The insecurity paradox
2011-08-29
The formula here attempts to explain a paradox in security analysis:
If it is true that security is only as strong as its weakest link, why are not those who use insecur...
más >>
más >>
Seguridad proactiva para IT
- SandBox Information Center
- Malware Analysis Search
- Artículos sobre seguridad
- Blog de seguridad [EN]
- Nivel de amenaza [EN]
- Amenazas de virus actuales
- Tipos de malware [EN]
- Descripciones de virus[EN]
- Estadísticas de correo electrónico [EN]
- Libros, documentación técnica general, etc.
- Nuestra tecnología
Centro de seguridad
Lea las últimas novedades sobre seguridad de nuestros expertos
Temas de seguridad
Exploit analysis (7)
Debate sobre el malware (133)
Tecnologías móviles y wireless (30)
Problemas de confidencialidad (51)
Proyectos de protección (59)
Términos de seguridad (38)
Ingeniería social (65)
Asesoramiento de software (207)
Spam (11)
Mecanismos de propagación (109)
Tendencias y previsiones (151)
Ultimos artículos - Debate sobre el malware
An approach to an organization's risk factors (part 3)
In this third and final part of our article series about risk factors, we will examine Human attack factors and Physical factors.
An approach to an organization's risk factors (part 2)
The previous article discussed different procedures and systems that could be invoked in order to mitigate risk. In subsequent parts we will examine areas at risk, starting with Electronic factors.
An approach to an organization's risk factors (part 1)
The aim of this type of initial risk analysis is to identify potentially vulnerable points that may be exploited if they are not sufficiently secured.
Malicious images (codes)
The ease involved in creating QR codes that links to web pages implies that this will be a popular way to facilitate the propagation of malware for mobile devices.
BEAST (Browser Exploit Against SSL/TLS)
A successful attack is not particularly easy to carry out, as it depends on several prerequisites.
The importance of typing correctly
Computers do what they are told. This may result in consequences that are funny as well as dangerous.
Circumventing malware detection
Malware authors continue to pursue delivery mechanisms that can confuse different malware detection systems.
Combating fake antimalware
Coordinated efforts between experts/authorities against cybercriminals seem like the most efficient method for combating cybercriminals. Different experts and authorities are then able to focus on the part of the criminal chain that corresponds to their ability and expertise.
Diversification of attack vectors
Computer systems are becoming increasingly sophisticated and complex with components that are individually computerized. This increases the attack surface for cybercriminals, and represents a challenge for users and the security industry.
Mobile (in)security
The steps that private users and organizations can take to protect themselves, are quite similar in character to protection of traditional computers.
Targeted attacks: More "Bang for the Buck"
Since the cybercriminals seem to shift from randomly directed mass attacks to more focused attacks, the total volume of spam will decrease.
Plug mouse into the computer - be compromised
It is almost impossible to protect completely against a targeted cyberattack against an organization.
The profitable Pay-per-Install ecosystem
We shall in this article focus on the PPI ecosystem and how this is used for malware distribution.
The old dogs are still in learning mode
The web site (usually an infected site) that displays the message checks the browser visiting the site, and displays a warning message similar to the browser's real warning.
Dangerous images
Recent weeks have shown that images are used as a malware spreading technique; particularly images that appear after performing a Google image search.
The RTLO unicode hole - sequence manipulation as an attack vector
Do not rely on any file attachment or file on any device to be safe based on its file name.
Cybercriminals focus on new targets
Users of the operating system Mac OS X have so far been quite safe from malware infections compared to those who have chosen Windows as the operating system platform.
Microsoft's Coordinated Vulnerability Disclosure policy
As one of the largest companies in the software industry, Microsoft's policy will influence the way vulnerabilities are handled.
No access to your data unless...
Blocked access to important information - particularly if adequate backup routines are not in place - may be disastrous for the person who becomes the victim of ransomware.
The PlayStation 3 controversy - Anonymous enters the scene (UPDATED 2011-04-12)
Anonymous characterizes itself as a hive and a nest. One potential issue with such free structures is the potential for different actions that may conflict with each other.
Free music with an unwanted tune
Whenever malware authors find new vehicles to spread their malware, the probability for success increases immensely.
Spam botnet Rustock beheaded
Bots and botnets comprise one of the biggest threats to the Internet and its users. However, recent news report of a success story: beheading the spam botnet Rustock.
