07-04-2009 15:13 WALEDAC celebrates Independence Day, too  Holidays are almost always the target of significant spam and malware attacks, and this Fourth of July is turning out to be little different. A new WALEDAC variant – detected as WORM_WALEDAC.DU – has been sending out Independence Day spam messages. (In fact, last year there were multiple fourth of July attacks, one of which involved the Storm botnet.) These messages contain links to a site which appears to be from Youtube:
The video supposedly shows a fabulous fireworks show, but in reality attempting to play the video results in downloading a copy of WORM_WALEDAC.DU. This particular technique has been used many, many times before, but it’s still quite effective. Fortunately, however, the malicious file is already detected by the Trend Micro Smart Protection Network, so users don’t need to worry about this threat. Post from: TrendLabs | Malware Blog - by Trend Micro WALEDAC celebrates Independence Day, too News :: trendmicro Povezani zapisi: 03-08-2010 0:20 Best of Application Security (Friday, Mar. 5)  Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.Verizon Incident Metrics Framework ReleasedWiseguys net $25m in ticket scalping racketState of Software Security Report Internet Explorer 8 and the Security Development Lifecycle (SDL)Top 10 Hacks of 2009 and WAF MitigationsFTC alleges that ControlScan offered 'little or no verification' of site security or privacy I’m in ur 4sq, snarfin ur password — Part IFifteen Common Activities from BSIMM2Even if You Don’t Invent Your Own Crypto….It’s Still HardFacebook founder Mark Zuckerberg 'hacked into emails of rivals and journalists' WhiteHat Security is a leading provider of website security services. Feedproxy Security 02-26-2010 16:46 Best of Application Security (Friday, Feb. 26)  Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.Hitler and Cloud Computing Security Microsoft SDL Core Training Classes & Tools A Big Case of ...OOPS... Customer-Induced FUD NT OBJECTives Response to the Larry Suto Report Web Security Dojo v1.0 & Watcher 1.3.0 release Online finance flaw: Ameriprise III Banks, Businesses, Viruses and the UCC Breaking Weak CAPTCHA in 26 Lines of Code Finding Input Validations flaws with Taint Checking WhiteHat Security is a leading provider of website security services. Feedproxy Security 02-19-2010 16:13 Best of Application Security (Friday, Feb. 19)  Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.Microsoft’s Many Eyeballs and the Security Development LifecycleA Comparison of DBIR with UK breach reportInfrastructure vs. Application Security SpendingIdea for a Fondue Party2010 CWE/SANS Top 25 Most Dangerous Programming ErrorsShould Software Developers be Liable?Directory traversal as a reconnaissance toolAbusing WCF to Perform Remote Port ScansThe State of Web Security Issues3000 Small Dog Electronics customers' credit card details compromised WhiteHat Security is a leading provider of website security services. Feedproxy Security 02-12-2010 16:41 Best of Application Security (Friday, Feb. 12)  Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.A Lazy Pen Tester’s Guide to Testing Flash ApplicationsRock Beats Scissors, and People Beat ProcessHacker threat forces DoH to close appraisal siteFeds say dev's 'cookie-stuffer' app fleeced eBayA Few Billion Lines of Code Later: Using Static Analysis to Find Bugs in the Real WorldDeath of Product ReviewsAre You Rugged?Reducing Information Disclosure in ASP.NET Web ServicesOWASP Broken Web Applications ProjectTop 10 Targeted Passwords WhiteHat Security is a leading provider of website security services. Feedproxy Security |
