Threat Level: Infocon green

Diaries by Keyword: unstoppable tech support malware vish

DateAuthorTitle

UNSTOPPABLE TECH SUPPORT MALWARE VISH

2010-07-06Rob VandenBrinkBogus Support Organizations use Live Operators to Install Malware

UNSTOPPABLE

2010-07-06Rob VandenBrinkBogus Support Organizations use Live Operators to Install Malware

TECH

2013-04-29Adam SwangerReport Fake Tech Support Calls submission form reminder
2010-07-06Rob VandenBrinkBogus Support Organizations use Live Operators to Install Malware
2008-06-17Kyle HaugsnessWhy go high-tech?

SUPPORT

2012-12-06Daniel WesemannFake tech support calls - revisited
2012-10-03Kevin ShorttFake Support Calls Reported
2011-05-23Mark HofmanMicrosoft Support Scam (again)
2010-07-06Rob VandenBrinkBogus Support Organizations use Live Operators to Install Malware
2010-06-15Manuel Humberto Santander PelaezMicrosoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild
2010-03-01Mark HofmanMicrosoft will drop support for Vista (without any Service Packs) on April 13 and support for XP SP2 ends July 13. (i.e. no more security updates). If you are still running these, it it time to update.
2010-02-03Rob VandenBrinkSupport for Legacy Browsers