Shamelessly exploiting disasters
In previous security articles, we discussed the fact that cybercriminals use big events to spread malware. Not surprisingly - nevertheless disgusting - the recent events in Japan have inspired shameless exploitations by cybercriminals.
Malware targeting the finance sector's customers
In our security article last week, we discussed cybercriminals who targeted financial institutions in an indirect way. However, the major bulk of malware aimed at the finance sector puts the finance sector's customers at peril. One obvious reason is that the average end user's system presumably is less secure than the systems used by the financial sector.
PlayStation 3 security fully compromised
Sony's PlayStation 3 (PS3) has been viewed as one of the most secure gaming devices. Applications and games from other sources than Sony could not be installed and run on PS3, and a firmware update early in 2010 disallowed using other operating systems than the one set up by Sony. All this is now changed.
The year 2010 in a data security retrospective
December is the month to look back on the year that is coming to an end. We will attempt to sum up the situation seen from a security company's point of view. The most significant data security incidents to mention from the year are the sophisticated malware Stuxnet and incidents in the wake of WikiLeaks publication of U.S. embassy cables late November.
The ultimate surfing challenge: Avoiding web sites with malicious content
Some years ago it was an established "fact" that a computer could not be infected by malicious software by visiting a web page. But technology evolves quickly and some facts may change when new technology emerges. These days web pages are perhaps the most used propagation vector for malware.
Malicous cold calls with high success probability
According to a posting 15 November on the blog belonging to the UK based organization Get Safe Online, one in four UK web users have been targeted by so-called cold calls.
Communication consolidation or security nightmare
In recent months there have been lots of rumors about the upcoming email system closely integrated with Facebook. More detaileds about this have recently been disclosed by Facebook, and we will examine some aspects of the new offerings.
Safe crime
We have previously advocated the view that endpoint security is just one of several tools needed to accomplish secure environments. This article will examine one particular threat against the Internet community and discuss how it may be overcome.
Firesheep - an eye-opener or a tool for criminals
A little more than one week ago a new extension to the Firefox web browser was published. And it got attention for sure!
Hey, your computer is infected!
In a press release 25 October the Dutch High Tech Crime Team (THTC) of the National Crime Squad announced a successful takedown of a major botnet. 143 malicious computer servers were taken down from the internet resulting from collaboration with a Dutch hosting provider, the Dutch Forensic Institute (NFI), the internet security company Fox IT and GOVCERT.NL and the Dutch computer emergency response team.
Are security products losing the battle?
The product testing organization NSS Labs has recently published its test report for the 3rd quarter 2010 - test results for 11 antimalware products for consumers. The most interesting finding from this report is that the security products' performance have deteriorated compared to last year. In this security article we shall examine the implications of this.
Man-in-the-middle goes Mobile
The term Man-in-the-middle in a security context refers to an attack where someone/-thing is inserted between two endpoints and intercepts the communication between those. The intent is usually to obtain information and use this for illegitimate purposes. Recently the term Man-in-the-mobile, abbreviated as Mitmo, emerged.
A new generation of malware
Computer software evolves, and popular interpretation is to introduce new generations whenever fundamental changes arrive. If one looks at malware in the same manner, one may also classify different types into various generations.
DDoS war
Last week in our article "Ways to use botnets", we discussed among other issues, botnets for hire. One example we mentioned in our article was the company Aiplex Software, which was hired to try stop illegal distribution of copyrighted material.
Ways to use botnets
This article will not go in depth with regard to how the different botnets function technically. We shall rather examine some of the ways botnets may be used, study one successful method used for fighting this threat, and finally discuss the idea of botnets used for benign purposes.
Old dogs learn new tricks
Fake antimalware software has become an increasing problem for end users and corporations. The creators of these rogue applications are able to earn easy money and are constantly searching for new ways to exploit their victims. A new technique has recently been seen. We shall look at this in more detail in this security article, and attempt to point to some general considerations regarding this type of software and malware in general.
A plethora of malware for mobile phones to be expected soon (?)
In later years dangerous malicious software for mobile phones and other handheld devices has been predicted and expected by several analysts. Norman, however has traditionally been among those more reluctant in predicting that the explosion of if malicious software for mobile devices is imminent. In retrospective it seems safe to say that our view has proven correct (so far).
