Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Recommended Reads

Rogue antivirus scammers have made $150M

by Shanmuga

"They’re the scourge of the Internet right now and the U.S. Federal Bureau of Investigation says they’ve also raked in more than $150 million for scammers. Security experts call them rogue antivirus programs. The FBI’s Internet Crime Complaint Center issued a warning over this fake antivirus software Friday, saying that Web surfers should be wary […]

Read the full article →

Amazon EC2 Used as Botnet Command and Control

by Shanmuga

"Trend Micro released a report Dec. 9 highlighting what it expects to see as far as security threats in 2010. Among the more interesting predictions — attacks on cloud infrastructures will increase. Almost as if on cue, a report surfaced the same day that the Zeus Trojan was observed abusing the Amazon EC2 (Elastic Compute […]

Read the full article →

Malware messes up India’s online test for business schools

by Shanmuga

"The move by India’s top business schools to take their CAT entrance test online turned embarrassing after malware-infected computers left a number of students unable to take the test. Prometric, a Baltimore, Maryland, testing company hired to conduct the CAT (Common Admission Test), said this week that the testing labs faced technical difficulties mainly due […]

Read the full article →

Botnet continues massive malware campaign

by Shanmuga

"A massive spam campaign that poses as a message from the Centers for Disease Control (CDC) asking people to register for H1N1 vaccinations remains a big problem today, a security researcher said. The messages lead unwary users to a convincing-looking CDC site where they’re asked to create a profile in order to receive a vaccination […]

Read the full article →

Zeus/Zbot spreading through drive-by download

by Shanmuga

"Zeus, or Zbot, recently began circulating spam claiming to come from the Internal Revenue Service (IRS), requesting users submit a “tax refund request form” by clicking on a link that is provided. Clicking takes victims to a website that attempts to perform a drive-by download, meaning users do not need to take any further action […]

Read the full article →

WordPress Installations Under Brute-Force Attack

by Shanmuga

"There is an ongoing attack against some WordPress implementations that is trying to brute-force the passwords for the administrator accounts on the installations. The attack is being driven by an automated PHP script that tries thousands of possible passwords.

Read the full article →

AV-Comparatives picks eight proactive antimalware winners

by Shanmuga

"To recap, there were two sets of malware: Set A, which contains malware from December 2007 to December 2008 (of which most products could detect over 97 percent), and Set B, which contains malware from the last seven months (1.6 million samples). The set included the following categories of malware: Trojans (69.5 percent), Backdoors/Bots (20.7 […]

Read the full article →

Tiger Woods malware

by Shanmuga

"Symantec reported that search engine results are redirecting to malicious domains that go through the usual fake scanning activity, before pointing out a whole host of ‘serious errors’ and ‘threats’ that need to be cleaned from your computer. Files on offer on this occasion may be setup_build6_195.exe (Download.MisleadApp) or install [RANDOM NUMBER].exe (Detected as Downloader […]

Read the full article →

The Root of the Botnet Epidemic

by Shanmuga

"Over the course of a few days in February 2000, a lone hacker was able to bring some of the Web’s larger sites to their knees, using just a few dozen machines and some relatively primitive software to cripple Yahoo, eBay, E*trade, Amazon, ZDnet and others for hours at a time. No one knew it […]

Read the full article →

Microsofts Do and donts for Passwords

by Shanmuga

"The three basic things to remember when creating a strong password are the following: 1. Use a combination of letters, numbers and special characters. Also, remember that some dictionaries used in attacks have a "l33t" mode, which allows common letter/number-to-special character substitutions (like changing [email protected], i-1 ,o-0 and s=$, for example, password = [email protected]$w0rd). Therefore, […]

Read the full article →

Panda Burning Incense worm due for a comeback

by Shanmuga

"A computer worm that China warned Internet users against is an updated version of the Panda Burning Incense virus, which infected millions of PCs in the country three years ago, according to McAfee. The original Panda worm, also known as Fujacks, caused widespread damage at a time when public knowledge about online security was low, […]