MALWARE

2013-05-17Daniel Wesemanne-netprotections.su ?
2013-05-16Daniel WesemannExtracting signatures from Apple .apps
2013-05-11Lenny ZeltserExtracting Digital Signatures from Signed Malware
2013-05-01Daniel WesemannThe cost of cleaning up
2013-04-10Manuel Humberto Santander PelaezMassive Google scam sent by email to Colombian domains
2013-03-22Mark BaggettWipe the drive! Stealthy Malware Persistence - Part 4
2013-03-20Mark BaggettWipe the drive! Stealthy Malware Persistence - Part 3
2013-03-19Johannes UllrichScam of the day: More fake CNN e-mails
2013-03-15Mark BaggettAVG detect legit file as virus
2013-03-14Mark BaggettWipe the drive! Stealthy Malware Persistence - Part 2
2013-03-13Mark BaggettWipe the drive! Stealthy Malware Persistence Mechanism - Part 1
2013-02-25Johannes UllrichMass-Customized Malware Lures: Don't trust your cat!
2013-01-08Jim ClausingCuckoo 0.5 is out and the world didn't end
2012-12-18Rob VandenBrinkAll I Want for Christmas is to Not Get Hacked !
2012-12-03Kevin ListonMobile Malware: Request for Field Reports
2012-11-02Daniel WesemannLamiabiocasa
2012-11-01Daniel WesemannPatched your Java yet?
2012-10-14Pedro BuenoCyber Security Awareness Month - Day 14 - Poor Man's File Analysis System - Part 1
2012-09-21Guy BruneauStoring your Collection of Malware Samples with Malwarehouse
2012-09-14Lenny ZeltserAnalyzing Malicious RTF Files Using OfficeMalScanner's RTFScan
2012-07-21Rick WannerOpenDNS is looking for a few good malware people!
2012-07-05Adrien de BeaupreNew OS X trojan backdoor MaControl variant reported
2012-06-27Swa FrantzenOnline Banking Heists
2012-06-26Daniel WesemannRun, Forest! (Update)
2012-06-25Rick WannerTargeted Malware for Industrial Espionage?
2012-06-25Swa FrantzenBelgian online banking customers hacked.
2012-06-22Daniel WesemannRun, Forest!
2012-06-21Raul SilesPrint Bomb? (Take 2)
2012-06-21Russ McReeAnalysis of drive-by attack sample set
2012-06-19Daniel Wesemann Vulnerabilityqueerprocessbrittleness
2012-06-04Lenny ZeltserDecoding Common XOR Obfuscation in Malicious Code
2012-04-26Richard PorterDefine Irony: A medical device with a Virus?
2012-04-25Daniel WesemannBlacole's obfuscated JavaScript
2012-04-25Daniel WesemannBlacole's shell code
2012-04-12Guy BruneauHP ProCurve 5400 zl Switch, Flash Cards Infected with Malware
2012-04-12Guy BruneauApple Java Updates for Mac OS X
2012-03-25Daniel Wesemannevilcode.class
2012-03-03Jim ClausingNew automated sandbox for Android malware
2012-02-24Guy BruneauFlashback Trojan in the Wild
2012-02-20Pedro BuenoSimple Malware Research Tools
2012-02-20Rick WannerDNSChanger resolver shutdown deadline is March 8th
2012-01-14Daniel WesemannHello, Antony!
2011-12-28Daniel Wesemann.nl.ai ?
2011-12-10Daniel WesemannUnwanted Presents
2011-12-07Lenny ZeltserV8 as an Alternative to SpiderMonkey for JavaScript Deobfuscation
2011-11-04Guy BruneauDuqu Mitigation
2011-10-20Johannes UllrichEvil Printers Sending Mail
2011-09-07Lenny ZeltserAnalyzing Mobile Device Malware - Honeynet Forensic Challenge 9 and Some Tools
2011-08-29Kevin ShorttInternet Worm in the Wild
2011-06-15Pedro BuenoHit by MacDefender, Apple Web Security (name your Mac FakeAV here)...
2011-05-25Daniel WesemannApple advisory on "MacDefender" malware
2011-05-19Daniel WesemannFake AV Bingo
2011-05-14Guy BruneauWebsense Study Claims Canada Next Hotbed for Cybercrime Web Hosting Activity
2011-05-03Johannes UllrichUpdate on Osama Bin Laden themed Malware
2011-05-02Johannes UllrichBin Laden Death Related Malware
2011-04-23Manuel Humberto Santander PelaezImage search can lead to malware download
2011-03-01Daniel WesemannAV software and "sharing samples"
2011-02-07Pedro BuenoThe Good , the Bad and the Unknown Online Scanners
2011-02-01Lenny ZeltserThe Importance of HTTP Headers When Investigating Malicious Sites
2010-12-29Daniel WesemannMalware Domains 2234.in, 0000002.in & co
2010-12-29Daniel WesemannBeware of strange web sites bearing gifts ...
2010-10-26Pedro BuenoCyber Security Awareness Month - Day 26 - Sharing Office Files
2010-09-09Marcus Sachs'Here You Have' Email
2010-07-21Adrien de BeaupreDell PowerEdge R410 replacement motherboard firmware contains malware
2010-07-21Adrien de Beaupreautorun.inf and .lnk Malware (NOT 'Vulnerability in Windows Shell Could Allow Remote Code Execution' 2286198)
2010-07-06Rob VandenBrinkBogus Support Organizations use Live Operators to Install Malware
2010-07-04Manuel Humberto Santander PelaezMalware inside PDF Files
2010-06-17Deborah HaleFYI - Another bogus site
2010-06-14Manuel Humberto Santander PelaezRogue facebook application acting like a worm
2010-06-07Manuel Humberto Santander PelaezSoftware Restriction Policy to keep malware away
2010-06-02Rob VandenBrinkNew Mac malware - OSX/Onionspy
2010-05-26Bojan ZdrnjaMalware modularization and AV detection evasion
2010-05-23Manuel Humberto Santander Pelaeze-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer.
2010-05-21Rick WannerIBM distributes malware at AusCERT!
2010-04-30Kevin ListonThe Importance of Small Files
2010-04-19Daniel WesemannLinked into scams?
2010-04-18Guy BruneauSome NetSol hosted sites breached
2010-04-13Johannes UllrichMore Legal Threat Malware E-Mail
2010-03-30Pedro BuenoSharing the Tools
2010-03-26Daniel WesemannGetting the EXE out of the RTF again
2010-03-09Marcus SachsEnergizer Malware
2010-03-04Daniel Wesemannsalefale-dot-com is bad
2010-03-03Johannes UllrichReports about large number of fake Amazon order confirmations
2010-02-21Patrick Nolan Looking for "more useful" malware information? Help develop the format.
2010-01-14Bojan ZdrnjaPDF Babushka
2010-01-07Daniel WesemannStatic analysis of malicous PDFs (Part #2)
2010-01-07Daniel WesemannStatic analysis of malicious PDFs
2009-12-17Daniel Wesemannoverlay.xul is back
2009-12-17Daniel WesemannIn caches, danger lurks
2009-12-16Rob VandenBrinkBeware the Attack of the Christmas Greeting Cards !
2009-12-07Rick WannerCheat Sheet: Analyzing Malicious Documents
2009-12-04Daniel WesemannMax Power's Malware Paradise
2009-12-02Rob VandenBrinkSPAM and Malware taking advantage of H1N1 concerns
2009-11-25Jim ClausingUpdates to my GREM Gold scripts and a new script
2009-09-25Lenny ZeltserCategories of Common Malware Traits
2009-09-25Deborah HaleConficker Continues to Impact Networks
2009-09-25Deborah HaleMalware delivered over Google and Yahoo Ad's?
2009-09-04Adrien de BeaupreFake anti-virus
2009-08-29Guy BruneauImmunet Protect - Cloud and Community Malware Protection
2009-08-26Johannes UllrichMalicious CD ROMs mailed to banks
2009-07-26Jim ClausingNew Volatility plugins
2009-07-03Adrien de BeaupreHappy 4th of July!
2009-07-02Daniel WesemannGetting the EXE out of the RTF
2009-07-02Bojan ZdrnjaCold Fusion web sites getting compromised
2009-06-16John BambenekIran Internet Blackout: Using Twitter for Operational Intelligence
2009-06-16John BambenekURL Shortening Service Cligs Hacked
2009-06-04Raul SilesMalware targetting banks ATM's
2009-06-04Raul SilesTargeted e-mail attacks asking to verify wire transfer details
2009-06-01G. N. WhiteYet another "Digital Certificate" malware campaign
2009-05-20Pedro BuenoCyber Warfare and Kylin thoughts
2009-05-07Deborah HaleMalicious Content on the Web
2009-05-04Tom ListonFacebook phishing malware
2009-04-24Pedro BuenoDid you check your conference goodies?
2009-03-13Bojan ZdrnjaWhen web application security, Microsoft and the AV vendors all fail
2009-02-23Daniel WesemannTurf War
2009-02-23Daniel WesemannAnd the Oscar goes to...
2009-02-10Bojan ZdrnjaMore tricks from Conficker and VM detection
2009-02-09Bojan ZdrnjaSome tricks from Conficker's bag
2009-02-04Daniel WesemannTitan Shields up!
2009-01-31John BambenekGoogle Search Engine's Malware Detection Broken
2009-01-24Pedro BuenoIdentifying and Removing the iWork09 Trojan
2009-01-18Daniel Wesemann3322. org
2009-01-15Bojan ZdrnjaConficker's autorun and social engineering
2009-01-12William SaluskyDownadup / Conficker - MS08-067 exploit and Windows domain account lockout
2009-01-07Bojan ZdrnjaAn Israeli patriot program or a trojan
2009-01-02Rick WannerTools on my Christmas list.
2008-12-25Maarten Van HorenbeeckMerry Christmas, and beware of digital hitchhikers!
2008-12-25Maarten Van HorenbeeckChristmas Ecard Malware
2008-12-17donald smithTeam CYMRU's Malware Hash Registry
2008-12-05Daniel WesemannBeen updatin' your Flash player lately?
2008-12-05Daniel WesemannBaby, baby!
2008-12-04Bojan ZdrnjaRogue DHCP servers
2008-11-17Jim ClausingFinding stealth injected DLLs
2008-11-16Maarten Van HorenbeeckDetection of Trojan control channels
2008-11-12John BambenekThoughts on Security Intelligence (McColo Corp alleged spam/malware host knocked offline)
2008-11-11Swa FrantzenAcrobat continued activity in the wild
2008-11-10Stephen HallAdobe Reader Vulnerability - part 2
2008-10-07Kyle HaugsnessGood reading and a malware challenge
2008-09-29Daniel WesemannASPROX mutant
2008-09-22Maarten Van HorenbeeckData exfiltration and the use of anonymity providers
2008-09-18Bojan ZdrnjaMonitoring HTTP User-Agent fields
2008-09-07Lorna HutchesonMalware Analysis: Tools are only so good
2008-09-03Daniel WesemannStatic analysis of Shellcode
2008-09-03Daniel WesemannStatic analysis of Shellcode - Part 2
2008-09-01John BambenekThe Number of Machines Controlled by Botnets Has Jumped 4x in Last 3 Months
2008-08-13Adrien de BeaupreCNN switched to MSNBC
2008-08-05Daniel WesemannThe news update you never asked for
2008-07-20Kevin ListonMalware Intelligence: Making it Actionable
2008-07-15Maarten Van HorenbeeckExtracting scripts and data from suspect PDF files
2008-07-14Daniel WesemannObfuscated JavaScript Redux
2008-07-07Pedro BuenoBad url classification
2008-06-18Marcus SachsOlympics Part II
2008-06-14Lorna HutchesonMalware Detection - Take the Blinders Off
2008-06-10Swa FrantzenRansomware keybreaking
2008-06-01Mark HofmanFree Yahoo email account! Sign me up, Ok well maybe not.
2008-05-28Adrien de BeaupreAnother example of malicious SWF
2008-05-27Adrien de BeaupreMalicious swf files?
2008-05-26Marcus SachsPredictable Response
2008-05-14Bojan ZdrnjaWar of the worlds?
2008-05-02Adrien de BeaupreHi, remember me?...
2008-04-30Bojan Zdrnja(Minor) evolution in Mac DNS changer malware
2008-04-24Maarten Van HorenbeeckTargeted attacks using malicious PDF files
2008-04-16Bojan ZdrnjaThe 10.000 web sites infection mystery solved
2008-04-15Johannes UllrichSRI Malware Threat Center
2008-04-14John BambenekA Federal Subpoena or Just Some More Spam & Malware?
2008-04-07John BambenekKraken Technical Details: UPDATED x3
2008-04-07John BambenekHP USB Keys Shipped with Malware for your Proliant Server
2008-04-07John BambenekGot Kraken?
2008-04-06Daniel WesemannAdvanced obfuscated JavaScript analysis
2008-04-04Daniel Wesemannnmidahena
2008-04-03Bojan ZdrnjaVB detection: is it so difficult?
2008-04-02Adrien de BeaupreWhen is a DMG file not a DMG file
2008-03-27Maarten Van HorenbeeckGuarding the guardians: a story of PGP key ring theft
2006-08-31Swa FrantzenNT botnet submitted
2000-01-02Deborah Hale2010 A Look Back - 2011 A Look Ahead

VISH

2012-11-08Daniel WesemannGet a 40% discount on your hotel room!
2010-07-06Rob VandenBrinkBogus Support Organizations use Live Operators to Install Malware
2008-10-20Johannes UllrichFraudulent ATM Reactivation Phone Calls.
site/port/ip search:

Announcement!

IPv6 Support Added

Our iptables client now supports submitting IPv6 firewall logs.

Get ISC Swag!!

Advertisement

Security News Feeds

InternetStormCenter
SANS Newsbites
SANS @Risk

Diary Archives

e-netprotections.su ? - by: Daniel Wesemann (2013-05-17)

SSL: Another reason not to ignore IPv6 - by: Johannes Ullrich (2013-05-17)

Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability - by: Joel Esler (2013-05-16)

View Diary Archives

Search Diaries:

SANS Institute

View our Privacy Policy

Contact Us

Phone: (757) SANS-ISC (726-7472) - Voice Mail Only
Web Contact: handlers@isc.sans.edu
Report Bugs: Sourceforge Project
Debug Info: Browser Debug Info

"The experiences gained in the SANS Technology Institute program have helped me advance in IBM, taking a more public facing role."
- Jerome Radcliffe, SANS Technology Institute Student

"SANS is a 'giving back to the community factory.' SANS encourages and fosters growing security awareness and growing the security community."
- Rob VandenBrink, Alumni of SANS Technology Institute