Exploits for .LNK vulnerability are growing fast (UPDATED 3 August)
Norman releases generic protection against the .LNK vulnerability for customers running NPRO 7.20. The automatic scanner will stop attempts to exploit the .LNK vulnerability, thus also proactively protect customers against both known and unknown malware. Customers running Norman Network Protection will also be protected against known malware using this exploit if executed from a network share.
The first part of 2010 - overview of security issues
In this Norman report on security issues during the first half of 2010, we will go through some incidents and tendencies. We will focus on those that Norman perceives as most important in these past six months.
Disclose information about vulnerabilities? Yes/No/When?
Last week a researcher from Google, Tavis Ormandy, posted information about and exploit code for a new vulnerability in Microsoft's help and Support center.
Reflections on the PDF vulnerability
Earlier this month we wrote about a vulnerability in the PDF specification that could be utilized to run malicious programs embedded in a PDF file. Proof-of-concept code was published, and it was expected that real-life malware that used this technique might appear soon.
Subscription to malware testing
The title may imply that this article is about subscription services for email checking, like Norman Online Protection. Rather not! This time we shall examine yet another way that criminal activity imitates legitimate business.
Scary technique utilizing functionality in the PDF specification
Exploitation of how applications handle files in the Portable Document Format (PDF) is one of the most used techniques to successfully create malicious software. Usually this is accomplished by utilizing vulnerabilities in the applications used to read PDF documents, like the very popular free program, Adobe Reader.
Cyber crime imitates legitimate business
We have earlier discussed the fact that cyber criminals are getting increasingly sophisticated in their attempts to succeed in obtaining illegitimate gain. We will now look into an example of how illegitimate businesses imitate legitimate.
Handling an infected computer as an infected human being
The RSA Conferences are among of the most important annual security conferences. This year's US conference was held in San Francisco 1 - 5 March. One of the speakers was Microsoft's Scott Charney, Corporate Vice President Trustworthy Computing. His speech covered several interesting topics, of which we will discuss one: the ability, usefulness and implications of treating infected computers in a similar manner as infected human beings.
Code injection
Code injection is a protection mechanism used by malware in order to avoid detection. The injector stores the malware as an encrypted resource, which it decrypts and injects into a running process. The injector may also contain various checks for virtual machines and system tools in order to hinder analysis.
W32/Zimuse
Zimuse is a family of worms that performs destructive overwrites of the Master Boot Record of disk drives on the infected system. If the current system date and time matches certain conditions, the worm overwrites the Master Boot Record of available drives with its own data. The worm will also try to delete some of the important files of the Windows Operating system. The file is run-time compressed using PECompact arrives on the system either as a standalone file (possibly from a malicious download or e-mail) or by infected removable devices (e.g., USB sticks).
Resumiendo 2009: predicciones para el año que se inicia
Diciembre es el mes en que habitualmente se echa un vistazo al año que acaba, y en este artículo intentaremos resumir la situación desde el punto de vista de una empresa de seguridad. La observación más significativa en materia de actividad de malware durante el año que pasó es que diferentes redes sociales se han convertido en un importante objetivo para los autores de programas maliciosos.
Vacaciones: la época preferida por los niños y ...los delincuentes
Los eventos y acontecimientos importantes, y en general todas las cosas que llaman mucho la atención, también dejan a su paso una estela de software malintencionado.
Complementos de aplicaciones: caldo de cultivo para el malware
En varios artículos sobre seguridad, se ha tratado el hecho de que los nuevos dispositivos multimedia y de comunicación son vehículos óptimos para la propagación de malware. En esta ocasión se examinará un tipo de aplicación que todavía no ha sido objeto de atención (supuestamente) por parte de los autores de malware ni por los críticos.
Producción de identidad maliciosa
El robo de identidad es un término que se ha convertido en algo familiar durante los últimos años. Hasta hace poco tiempo, lo más exótico ha sido la producción de identidad con fines maliciosos. Una nueva versión de Koobface hace eso exactamente de manera automática.
Numerosas cuentas de correo electrónico gratuito comprometidas
A principios de este mes, varias decenas de miles de contraseñas de entrada a cuentas gratuitas de correo electrónico de Microsoft (Hotmail), Google (GMail) y Yahoo se vieron comprometidas.
Desarrollo de malware con código fuente abierto
El desarrollo de código fuente abierto es un método de diseño, desarrollo y distribución de software que proporciona acceso práctico al código fuente del software. Se afirma que el uso del código fuente abierto tiene varias ventajas respecto a planteamientos más cerrados para el desarrollo del código fuente.