Read the full article →

New Bios attack renders anti-virus useless

by Shanmuga

"A new form of attack that installs a rootkit directly onto a computer’s Bios system would render anti-virus software useless, researchers have warned…The researchers devised a 100-line Python script that could be flashed onto the Bios to install a rootkit. Because the Bios software activates before any other program on a computer when it starts […]

Read the full article →

8 Best Practices to Avoid Malware on Facebook and Twitter

by Shanmuga

"Thanks to the popularity of social networking sites like Facebook and Twitter, it’s a given that malicious hackers will devise ways to exploit the sites’ numerous users in order to infect their computers with malware. This unwanted software is designed to do a number of terrible things ranging from identity theft to turning computer into […]

Read the full article →

Dumb code could stop computer viruses in their tracks

by Shanmuga

"ON THE day a new computer virus hits the internet there is little that antivirus software can do to stop it until security firms get round to writing and distributing a patch that recognises and kills the virus. Now engineers Simon Wiseman and Richard Oak at the defence technology company Qinetiq’s security lab in Malvern, […]

Read the full article →

A Security Wish List for Microsoft Internet Explorer 9

by Shanmuga

"Just what is in store for Internet Explorer 9 from a security perspective remains unknown. But in light of Microsoft’s announcement, some security pros shared their thoughts with eWEEK about what they would like to see in the upcoming version of the Web browser.

Read the full article →

Microsoft denies backdoor in Windows 7

by Shanmuga

"Microsoft today denied that it has built a backdoor into Windows 7, a concern that surfaced yesterday after a senior National Security Agency (NSA) official testified before Congress that the agency had worked on the operating system. "Microsoft has not and will not put ‘backdoors’ into Windows," a company spokeswoman said, reacting to a Computerworld […]

Read the full article →

10 Lessons Google Must Learn About OS Security

by Shanmuga

"Google is new to the operating system market, so it has to demonstrate that it understands how to build and maintain a secure Web OS. The history of Windows security has shown there are many avenues of attack against a desktop operating system. There are even more potential attack strategies for an online OS. But […]

Read the full article →

3 Basic Steps to Avoid Joining a Botnet

by Shanmuga

"Banging the drum for security awareness never gets old. As much as CSOs try to get folks to bone up on safe practices (both online and in the office), there are always going to be some who need reminding. Online, the biggest battle these days is against botnets: networks of infected computers which hackers can […]

Read the full article →

Top Internet Security Trends of 2009

by Shanmuga

"The Security Response team has compiled the top security trends of 2009. We pulled data from the Global Intelligence Network and the experiences of the thousands of analysts and security experts at Symantec to come up with the top trends for the year. While none of these trends will be a surprise to anyone even […]

Read the full article →

Firefox 3.6 locks out rogue add-ons

by Shanmuga

"Mozilla will add a new lockdown feature to Firefox 3.6 that will prevent developers from sneaking add-ons into the program, the company said. The new feature, which Mozilla dubbed "component directory lockdown," will bar access to Firefox’s "components" directory, where most of the browser’s own code is stored. The company has billed the move as […]

Read the full article →

Recognizing phishing e-mails

by Shanmuga

"If you have received an e-mail from the Internal Revenue Service or the Federal Deposit Insurance Corporation, chances are it was a phishing attempt. If you received e-mail from your bank, PayPal, or Facebook urging you to immediately verify information or risk having your account suspended, it was undoubtedly phishing. Phishing attacks have spiked this […]

Read the full article →

Rogue antivirus: a growing problem

by Shanmuga

"Rogue antivirus programs pretend to detect malicious programs on a user’s computer and then offer to “treat” them for a fee. Needless to say, the money ends up in a cybercriminal’s pocket. The chances of being infected by this type of malware have increased dramatically over the last few years. The article examines how rogue […]

Read the full article →

10 Reasons Why Windows Security Is Better than Ever

by Shanmuga

"Windows isn’t very well known for providing the kind of security users really want. Windows has long been the favorite target of malicious hackers that have run amok in the operating system. Over the past few years, things have only gotten worse for Microsoft. Until Service Pack 2 was released for Windows XP, users were […]

Read the full article →