Threat Category: Web threats | Page 25

Email is known to be one of the most popular infection vectors. This article specifically analyses malware which is distributed via email.

This paper presents a method to automatically separate and block those networks in real time. The method uses a statistical approach exploiting the fact that computers in a botnet have to have some similarities in their behavior.

In November, our online statistics returned to their usual state of flux: there are 11 new malicious programs in the Top Twenty, a new leader and it’s very unclear what the future may hold

HMRC [Her Majesty’s Revenue & Customs] has mislaid two disks containing personal data

If this month’s Top Twenty had been prepared using data from the first 26 days of October, two important malware related events would have been missing

Over the last couple of weeks we’ve been closely following the behaviour of a botnet with a C&C (command and control) center based on a popular web-based engine.

The growth only stopped early yesterday evening – around 5pm Moscow time – when the overall total number of zombies was about 14000!

Today we saw a sad, but typical picture: a small botnet with an approximately 8600 zombie machines suddenly exploded and began to grow very quickly.

Italian TV went so far as to warn viewers of the Trojan.Win32.Small.mi – both with a short item on the midday news, and by running a warning across their news ticker.

A few days ago the Inquirer published a interesting little article talking about how Google hadn’t returned the search results he wanted, but instead told him his computer might be infected with a malicious program.

H.R. 1525 is ongoing evolution to the original (I-SPY) Internet Spyware Protection Act of 2005. Specifically, the new bill is “to discourage spyware, and for other purposes”.

Kaspersky Lab presents the Online Scanner Top Twenty for December 2006

Are all antivirus created equal?

Although it’s maybe better know known for its extreme location and beautiful landscapes, Chile has been recently making the news for hacker arrest stories.

Social networking site contains spoof log-in page

Reports

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Kaspersky’s GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and delivering the Tuoni framework to their devices.

Web threats

Kaspersky Security Bulletin 2007. Malware which spreads via email

Coordinated distributions method for tracking botnets sending out spam

Online Scanner Top Twenty for November 2007

UK child benefit data lost

Virus Top 20 for October 2007

Botnet losing ground

Botnet grinds to a halt

A look inside a botnet

Italy warns TV watchers of Small epidemic

GoogleBlock

New U.S. legislation

Online Scanner Top Twenty for December 2006

Are all antivirus created equal?

Hacker hunting

MySpace compromised

Reports

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports

Subscribe to our weekly e-mails