Servidores dedicados como parte de redes de robots (botnets)
En el artículo de seguridad de esta semana trataremos el empleo de un tipo específico de ordenadores, los servidores dedicados, como parte de una red de robots.
¿Herramienta pirata? ¿Aplicación de seguridad? ¿O ambos?
Nmap (Network Mapper) es quizá la herramienta de pirateo más famosa y utilizada que existe. Desde su debú en el otoño de 1997, esta herramienta programada por el seudónimo Fyodor (nombre real, Gordon Lyon), ha ayudado a numerosos piratas informáticos a recopilar valiosa información acerca de sus objetivos. Durante este verano se publicó la versión 5 de Nmap. Según Insecure.org, se trata de "la versión más importante de Nmap desde 1997".
Conversaciones telefónicas en peligro
Las escuchas telefónicas se suelen asociar a iniciativas de las agencias de seguridad nacional, organizaciones policiales con grandes recursos o detectives privados poco fiables. El caso podría ser distinto si las personas sometidas a vigilancia usan un sistema concreto para hacer llamadas telefónicas.
El malware en aplicaciones: un problema especial
Snorre Fagerland, analista de virus senior de Norman, escribió recientemente acerca del malware W32/Induc.A en nuestro blog seguridad. Se trata de un virus que infecta al lenguaje de programación Delphi. Como consecuencia, las aplicaciones que se crean con un entorno de Delphi infectado están también infectadas. Las repercusiones son muy interesantes, como vamos a ver.
Otra forma de usar Twitter
Este año hemos hablado de Twitter en varios artículos sobre seguridad. En esta ocasión nos vamos a centrar en un nuevo uso de esta red social: Twitter como elemento de una trama malintencionada.
Ataque contra los sitios de las redes sociales más importantes para detener a UNA persona
La semana pasada apareció en los medios de comunicación gran cantidad de información sobre un ataque contra sitios de redes sociales como Twitter, LiveJournal y Facebook, al parecer con objeto de detener a un blogger de Georgia.
El primer semestre de 2009 visto tras la óptica de seguridad
Ha llegado el momento en que resulta útil echar un vistazo al primer semestre de este año e intentar resumir la situación desde el punto de vista de Norman en tanto que empresa de seguridad.
Direcciones URL abreviadas: ¿buen o mal sistema?
Obviamente, la funcionalidad de direcciones URL abreviadas tiene sus méritos. No obstante, existen deficiencias y problemas que hacen que el sistema resulte menos seguro de lo que sería deseable.
Una fuente inagotable de dinero...
El título de este artículo sobre seguridad puede parecer el principio de un cuento de hadas que le contara un delincuente a su hijo. No obstante, una variedad de software malicioso (malware) que ha aparecido este año parece haber convertido el cuento en realidad para algunos…
Reconocimiento de los retos de Internet al máximo nivel
Hace años que distintas organizaciones dedicadas a la seguridad han advertido sobre los peligros que conlleva el uso de Internet, que afecta a los usuarios, a las empresas y al sector público. Lamentablemente no siempre se ha prestado a estas advertencias la atención que merecen. El discurso del presidente Barak Obama es, por lo tanto, un oportuno reconocimiento al máximo nivel político.
Está infectado. ¡No, no lo estoy!
Por consiguiente, los proveedores de programas de software de seguridad tienen la siguiente tarea: Detectar y eliminar tanto software malicioso como sea posible sin definir erróneamente el software benigno como malware. Lamentablemente, no es tan sencillo como parece.
Registro de nombres de dominio: un vector para la propagación de malware
Otros usos de los servidores web como propagadores del malware. El método aprovecha términos populares para inducir a los usuarios a visitar sitios web que son intencionadamente maliciosos.
GhostNet: una auténtica red de espionaje
Esta semana, la atención de los medios estuvo dirigida a un informe publicado el 29 de marzo en el Information Warfare Monitor (Canadá) titulado Tracking GhostNet: Investigating a Cyber Espionage Network (Seguimiento de GhostNet: Investigación de una red de ciberespionaje).
Hot stuff: Exploitable routers - a flash of the whole iceberg
A new type of malicious software has recently been getting some media attention. The most interesting part of this is the fact that the malware's targets are not traditional computers. Rather does this malware attack different types of devices, namely routers and modems.
