- Apr 2013
- Mar 2013
- Feb 2013
- Jan 2013
- Dec 2012
- Nov 2012
- Oct 2012
- Sep 2012
- Aug 2012
- Jul 2012
- Jun 2012
- May 2012
- Apr 2012
- Mar 2012
- Feb 2012
- Jan 2012
- Dec 2011
- Nov 2011
- Oct 2011
- Sep 2011
- Aug 2011
- Jun 2011
- May 2011
- Apr 2011
- Mar 2011
- Feb 2011
- Jan 2011
- Dec 2010
- Nov 2010
- Oct 2010
- Sep 2010
- Aug 2010
- Jul 2010
- Jun 2010
- May 2010
- Apr 2010
- Mar 2010
- Feb 2010
- Jan 2010
- Dec 2009
- Nov 2009
- Oct 2009
- Sep 2009
- Aug 2009
- Jul 2009
- Jun 2009
- May 2009
- Apr 2009
- Mar 2009
- Feb 2009
- Jan 2009
- Dec 2008
- Nov 2008
- Oct 2008
- Sep 2008
- Aug 2008
- Jul 2008
- Jun 2008
- May 2008
- Apr 2008
- Mar 2008
- Feb 2008
- Jan 2008
- Dec 2007
- Nov 2007
- Oct 2007
- Sep 2007
- Aug 2007
- Jul 2007
- Jun 2007
- May 2007
- Apr 2007
- Mar 2007
- Feb 2007
- Jan 2007
- Dec 2006
- Nov 2006
- Oct 2006
- Sep 2006
- Aug 2006
- Jul 2006
- Jun 2006
- May 2006
- Apr 2006
- Mar 2006
- Feb 2006
- Jan 2006
- Dec 2005
- Nov 2005
- Oct 2005
- Sep 2005
- Aug 2005
- Jul 2005
- Jun 2005
- May 2005
- Apr 2005
- Mar 2005
- Feb 2005
- Jan 2005
- Dec 2004
- Nov 2004
- Oct 2004
- Sep 2004
- Aug 2004
- Jul 2004
- Jun 2004
- May 2004
- Apr 2004
- Mar 2004
- Feb 2004
- Jan 2004
- Dec 2003
- Nov 2003
- Oct 2003
- Sep 2003
- Aug 2003
- Jul 2003
- Jun 2003
- May 2003
- Apr 2003
- Mar 2003
- Feb 2003
- Jan 2003
- Dec 2002
- Nov 2002
- Oct 2002
- Sep 2002
- Aug 2002
- Jul 2002
- Jun 2002
- May 2002
- Apr 2002
- Mar 2002
- Feb 2002
- Jan 1995
- Jan 1994
Bankhook.A is a Trojan that installs itself in the affected computer by taking advantage of several vulnerabilities.
W32/Agobot-KG is an IRC backdoor Trojan and network worm which establishes an IRC channel to a remote server in order to grant an intruder access to the compromised machine.
W32/Rbot-CG is a backdoor Trojan and network worm that allows unauthorized remote access to the infected computer via IRC channels while running in the background as a service process.
The CEO of a security start-up says IT administrators aren't paying enough attention to the threats that are coming from within their own networks.
W32.Doep.A is a worm that spreads through file-sharing networks, such as Kazaa, eMule, eDonkey2000, Lphant, and Overnet.
Not just for consumers anymore, invasive programs are finding comfort in the corporate realm and leaving more than unwanted ads in their wake.
Trojan.Ecure is a Trojan horse that modifies the Hosts file and Internet Explorer home page.
The U.S. government's cybersecurity unit recommends ditching Internet Explorer in favor of other, safer browsers.
Downloader-LY is a Trojan that attempts to connect to a remote URL, and downloads Keylog Briss.
Trojan.Boxed.D is a Trojan horse that performs a Denial of Service (DoS) attack on certain Web sites.
W32/Rbot-CC is a member of the W32/Rbot family of worms with backdoor component.
W32.Gaobot.AUS is a repacked variant of W32.Gaobot.SN.
W32.Randex.ATX is a network-aware worm that may be remotely controlled using IRC.
The Riviera Hotel & Casino in Las Vegas has to deal with more than its share of hacker attacks. To fight off these threats, IT administrators there recently went shopping for an IDS system.
It's gonna get better, the chairman promises.
Backdoor-AXY is a Trojan that upon execution, runs silently, no GUI message boxes appear.
JS_Ject.A is Trojan script that usually arrives as an encrypted Java script file embedded in malicious Web pages.
Backdoor-CCL is a Trojan that when executed, the file runs silently, no GUI message boxes appear.
W32/Mota.worm may arrive as an e-mail file attachment with the file attachment being either a .scr or .pif or .zip file.
Backdoor.Botex is a backdoor program to allow unauthorized remote access to a compromised system.
JS-Scoba.A is Trojan script that is usually embedded in malicious Web pages.
W32/Agobot-KE is a backdoor Trojan and worm that spreads to computers protected by weak passwords.
W32/Rbot-CA is a worm that attempts to spread to remote network shares.
Critical IE vulnerability remains unpatched.
eSecurityPlanet Columnist George Bakos says that in computing, as in life and love, being predictable can be a fatal flaw. Hackers and worm authors thrive on default settings. Bakos talks about how to get around that.
While external security threats abound, most serious risks still emanate from lax policies and procedures and a lack of ongoing employee training.
The latest anti-spam effort by the four largest U.S. ISPs is a joint specification to eliminate spoofed e-mail addresses.
IT administrators are being warned to double check their servers, and Web surfers are being cautioned after a widespread hacker attack has compromised major corporate Web sites and infected thousands of users' computers.
