Threat Category: Web threats | Page 28

phpBB 2.0.11 isn’t vulnerable

A worm that targets phpBB is on the loose

We’ve intercepted a few samples of a new Mydoom variant this morning. Detection has been made available with the latest antivirus database update as “Email-Worm.Win32.Mydoom.ad”.

A new variant in the Zafi family started to spread earlier today and seems to be propagating pretty fast.

More from the AVAR 2004 conference in Tokyo

Saturday seemed like a quiet day, apart from the new Sober, however it was far from that. In the morning I received some local reports claiming that some respectable sites were distributing malware.

As it turns out, a popular Adserver had been compromised and scripts were modified in such a way…

A new variant of Bofra has been reported – we are trying to get the distribution site closed.

Kaspersky Lab renames viruses previously detected as Mydoom

HTML e-mail & why it’s not a good idea

This day in 1988 saw the birth of the network worm Morris that quickly spread across the 6,000+ vulnerable computers then connected to the Internet.

We mentioned a payload for Bagle.at, where the worm tried to connect to compromised sites. Bagle.at tries to download and execute TrojanDownloader.Win32.Small.zj, a new variant of Small.

Today is going to be crazy. Another new Bagle is being seeded as we speak.

A new Bagle variant is spammed to users. We received over 40 letters from users with Bagle.at. Anti-virus databases are updated and we are monitoring the situation.

Today’s threats spread further and faster than ever before. This makes updating your antivirus databases regularly essential.

Reports

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence.

Web threats

Update on Net-Worm.Perl.Santy.a and phpBB vulnerabitlity

Net-Worm.Perl.Santy.a outbreak

No holiday for Mydoom

Patriot on the loose

Japan – high technology, high security

Adserver compromised – legitimate sites serving malware

Yet another Bofra variant

New Mydoom variants now called Bofra

HTML e-mail & why it’s not a good idea

On this day in history … the birth of the network worm

Bagle.at links to compromised sites now active

Another Bagle

New Bagle active

Antivirus updating – why it’s more important than ever before

Reports

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Careto is back: what’s new after 10 years of silence?

Subscribe to our weekly e-mails