Información sobre las amenazas "más habituales": ATLAS
ATLAS considera los ataques a los ordenadores desde una perspectiva global y ayuda a los usuarios a prever futuros ataques a la red. Para hacerlo, analiza datos recopilados por una serie de sensores.
Ingeniería social con un toque virtual
El tema de la ingeniería social, en sus diversas formas, ha sido un tema abundantemente tratado en nuestros artículos de seguridad. Esta vez la abordaremos desde un ángulo diferente, el tradicional, con un nuevo toque bastante inteligente.
¿Un problema de seguridad? ¡Perdón, equivocado!
Las organizaciones de seguridad libran una continua batalla contra los autores de software malicioso, intentando impedir que los usuarios finales sean infectados por material dañino. Tal como hemos dicho muchas veces, la cantidad de software malicioso se incrementa de manera exponencial y las técnicas para contagiarlo evolucionan continuamente. Obviamente, esto hace que la tarea de las organizaciones de seguridad sea cada vez más difícil.
Eventos DOS
El título de la información sobre seguridad de esta semana no se refiere a la celebración de ningún aniversario del antiguo sistema operativo DOS. Es otro de esos neologismos que surgen continuamente. Hay que buscar mucho para encontrar un sector en el que se inventen más palabras nuevas que en el de la seguridad informática.
No diga que no le avisamos
El tema de la necesidad de aplicar parches de seguridad a los sistemas operativos y aplicaciones ha sido abordado en varias ocasiones en nuestros artículos de seguridad. El último de ellos, Parches de seguridad: un problema de seguridad adicional, se escribió a finales de octubre de 2008.
Mobile phone threats - hype or (finally) truth?
So far there has been no really dangerous malicious software targeting mobile phones. The New Year 2009 started with a new, interesting threat to mobile phones, which may change this picture.
Navidades: una época de diversión, pero también de precaución
Los eventos y acontecimientos importantes, y en general todas las cosas que llaman mucho la atención, también dejan a su paso una estela de software malicioso.
Descarga de programas desde Internet: una actividad de riesgo
Internet ofrece una plétora de aplicaciones, películas, imágenes, textos... todos los contenidos digitales que puedan ocurrírsele (¡y otros que no!). Saber qué elegir entre tantas alternativas y oportunidades resulta difícil, y en diversos aspectos incluso puede ser peligroso. En este trataremos algunos de esos peligros.
Juegos en Internet - Nuevas oportunidades para los visionarios (sospechosos)
El uso del dinero que maneja en los juegos en línea ha sido tradicionalmente solo la cuota de entrada para comprar el propio juego (si no es gratuito). No obstante, en este artículo les demostraremos que esto ya no es así.
Lucha contra el malware en dos frentes
Recientemente hemos visto que algunos de los principales responsables del “lado oscuro” de la red han sido eliminados de Internet. La actividad de los virus maliciosos se redujo de inmediato, y en una cantidad sorprendentemente significativa.
Los fantasmas del pasado resurgen con las memorias USB
El uso cada vez mayor de las memorias USB y su capacidad de almacenamiento constituyen un importante problema para la seguridad.
Security patches - an additional security issue
There are some issues with security patches that in fact may render certain users more vulnerable. This apparent contradiction will be examined in this article.
Facebook: un vector cada vez más popular para la propagación de malware (software malicioso)
Han comenzado a surgir programas de software malicioso personalizados que utilizan Facebook y que están dirigidos a la comunidad de Facebook. Han aparecido diversos informes acerca de diversos tipos de malware, y seguramente aparecerán muchos más.
Clickjacking: ¿un nuevo peligro o un nuevo nombre innovador?
Pocas semanas atrás comenzó a circular un nuevo en las alertas de seguridad: "clickjacking". Desde entonces, algunas organizaciones de seguridad, (como US CERT), así como diversas agencias de noticias por Internet, han venido destacándolo como importante y nueva amenaza.
Servidores de Internet inseguros: la propagación del malware aumenta
Un nuevo vehículo de propagación se está haciendo cada vez más popular entre “los malos": los sitios web maliciosos.
El software malicioso, ¿el mejor sueño de un terrorista?
Los expertos - los autoproclamados y algunos otros - afirman a menudo que el software malicioso (malware) es la herramienta definitiva para los grupos terroristas.
Happy (?) anniversary, Malware!
Compared to the relatively innocent scheme of malware in the early age, it has changed into an activity for "geeks" that caused major problems for individuals and organizations, and further into an industry dominated by criminals.
“Spear phishing”: ataques dirigidos a una organización
Recientemente ha comenzado a aparecer una forma especializada de phishing y el término empleado para designarla es “spear phishing".
Cuidado con el gusano Stration
El gusano Stration, que se propaga a través del correo electrónico, está causando retrasos en la entrega del correo de muchos usuarios.
El cambio en el planteamiento de los creadores de programas malintencionados, “malware”, define nuevos retos para el software de protección
Durante los dos últimos años, los encargados de analizar las tendencias de la actividad malintencionada en Internet en general y del software maligno en particular han observado un cambio significativo.
"VISHING": la nueva tecnología reaviva las antiguas actividades delictivas
"Vishing" es el resultado de combinar los términos ingleses "voice over IP" (voz sobre IP) y "phishing" (derivado del inglés fishing, "pescar") y consiste exactamente en eso: el empleo del cada vez más extendido método de voz sobre IP con el objeto de engañar a alguien para que revele información personal con la intención de cometer fraude.
Imágenes no deseadas: una amenaza en aumento
El problema del correo masivo está aumentando más que nunca y los que envían estos correos lo hacen de forma cada vez más compleja. El número de correo masivo ha aumentado en más de un 40 % desde abril y la última forma de correo masivo es la denominada correo masivo de imágenes.
Look out for ransomware
Hackers that encrypt your files and demand money in order decrypt them are an increasing threat in the world of IT criminality.
ContextPlus RootKit bytes the dust
ContextPlus has stopped their activities. This company most known programs are PeopleOnPage and Apropos. Once installed, they will monitor the browsing behavior and send the obtained information to the ContextPlus servers.
Reinicio constante: ¿problema de hardware, virus o… rootkit?
Información de seguridad, semana 12, 2006
Your pet can be infected by a computer virus!
Researchers of the University of Amsterdam in The Netherlands have succeeded to successfully infect a RFID-chip (Radio Frequency Identification Device) with a computer virus.
Proof of concept virus targeting InfoPath
A new proof of concept virus has been discovered infecting yet another application of the Microsoft Office Suite.
Look out for Greyware!
During the last few months the number of so called Greyware has increased massively. Greyware reefers to antispyware utilitites that force themselves into the users' machines by scaring the users and by auto-installing programs.
Nuevo gusano propagándose a través de e-mails y "recursos de red abiertos"
El gusano W32/Small.KI@mm ha estado propagándose rápidamente desde principios de esta semana. Este malware está infectado ordenadores a través de e-mails y programas de compartición de archivos.
Lista para comprobar las medidas de seguridad cuando adquiera ordenadores en Navidad
A continuación se incluyen algunas sugerencias útiles a la hora de comprar un nuevo ordenador.
Nuevos objetivos de los phishers
Los phishers o ladrones de identificadores solían atacar importantes instituciones financieras pero últimamente parece que los grupos en los que se fijan han cambiado. Actualmente los phishers están atacando todo tipo de organizaciones, incluso instituciones sanitarias. La guerra entre phishers y grupos anti-phishing es cada vez más dura. Y la posible víctima es usted.
Program flaws as malware propagation technique
During the latest years the tendency for malware to exploit flaws in computer programs seems to have increased.
Keyloggers – an invisible danger
The threath of keyloggers is a rapidly growing danger in the world of IT security.
Spam – from innocent playing to organized crime
Threat is maybe not the first word that comes into your mind when talking about spam.
Proof of concept worm for handheld devices
The first worm that spreads through handheld devices, like mobile phones, is observed. This is a "proof of concept" program without malicious code.
Information about the Sasser worms
Here are some general information about the Sasser worm - Frequently Asked Questions, and their answers.
"You ain't seen nothing yet" - or - The Warhol worm and worse
It is hardly controversial to claim that the end of February and beginning of March 2004 was the worst period ever regarding the sheer number of new mailicious programs threatening the Internet community. New variants of Bagle, MyDoom and Netsky were spread daily - sometimes even more than once per day.
An analysis of Sobig.F and its ability to harm Internet users around the world
In September 2003 Internet users and organizations experienced the most severe attack on the Internet infrastructure since the "Morris worm" in November 1988. The outbreak of W32/Sobig.F caused major problems because of the huge amount of emails flooding the infrastructure.
Virus hoaxes - false virus warnings
Security Information Week 32, 1999From time to time there are virus alerts which turn out to be false alarms. Several of these are rumors saying ...
Macrovirus steals your private PGP key
Security Information Week 8, 1999Several viruses have recently been created which utilize Internet protocols and applications in their behaviour.One such familiy is the W97M/Caligula viruses ...
CIH hit 26 April - probably more than one million PCs hit
Security Information Week 17, 1999 In our Security information for week 3 we warned about the dangerous CIH virus with payload 26 April. We now have ...
The worm Win32.Ska.A
Security Information Week 5, 1999Recently a new worm has been reported several places in the world. This is called Win32.Ska.A. It is also known as ...
Another back door in Microsoft's operating systems?
Security Information Week 35, 1999In week 35 a report of a new backdoor in Microsoft's operating systems Windows 95, 98, NT and the beta version ...
PrettyPark is still alive and active
Security Information Week 40, 1999 There have been several reports about the PrettyPark.Worm program recently. This worm was first reported to be in the wild early ...
Melissa and her siblings - Macros abusing TCP/IP
Security Information Week 13, 1999 Friday 26 March 1999 a new virus was discovered "In the wild" - W97M/Melissa.A. During that week-end reports came from all ...
Windows backdoor programs
Security Information Week 11, 1999During the last half year one has seen an explosion in so-called Windows backdoor programs. These are programs which utilize the ...
The Emperor virus - the danger is exaggerated
Security Information Week 20, 1999 Some companies have warned about the virus Emperor.5826. These warnings have also reached the news, and the virus has even been ...
Risk assessment with Mass Mailers
Security Information Week 50, 1999IntroductionDuring the latest months viruses have been using e-mail clients to spread themselves. The most famous one is of course W97M/Melissa.A ...
Trends in the creation and propagation of malicious programs
Security Information Week 25, 1999 This year we have seen three instances of malicious programs which caused severe damage all over the world: ...
The worm ExploreZip is in the wild
Security Information Week 23, 1999 A new, malicious worm is reported in the wild. So far reports has come from France, Germany, Israel, Czechia and the ...
Exploiting security issues in known applications - a new trend in malicious programs?
Security Information Week 32, 2003
Documents with RTF extensions - are you safe from virus infections?
Security Information Week 21, 1999 Documents saved as RTF files are not dangerous with respect to macro virus infections. This fact has been stressed from the ...
Malicious programs in the Klez family
Security Information Week 25, 2002 Introduction The Security Information for week 20 discussed in general terms why some malicious programs succeed in becoming widespread while other do ...
April this year - the month of severe incidents from malicious programs?
Security Information Week 14, 2001 Introduction It is often claimed that security companies, security consultants and the antivirus vendors, are too eager to warn about different kinds ...
The so-called HTML viruses
Security Information Week 1, 1999 The computer magazines as well as other papers have recently published articles about a "new" kind of viruses - the so-called ...
Windows Scripting Host - a security issue with respect to virus propagation
Security Information Week 21, 2000Windows Scripting Host (WSH) is a part of some of Microsoft's 32 bits operating systems or is installed when certain Microsoft ...
The worm JS/Kak and a security patch from Microsoft
Security Information Week 9, 2000 In our Security Information for week 45 last year, we discussed a security problem with Internet Explorer which had as a ...
Computer viruses in non-Microsoft products
Security Information Week 8, 2000Visual Basic for Applications (VBA) is Microsoft's programming language used to enhance the functionality of some of its programs, particularly the ...
Several high-profile web sites taken down
Security Information Week 6, 2000During the first days of this week several high-profile web sites fell victim of what seems to be Denial of Service ...
The pros and cons of updating virus detection files on availability
Security Information Week 4, 2000The high frequency of updates to antivirus packages - weekly or even more often - has come about partly as a ...
What to learn from visits by Melissa and her siblings
In April 1999 a lot of people and organizations were paid a visit by the computer virus Melissa. This virus propagated so quickly and extensively that many compared it to the legendary "Morris worm."
Ultimas entradas del blog [EN]
The 10 most insecure passcodes
2011-06-16
Earlier this week I read an extremely interesting and impressing blog item by Daniel Amitay: Most Common iPhone Passcodes.
Amitay has analyzed more than 200 000 passcodes used in an app with a similar...
más >>
más >>
Purchasing and downloading outdated software
2011-05-23
Last week in the "JoshMeister On Security" blog, the topic was about Apple's Mac App Store, and the fact that software available from this store may not be the latest version.
The blog's aut...
más >>
más >>