Latest posts

Page 217

Zotob

Contrary to your probable first impression, Zotob is NOT the third bastard child of Haruk the Klingon.  In fact, it’s a nasty new worm that uses a vulnerability in Plug and Pray, allowing a remote attacker to control a Windows system remotely. Windows 2000 systems are particularly at risk, although XP and 2003 Servers have […]

Continue reading

iDefense says identity theft ring not related to CWS

Oy vey, if people would only read this blog or contact us before jumping to conclusions. iDefense, which was recently acquired by Verisign, has analyzed the code for the keylogger we reported on and has released a statement that they have determined “it’s not CoolWebSearch code”. Of course it isn’t. Hello, people, we never said […]

Continue reading

$300k in tax payers money to spy on VOIP!

CNET article reports that the feds are funding development on ways to spy on VOIP traffic. Well, if you think they don’t already do that with POTs lines… AlexThanks to BoingBoing  

Continue reading

NIST launches computer vulnerability database

Another website for security professional to keep in their arsenal. From the alert: The new National Vulnerability Database (NVD) from the National Institute of Standards and Technology (NIST) will make it easier for system administrators and other security professionals to learn about vulnerabilities and how to remediate them. The NVD is a comprehensive database that […]

Continue reading

Webroot nabs McAfee bigwig

Word on the street: Webroot just snagged McAfee’s Senior VP of Corporate Development, Seksom Suriyapa, to become Sr. VP of Business Development over at Webroot. Why interesting? It shows the continuing and growing legitimacy (and market share gains) of antispyware companies in a space that should be owned by the AV companies.  Replacing the AV […]

Continue reading

CoolWebSearch issues statement

Here is their statement from their website. ———————————-————————————————————News Update (2005-08-09): As you may have heard, there is a new spyware identity theft ring out there:http://news.yahoo.com/s/zd/20050808/tc_zd/157623http://sunbeltblog.blogspot.com/ For some obscure reason, they keep claiming that it has something to do with coolwebsearch. It does not. We urge anyone who has any evidence on this actually being linked […]

Continue reading

Updated SSA-Keylogger cleaner

SSA-Keylogger cleaner has been updated to reflect some new variants. Link here. Alex Eckelberry Update: Information on the types of systems infected here.

Continue reading

Lavasoft finds similar trojan?

Update:  I just spoke with Mike Wood, VP of Research at Lavasoft— this is not the same variant of the trojan as we found (they have also updated their database to the one we have been discussing).  However, they have some really interesting data so we are hoping to collaborate. Very interesting, a comfirmation (finally) […]

Continue reading

Fix for the Srv.SSA-KeyLogger

Update: Click here for more information on the types of systems infected. Press release here. We have issued an immediate security fix to thwart the newly identified spyware keylogger uncovered by Sunbelt’s Research Team. This is the keylogger that is behind the identity theft ring. The spyware keylogger, named Srv.SSA-KeyLogger, is a backdoor program that, […]

Continue reading

The keylogger from hell

Update: Fix and new data here. Also, to understand the types of systems infected (all of them were unpatched XP systems, click here). Ok, we have the latest on this identity theft ring. And it’s pretty interesting. Remember that all we found was the cache of data from the thieves — we didn’t have the […]

Continue reading