- Home
- Services
- Computer Repair
- Testimonials
- About Us
- Contact Us
- Call Now - 425-214-4844
-
Get a Free Consultation Today
e-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer., (Sun, May 23rd)
There are two public broadcast TV stations at Colombia. We received a report that a e-mail is out there claiming to be from one of the stations and announcing they have the video of Fidel Castro's funeral:
The URL points to a UK server and downloads a nasty little malware done in Visual Basic that changes Windows parameters and recolects info from your computer. The trojan used to upload the malware is located on the same directory:
We encourage Web server admins to keep updated security patch and avoid default configurations on web servers that could allow attackers to upload these kind of files to your webserver. This backdoor is pure php and, as you can see, has a lot of useful options.
Please keep in mind also that clicking URL links inside e-mail is dangerous. Always go to the web server typing yourself the URL.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
The URL points to a UK server and downloads a nasty little malware done in Visual Basic that changes Windows parameters and recolects info from your computer. The trojan used to upload the malware is located on the same directory:
We encourage Web server admins to keep updated security patch and avoid default configurations on web servers that could allow attackers to upload these kind of files to your webserver. This backdoor is pure php and, as you can see, has a lot of useful options.
Please keep in mind also that clicking URL links inside e-mail is dangerous. Always go to the web server typing yourself the URL.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
SANS 2010 Digital Forensics Summit - APT Based Forensic Challenge, (Sat, May 22nd)
In conjunction with the 2010 SANSDigital Forensics and Incident Response Summit...there is a contest!
To quote Rob Lee...
The 2010 Digital Forensics and Incident Response Summit's focus this year is examining and advancing the digital forensic professional to deal with advanced threats such as the APT and organized crime. Understanding how many of these crimes take place is crucial to creating lethal forensicators armed with the knowledge and skills to analyze complex cases. I asked Jonathan Ham and Sherri Davidoff (who co-authored the sell-out Forensics 558: Network Forensics course and created many successful contests at - forensicscontest.com) to create a contest based partially on how the APT might try and trigger a compromise to steal intellectual property via a targeted attack via spear phishing.
I'm proud to announce the Jonathan and Sherri have created an amazing contest that will challenge you to use sophisticated skills and help you see the types of attacks that could be infecting your networks today. Using published information based on the Aurora attacks they set out to recreate a sequence of events that demonstrate the challenge investigators will face when examining compromises of clicking on links via a targeted spear phishing attack. This contest is a step in the right direction to help educate and challenge forensic professionals around the country. It also provides a good example of some of the discussions we will cover at the 2010 Forensic Summit: Malware analysis, Network Forensics, and the Advanced Persistent Threat. Jonathan and Sherri will announce the winners at the Forensic Summit on July 8. We hope you win the challenge and will attend the 2010 Forensic Summit, July 8, 9 in Washington D.C.
The contest itself is available over a the SANSComputer Forensics Blog.
Have fun!
-- Rick Wanner - rwanner at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
To quote Rob Lee...
The 2010 Digital Forensics and Incident Response Summit's focus this year is examining and advancing the digital forensic professional to deal with advanced threats such as the APT and organized crime. Understanding how many of these crimes take place is crucial to creating lethal forensicators armed with the knowledge and skills to analyze complex cases. I asked Jonathan Ham and Sherri Davidoff (who co-authored the sell-out Forensics 558: Network Forensics course and created many successful contests at - forensicscontest.com) to create a contest based partially on how the APT might try and trigger a compromise to steal intellectual property via a targeted attack via spear phishing.
I'm proud to announce the Jonathan and Sherri have created an amazing contest that will challenge you to use sophisticated skills and help you see the types of attacks that could be infecting your networks today. Using published information based on the Aurora attacks they set out to recreate a sequence of events that demonstrate the challenge investigators will face when examining compromises of clicking on links via a targeted spear phishing attack. This contest is a step in the right direction to help educate and challenge forensic professionals around the country. It also provides a good example of some of the discussions we will cover at the 2010 Forensic Summit: Malware analysis, Network Forensics, and the Advanced Persistent Threat. Jonathan and Sherri will announce the winners at the Forensic Summit on July 8. We hope you win the challenge and will attend the 2010 Forensic Summit, July 8, 9 in Washington D.C.
The contest itself is available over a the SANSComputer Forensics Blog.
Have fun!
-- Rick Wanner - rwanner at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
MySQL 5.1.47 is now available - http://www.mysql.com/downloads/mysql/, (Fri, May 21st)
-- Rick Wanner - rwanner at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
More Articles...
- Symantec triggers on World of Warcraft update, (Sun, May 16th)
- Onboard Computers Subject to Attack?, (Sat, May 15th)
- Google Acknowledges Grabbing Personal Data, (Sat, May 15th)
- New tool from Mozilla for updating plug-ins, (Thu, May 13th)
- Layer 2 Security - Private VLANs (the Story Continues ...), (Wed, May 12th)
- Adobe Shockwave Update, (Wed, May 12th)
- .de TLD Outage, (Wed, May 12th)
- Microsoft Security Bulletin Summary for May 2010
- MS10-030 - Critical: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542) - Version:1.1
- MS10-031 - Critical: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213) - Version:1.0
- MS09-061 - Critical: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378) - Version:1.3
- Another round of WordPress Attacks, (Mon, May 10th)
- Wireshark DOCSIS Dissector DoS Vulnerability, (Sat, May 8th)
- Microsoft Patch Tuesday May 2010 Pre-Release, (Sat, May 8th)
- Security Awareness Many Audiences, Many Messages (Part 2), (Fri, May 7th)
- non-latin TLD to be issued, (Thu, May 6th)
- Microsoft Security Bulletin Advance Notification for May 2010
- DNSSEC...not a bang but a whimper?, (Tue, May 4th)
- MS10-022 - Important: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169) - Version:1.1
- Malicious iFrame on US Treasury and other sites?, (Tue, May 4th)
- SIFT review in the ISSA Toolsmith, (Tue, May 4th)
- Social engineering via paper mail, (Mon, May 3rd)
- Microsoft Security Bulletin Summary for March 2010
- MS10-016 - Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561) - Version:2.0
- Zbot Social Engineering, (Sun, May 2nd)
- Happy May Day, (Sat, May 1st)
- The Importance of Small Files, (Fri, Apr 30th)
- Opera 10.53 Released to Address Security Issue, (Fri, Apr 30th)
- Who needs exploits when you have social engineering?, (Thu, Apr 29th)
- Microsoft Security Advisory (983438): Vulnerability in Microsoft SharePoint Could Allow Elevation of Privilege
- Opera 10.52 is released, most updates are for stability ==> http://www.opera.com/docs/changelogs/, (Wed, Apr 28th)
- Layer 2 Security - L2TPv3 for Disaster Recovery Sites, (Tue, Apr 27th)
- MS10-025 - Critical: Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) - Version:3.0
- Microsoft Security Bulletin Summary for April 2010
- Snort 2.8.6 is released!, (Mon, Apr 26th)
- PulledPork v0.4.1 is released!, (Mon, Apr 26th)
- Honey, my laptop is acting funny again, (Sun, Apr 25th)
- Manual Verification of SSL/TLS Certificate Trust Chains using Openssl, (Sun, Apr 25th)
- Shadowserver botnet rules , (Fri, Apr 23rd)
- Data Redaction: You're Doing it Wrong, (Thu, Apr 22nd)
- If you had a larger network affected by the McAfee signature: We are interested to hear about your lessons learned. How long to fix it? What worked/didn't?, (Thu, Apr 22nd)
- Don't Be Fooled by Twitter Spam in Your Inbox, (Thu, Apr 22nd)
- MS10-025 - Critical: Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) - Version:2.0
- Microsoft Security Bulletin Summary for April 2010
- Microsoft Security Bulletin Summary for April 2010
- MS10-029 - Moderate: Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338) - Version:1.1
- MS10-019 - Critical: Vulnerabilities in Windows Could Allow Remote Code Execution (981210) - Version:1.3
- Are You Ready for a Transportation Collapse...?, (Tue, Apr 20th)
- Linked into scams?, (Mon, Apr 19th)
- Some NetSol hosted sites breached, (Sun, Apr 18th)
More Goodies
My AIN
User Login
Login using Facebook
Login Using Facebook
Copyright ©2009 | All In Networks, LLC | 425.214.4844 |
Kirkland IT Services - 13501 100th AVE NE, Suite 10 | Kirkland WA 98034
And our Seattle IT Support - | 877-412-5546 | 2425 24th AVE S, Seattle WA 98122
Site Map
Kirkland IT Services - 13501 100th AVE NE, Suite 10 | Kirkland WA 98034
And our Seattle IT Support - | 877-412-5546 | 2425 24th AVE S, Seattle WA 98122
Site Map