthun
Malware, Opinion, Patch management, Security, Security bulletin, Zero-day vulnerability

The latest mass infection to hit the Internet is the Win32/Conficker/Downadup Worm, estimated to have already infected between 500,000 and 8.9 million PCs, depending on whose numbers you believe. This is astounding, considering that the worm exploits a vulnerability in Windows that Microsoft


January 17, 2009  3:27 AM

Software for Secure Computing: Exploit Prevention Labs Link Scanner



Posted by: Ken Harthun
Anti-malware, Cybercrime, Exploits, Malware, Secure Computing, Security, Vulnerabilities

With cybercriminals now actively poisoning search results and legitimate websites--unbeknownst to the webmasters--you can't be too careful when clicking on links. Take a look at this video library presented by


December 30, 2008  8:33 PM

CastleCops Shuts Down Operations



Posted by: Ken Harthun
Malware, Phishing, Security

CastleCops, the largest and most effective volunteer security community on the Internet, has shut down operations. Their website has this announcement posted:

You have arrived at the CastleCops website, which is currently offline. It has...


December 12, 2008  9:44 PM

Internet Explorer Targeted by Zero-day Attack



Posted by: Ken Harthun
Critical update, Firefox, Internet Explorer, Malware, Opinion, Remote Code Execution, Security, Security bulletin, Vulnerabilities, Zero-day exploit, Zero-day vulnerability

Even though Microsoft released the biggest batch of patches ever on Tuesday--28 flaws affecting Windows, Office, Internet Explorer, Visual Basic Active Controls and Windows Media Player, 23 of them rated “critical”--there's no fix for a zero-day XML parser vulnerability that surfaced the same...


November 30, 2008  4:21 PM

An MBR Tool to Combat Mebroot



Posted by: Ken Harthun
Anti-malware, Anti-virus, Malware, Rootkit, Security, Trojan, Virus

Assuming you or your client is not already infected with Mebroot, there's another tool you can use to easily recover in the event of an infection: MBRtool 2.3 from DIY DataRecovery. MRBTool is a freeware DOS program designed to backup,...


November 29, 2008  12:39 AM

F-Secure Claims BlackLight Will Remove Mebroot (Sinowal)



Posted by: Ken Harthun
Anti-malware, Anti-virus, Malware, Rootkit, Security

Happy Thanksgiving and good luck surviving Black Friday! I've been using F-Secure's BlackLight Rootkit Eliminator ever since it was first released in early 2005. It's a solid tool and has saved me from having to completely reload a...


November 25, 2008  10:11 PM

Phony Security Software Cleared from 1 Million PCs



Posted by: Ken Harthun
Anti-malware, Cybercrime, Malware, Scam, Security, Trojan

According to Microsoft, the November release of its Malicious Software Removal Tool (MSRT) removed the phony security software, Win32/FakeSecSen, from 994,061 distinct machines in just nine days:


November 20, 2008  5:41 PM

Super-Trojan Sinowal/Mebroot: Seven Ways to Protect Yourself



Posted by: Ken Harthun
Cybercrime, Malware, Microsoft Windows, Rootkit, Security, Trojan, Vulnerabilities

Sinowal, also known as "Mebroot" and "Torpig" to various antivirus companies, is a dangerous rootkit that uses the computer's Master Boot Record (MBR) as its...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: