A new version (1.1) of FiddlerCap is available at http://www.fiddlercap.com. The new version includes a checkbox that controls whether or not cookies and form POSTs are stored within the .SAZ file. Fiddlercap is proving to be absolutely invaluable in the fight against malicious banner advertisements – Fiddlercap makes it easy for even the most inexperienced computer […]
You start sounding the alarm, that’s what you do. I urge you to read this link, and spread the word. http://sunbeltblog.blogspot.com/2007/11/breaking-massive-amounts-of-malware.html Take a close look at the URLs for the malware links; they are all random collections of letters and numbers, and they’re all Chinese domains. Users of Google (and other web search engines) need […]
Alex Eckelberry of Sunbelt has been in touch with me to advise that he has contacted AdOn Network about the malicious SWF that we have been studying on this blog over the past day or so – something I am ashamed to admit I had not done yet. AdOn advise that they have removed the […]
HTTP capture of a visitor to the National Geographic website being hijacked and redirected to scanner2.malware-scan.com. As we know, we’ve traced the guilty advertisement as far back as 66.179.234.173/images/1847_560766_7006263_90_728.html
I only have time to post screenshots at the moment – the malicious advertisement can be seen at:66.179.234.173/images/1847_560766_7006263_90_728.html A Google search reveals that the IP address 66.179.234.173 has a history of involvement with malicious banner advertisements:http://www.google.com/search?q=66.179.234.173&rls=com.microsoft:en-us&ie=UTF-8&oe=UTF-8&startIndex=&startPage=1 The SWF itself is being pulled from:rmedia.adonnetwork.com/images/560766_90_728_200711011430_tubesnow_728x90.swf With javascript being pulled from:rmedia.adonnetwork.com/adon_flash_v2.js and I’ll post more specific details in roughly […]
Posted to Shark Bait not long ago [:)]http://sharkbait.computerworld.com/?q=node/1902
There’s my Dad, searching the net for an update to a particular specialist programme on his system; he finds what he wants, he downloads, he starts to install (we don’t know if he closed his Web browser first – I’m bettting not), he’s prompted to update *DirectX* and whammo, he’s hit with spyware.cyberlog-x. Unfortunately: he […]
Check out this URL:http://www.itnews.com.au/News/NewsStory.aspx?story=65660 See this quote towards the very end: “In Australia earlier this month, a majority of Sensis websites including Whitepages, Telstra Bigpond and Yellowpages had to remove advertising on their site after a local security professional and Microsoft MVP discovered malicious malware embedded in the ads.” For whatever reason, IT NEWS decided […]
Malware found on LaoAirlines.com, travellers beware of other sites “Sophos has warned Australian travellers looking to book flights to South East Asia to make certain their anti-virus software is up to date before going online after yesterday intercepting malware on Lao Airlines.com. Users who simply embark on the site will automatically be redirected to another […]
This one is interesting to my alter-ego… Consider the following scenario. In a Microsoft Exchange Server organization, the Exchange Server server has no size restrictions for e-mail attachments and no quota settings on mailboxes. Additionally, size restrictions are set on the firewall. In this scenario, you may receive non-delivery reports (NDR) when you send e-mail […]