Category Archives: Thoughts

Naval researchers pioneer TCP-based spam detection

A group of researchers from the U.S. Naval Academy has developed a technique for analyzing email traffic in real-time to identify spam messages as they come across the wire, simply using information from the TCP (Transmission Control Protocol) packets that carry the messages. http://www.itworld.com/networking/235527/naval-researchers-pioneer-tcp-based-spam-detection ———- So this begs the query of what do you do about spam? Spam has been with us so long that it literally became the main message passed in email. Microsoft teamed with several other security outfits to assassinate several botnets and remove their domains and command and control centers in the last several years. My answer to spam has been to drop email. I answer …

Continue reading

Posted in Thoughts.

What to do about the compromise of digital certificates?

I have no answers for the question, just examples and other questions. If you’ve been living under a rock the last year, malware writers have been finding holes to use digital certificates to slip in to computers. What are digital certificates? From Webopedia: An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. http://www.webopedia.com/TERM/D/digital_certificate.html The Certificate Authority(CA) issues an encrypted message with a digital public key along with other information. The implication above …

Continue reading

Posted in Thoughts.

Researchers Warn of New Windows 7 Vulnerability

Researchers are warning about a new remotely exploitable vulnerability in 64-bit Windows 7 that can be used by an attacker to run arbitrary code on a vulnerable machine. The bug was first reported a couple of days ago by an independent researcher and confirmed by Secunia. In a message on Twitter, a researcher named w3bd3vil said that he had found a method for exploiting the vulnerability by simply feeding an iframe with an overly large height to Safari. The exploit gives the attacker the ability to run arbitrary code on the victim’s machine. “A vulnerability has been discovered in Microsoft Windows 7, which can be exploited by malicious people to …

Continue reading

Posted in Thoughts.

Avira Antivirus Premium 2012 free license key giveaway

Perhaps you, my readers, are tired(bored) to read articles about complicated malware analysis and how to disinfect the computer manually which sometimes is a tough job, so I thought it is a good idea to offer you an easier solution to keep your computer protected from malware.  My idea is to reward my website visitors with a free 1 year  license key for Avira Antivirus Premium 2012 — the license will be bought by me. Avira Premium 2012 is an antivirus that I love for its simplicity, its low computer resources usage and effectiveness. Who visit the underground forums know aswell that bypassing it is a nightmare challenge for virus …

Continue reading

Posted in Thoughts.

Android malware invasion – only time can tell

These days the debate about Android platform malware become more intense than ever. On one side the open source and public sector engineering manager at Google, Chris DiBona wrote an article at Google+ blog containing some incendiary sentences like: No major cell phone has a ‘virus’ problem in the traditional sense that windows and some mac machines have seen. There have been some little things, but they haven’t gotten very far due to the user sandboxing models and the nature of the underlying kernels. ………………………………. Yes, virus companies are playing on your fears to try to sell you bs protection software for Android, RIM and IOS. They are charlatans and scammers. …

Continue reading

Posted in Thoughts.

TDL4 TDSS Bootkit gets improved

The improvements in the new TDL4 bootkit versions are suggesting that the original code was outsourced. For example in the older TDL4 versions the computer infection was initialized by infecting the Master Boot Record(MBR) of the hard disk with malicious code and the attempts to fix it were initially thwarted hooking and malforming the disk read-write operations. In the recent TDL4 versions, the bootkit does not infect the MBR anymore, instead it creates its own primary and hidden partition with a new improved virtual file system at the end of the hard disk, add an entry in the partition table pointing to it and mark it as active, that’s mean …

Continue reading

Posted in Thoughts.

Antispyware 2011, the most credible fake anti-spyware

The keyword “antispyware” has around 2000,000 monthly searches in Google search engine and it’s obvious why nowadays when the security related websites are abundant with news about new computer trojans, new dangerous creations which have in fact a unique objective: not to delete Windows installation, not to take over the mouse and keyboard but to spy silently and unnoticed on the victim’s computers or networks, posing a huge risk for all non public data. If we search in Google for keyword “antispyware” the results are depending slightly on the searching preferences as locations and languages but always contains on the first page of results a link to http://www.antispyware.com . It’s …

Continue reading

Posted in Thoughts.