W32.Changeup, the eMule-aided worm

August 20, 2010 · Filed Under News, Security · Comment 

News - A succession of fresh, quality news, from inside and outside of the WebFile sharing platforms abuse by malicious code is a fashionable habit since years now. A malware usually just checks if the infected machine hosts a peer-to-peer software, but the W32.Changeup worm detected by Symantec (among the others) goes beyond and rather than searching for a P2P tool it installs its own “private” eMule copy to replicate itself. The malware is noteworthy for its ability to “assist” downloading and spreading of additional computer threats.

Read more

The 5 all-time worst malware according to Trend Micro

August 22, 2009 · Filed Under News, Security · Comment 

News - A succession of fresh, quality news, from inside and outside of the WebTrend Micro, a Tokyo-based security enterprise with over 4,000 employees in more than 30 countries, has recently asked the experts from TrendLabs (its global research organization) to make an updated list of the worst computer plagues ever. The resulting list includes 5 noteworthy examples of widespread infections which represented, during their respective period of wider circulation, the most dangerous security threats users and companies could have faced.

Read more

From the past to the future, the new bootkits menace

August 10, 2009 · Filed Under In Depth, Security · Comment 

In Depth - A merciless lens pointed on the hot topics, passionate and detailed retrospectives, reflections beyond the appearances As security experts have already highlighted in this months and years, the trend of the most sophisticated malicious code is to be able to reach the lowest levels of the machine to infect, putting out of the game all the security mechanisms and gaining full control of the PC and the operating system. This trend embraces more and more the term “bootkit”, literally a bootable rootkit, on which the attentions of researchers and Assembly code enthusiasts have recently focused uncovering new, potential threats with an ancient heart and dangerous security flaws sold as malware-proof security measures.

Read more

The P2P psychodrama between The Pirate Bay and three strike law

May 24, 2009 · Filed Under Civil & Digital Rights, In Depth · Comment 
This entry is part of the series The industry vs. P2P

In Depth - A merciless lens pointed on the hot topics, passionate and detailed retrospectives, reflections beyond the appearances Surely 2009 is the most sensitive year for peer-to-peer and the industry crusade against free on-line contents sharing. In Italy we have the previously discussed issues with the incompetence and obscene servility of our representatives, and moving the attention toward Europe things get even worse if possible. Two in particular are the noticeable questions of these weeks in Europe, the conviction of The Pirate Bay crew and the approval in France of the Sarkozy doctrine also known as three strike law or HADOPI law.

Read more

Klaatu, barada, nikto, Conficker!

April 10, 2009 · Filed Under In Depth, Security · Comment 

In Depth - A merciless lens pointed on the hot topics, passionate and detailed retrospectives, reflections beyond the appearances More than a week after the 1st of April, the day when the Internet stood still because according to the press the Conficker/Downup/Downadup/Kido worm could have destroyed the net, the infrastructures, civilized mankind and the entire planet things are going more or less as usual: Internet remains a dangerous place but it hasn’t exploded like a supernova, and bits are flowing quickly from a part to another one of the planet. The true novelty is that the botnet built up by one of the most complex malware ever finally shows what its true purpose is.

Read more

Rootkits penetrate the heart of the machine

April 7, 2009 · Filed Under In Depth, Security · Comment 

In Depth - A merciless lens pointed on the hot topics, passionate and detailed retrospectives, reflections beyond the appearances Since, in 2005, the nasty commercial policies of Sony BMG uncovered the possibility to seize control on the operating system to hinder the normal working of the PC and peripherals, the evolution of rootkit software went through an unparalleled acceleration. The interest for the matter rose in research and among cyber-criminals gangs, with the result that can be esteemed in these days: rootkits have reached the lowest levels of electronic devices circuitry by infecting network routers, the BIOS and even the most privileged working mode of the x86 processors.

Read more

Conficker worm asks for instructions and gets an update

March 16, 2009 · Filed Under News, Security · 13 Comments 

News - A succession of fresh, quality news, from inside and outside of the WebConficker/Downup/Downadup/Kido malware, Symantec writes in the first edition of The Downadup Codex, “is, to date, one of the most complex worms in the history of malicious code“. At first spread through a flaw within the Windows Server service, the threat has grown immensely because of a combination of elements that facilitated its diffusion and drove the IT industry to unite in the attempt to block its further proliferation.

Read more

Conficker, it’s open war between the industry and malware writers

February 27, 2009 · Filed Under In Depth, Security · Comment 

In Depth - A merciless lens pointed on the hot topics, passionate and detailed retrospectives, reflections beyond the appearances Conficker (also known as Downup, Downadup or Kido) is the worm that first, after the Sasser outbreak in 2004, was able to exploit a flaw in a Windows remote service, and due to this unusual ability the malware became in turn the target of a large part of the IT industry that, leaded by Microsoft, is trying in these days to defuse the time bomb of an enormous botnet yet with unknown practical outcomes.

Read more

Conficker, the perfect storm worm

January 23, 2009 · Filed Under In Depth, Security · Comment 

In Depth - A merciless lens pointed on the hot topics, passionate and detailed retrospectives, reflections beyond the appearances The Conficker worm, also known as Downup, Downadup or Kido, is floating around since October 2008. Security firms know it pretty well, and in the past days the malware has become known as much well to users too having infected a significant amount of machines all over the world. We have returned to the “good” old times of Sasser, Blaster and Mydoom outbreaks, and the already worrisome proliferation of the worm threatens to get even worse because of some conditions that increasingly support its spreading.

Read more

22,000 new malware samples per day, a network worm breakout and the sandbox-enabled antivirus

January 12, 2009 · Filed Under News, Security · 2 Comments 

News - A succession of fresh, quality news, from inside and outside of the WebFrom a computer security standpoint, 2008 surely has been a year of passion. Nay worse, it has been a dramatic year characterized by figures beyond any imagination, a steady hammering of new threats that has lasted till the end and that is expected to be the same or even worse during this year.

Read more

Internet? A very dangerous place

December 13, 2008 · Filed Under News, Security · Comment 

News - A succession of fresh, quality news, from inside and outside of the WebTrend Micro security enterprise has ranked the attack vectors exploited by the 100 most widespread malware from January to November 2008, and the results speak by themselves: among all the possible infection ways Internet is absolutely the most used (or better still abused) one by worms, trojans and other types of digital pathogenetic agents constantly hunting for victims and unprotected systems to compromise.

Read more

BGP hijacking, the Internet borders are insecure

August 28, 2008 · Filed Under News, Security · Comment 

News - A succession of fresh, quality news, from inside and outside of the WebThe DNS spoofing risk - also known as the “DNS bug” - discovered by Dan Kaminsky? It’s only the beginning: the very foundations of Internet are squashy jelly in the hands of the most capable hackers, and the demonstrations on the deep insecurity of the world network infrastructures increase seamlessly. The last one is a reminder of a well-known flaw, which involves the systems of the Border Gateway Protocol (BGP) and that, on the contrary of the DNS bug, won’t be suitably tackled still for a long time.

Read more

Internet & Windows Vista: it’s the age of the Great Flaws

August 15, 2008 · Filed Under News, Security · Comment 

News - A succession of fresh, quality news, from inside and outside of the WebAnnouncements of network apocalypses come from Las Vegas, where the major security experts have met to discuss about the state of things of the modern computer platforms during the Black Hat conference held the last week. The message given describes just a dramatic scenery, where Internet structural flaws couple with those as much as fundamental of Windows Vista to provide the “good fella” with an entire new rack of attacks against users and assorted net services.

Read more