Another great isc blog post

Video break

It does not matter what your opinion is, you just need to watch this. http://video.pbs.org/video/1946795242
Zeus code walkthrough – Part 4

Next we need to build our bot, and configure it. This is the zsb.exe file, point it at the config.txt. The IP address of the server will need to be set, and the key configured. For bonus points, you can use the zsb.exe to check if the host you are running it on is infected. But you will...
Zeus code walkthrough – Part 3

If all has gone well you should be able to get the install screen.
Uploaded with
Zeus code walkthrough – Part 2

If you are following at home you are going to need to install some webby stuff on your "server". I am going to use XAMPP. Also your machines are going to need to be able to talk, so make sure you are all setup. Using VMWare I setup a network that only the server and the machine that is...
Zeus code walkthrough – Part 1

I am going to step through the Zeus bot source code. I will start with the PHP stuff, which should be pretty light. There is about 44 PHP files to go over.
> find . -type f -name...
Zues packing list

So what was in the Zues rar? 7z.exe - Looks clean, nothing reported on it. bt.exe - Listed as suspicious but nothing specific by any vendor. upx.exe - Nothing reported. FASM.exe - Listed as suspicious but nothing specific by any vendor. php.exe - Nothing reported. zip.exe -...
More Mac fake AV stuff

Not to be left out

http://www.macrumors.com/2011/05/02/new-macdefender-malware-threat-for-mac-os-x/ You can now get your very own fake AV for your Mac. So far no one has reported anything deeply malicious, it just...
Surprised?

It's really nice to have someone that is truly honest. http://www.theregister.co.uk/2011/05/12/fbi_protects_isps/ That quote from the FBI agent will stay with me for a long time. This will be interesting to follow, I really think that information should be like this. I can see how a...