JavaScript encryption added to malware arsenal
Malicious hackers are starting to encrypt JavaScript files to escape anti-virus detection, adding another element of sophistication to browser-based malware attacks.
Zero Day
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Ryan Naraine
Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.
Dancho Danchev
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.
Latest Posts
Beware of data seepage on Google Calendar
If you use Google Calendar to set up corporate meetings or private conference calls, you might want to be careful about how that data is available to the rest of the world.
Botnet herders pounce on Windows DNS RPC flaw
Online criminals have pounced on the unpatched Windows DNS Server service vulnerability, using the security hole to seed and replenish for-profit botnets. The latest twist in the ongoing attacks comes less than a week after Microsoft's pre-patch advisory provided clues for hackers to write and release detailed exploit code.
Oracle Patch Day: 37 flaws fixed
Oracle has released its quarterly "critical patch update" with fixes for a total of 37 security holes in its database and application server products. One of the bugs fixed in this patch batch dates back to 2003.
Microsoft's advisories giving clues to hackers
How's this for a new twist on the old responsible disclosure debate: Hackers are taking advantage of information released in Microsoft's pre-patch security advisories to create exploits for zero-day vulnerabilities.The latest zero-day flaw in the Windows DNS Server RPC interface implementation is a perfect example of the tug-o-war within the MSRC (Microsoft Security Response Center) about how much information should be included in the pre-patch advisory.
How to turn off RPC management of DNS on a large scale
In an advisory issued earlier today, Microsoft issued several workarounds/mitigations for the Windows DNS server service zero-day attacks, including a recommendation that network admins completely disable remote management of RPC capability for DNS Servers.The recommendation included instructions on registry key edits but if you're in charge of a large-scale Windows shop with numerous domain controllers, Microsoft only gave you the switch but no way to automate the registry changes.
'Storm Worm' surge exposes AV deficiencies
The crime ring behind the latest Storm Worm-related malware attack (Techmeme discussion) is using new tactics to slip malicious executables past anti-virus defenses, serving up another black eye to an industry that already uses questionable tactics to find new customers.Arbor Networks researcher Jose Nazario flagged the poor anti-virus detections of the Storm Worm Trojan in a blog entry that noted the use of password-protected ZIP files to hide .
Windows DNS Server code execution hole under attack
An zero-day vulnerability in the DNS server service in Windows is under attack, Microsoft warned in a security advisory.The "limited attacks" are exploiting a stack overflow error in the Windows Domain Name System (DNS) Server's RPC interface implementation when processing malformed requests sent to a port between 1024 and 5000.
Microsoft: Beware of .HLP files
Microsoft is urging Windows users to be very careful when opening ".hlp" attachments.
Opera patches browser flaws
A new version of the Opera browser has been released with patches for a range of security vulnerabilities. The new Opera 9.