Worm_Sdbot.Fo is a worm that spreads by exploiting the Windows LSASS flaw, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
Worm_Korgo.V exploits the Windows LSASS vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
BackDoor-AXJ is a Trojan that when run on the victim machine, serves multiple actions.
Korgo.U is a worm that spreads via the Internet by exploiting the LSASS vulnerability in remote computers.
JS/Scob-A is a Java script trojan that is reported to be appended to HTML files on IIS machines.
Worm_Korgo.T is a memory-resident worm that exploits the Windows LSASS vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
W32/Sdbot-JB is a worm that attempts to spread to remote network shares.
Downloader.JH is a Trojan that gets information on the affected computer in order to download a dialer, detected by Panda Software as Dialer.DA, to the computer.
Worm_Bobax.B is known to exploit the Windows LSASS vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of an affected system.
Bill sponsors amend anti-spyware measure to cure Internet 'cancer.'
W32/Korgo-R is a network worm using the LSASS exploit to propagate (MS04-011).
Employees using instant messaging could be opening up gaping holes in their companies' network security.
Millions of screen names were used to illegally promote an Internet gambling operation.
Continuing its way through the alphabet, Panda Software issued an alert for the S variant of the Korgo worm, which spreads via the Internet by exploiting the LSASS vulnerability in remote computers.
W32/Agobot-KC is a backdoor worm that spreads to computers protected by weak passwords.
Some security vendors have issued alerts for the Q and R variants of the Korgo worm, which spreads via the Internet by exploiting the LSASS vulnerability in remote computers.
Users at risk of denial-of-service or code execution attacks.
W32/Rbot-BL is a worm that attempts to spread to remote network shares.
Backdoor.Ranky.G is a Trojan horse that runs as a proxy server.
W32/Lovgate-V is a variant of the W32/Lovgate family of worms that spread via email, network shares and filesharing networks.
Some security vendors Monday issued alerts for the N, O and P variants of the Korgo worm, which spread by exploiting the LSASS vulnerability in Windows.
W32/Rbot-BI is a worm that attempts to spread to remote network shares.
IPScanner.A is a hacking tool.
Backdoor.Hacarmy.C is a Backdoor Trojan horse that gives an attacker control over a compromised computer.
Worm_Lovgate.AB drops copies of itself in several locations using varying file names.
W32/Sdbot-JB is a worm that attempts to spread to remote network shares.
W32/Rbot-BC is a worm that attempts to spread to remote network shares.
W32/Lovgate-V is a variant of the W32/Lovgate family of worms that spread via email, network shares and filesharing networks.
W32/Dansh-A is a network worm and IRC backdoor Trojan that can copy itself to the Windows System32 folder as DESKTOP.EXE when executed.
W32.Korgo.L and M are the latest variants of the W32.Korgo.I worm and attempt to propagate by exploiting the Microsoft Windows LSASS Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS04-011) on TCP port 445.
The spam problem is inextricably linked to any number of other Bad Things lurking on the 'Net.
IT managers report they're struggling to hold spam at bay, but end users say it's not a huge problem. What they do agree on is that spam isn't going away anytime soon, and will probably just get worse.
Backdoor.Nibu.H opens a backdoor Trojan horse on a compromised system.
W32/Rbot-AX is a worm that attempts to spread to remote network shares.
PWSteal.Bamer.A steals passwords when you visit Web sites the belong to certain banks.
W32/Rbot-AY is a worm and backdoor that spreads by exploiting various operating system vulnerabilities, weak passwords on shares and SQL servers and backdoors opened by other worms and Trojans.
W32/Agobot-KB is a backdoor Trojan and worm that spreads to computers protected by weak passwords.
Only a week old, Zafi-B is spreading wildly around the world, working itself into the Top Five ranking of the Most Dangerous Malware.
Argen is a malware type joke.
Download.Ject is a Trojan horse that attempts to download and install a file by exploiting a vulnerability in Internet Explorer.
Worm_Sdbot.RZ is a memory-resident worm that spreads through network shares.
Three-factor encryption technology comes to Symbol handheld devices.
What's one of the first tenets of warfare? Know your enemy. Well, one of the authors of a new book tells eSecurityPlanet that using honeypots is one of the best ways to do just that.
Download.Ject is a Trojan that attempts to download and install a file on a compromised system by exploiting a vulnerability in Internet Explorer.
W32/Korgo-H is a member of the W32/Korgo family of network worms that propagates using the LSASS exploit (TCP port 445).
W32/Rbot-AV is a worm that attempts to spread to remote network shares.
W32/Agobot-WR is an IRC backdoor Trojan and network worm.
After a six-month study, the FTC updates Congress on the National Do Not E-Mail registry. Hint: It's not a good thing.
Trojan.Boxed.A and B variants are Trojan horses that perform a Denial of Service (DoS) attack on certain Web sites.
W32.Paps.A@mm is a mass-mailing worm that sends itself as an attachment to the email addresses that it finds on a computer.
First mobile phone worm squirms through Symbian OS.
EPOC.Cabir is a proof-of-concept worm that replicates on Nokia Series 60 phones.
W32/Rbot-AS is a worm that attempts to spread to remote network shares.
W32/Rbot-AQ is a worm that attempts to spread to remote network shares.
Microsoft reveals code for its oft-delayed second release candidate to developers ahead of the summer deadline for the finished product.
StartPage is a trojan that when executed, modifies certain Internet Browser settings.
A buffer overflow vulnerability in RealNetworks' flagship RealPlayer software could put millions of users at risk of PC takeover.
W32/Plexus.a@MM and its b variant are worms that propagate through different vectors.
Qhosts.apd is a modified HOSTS file.
W32/Dansh.worm!irc is an IRC bot that is intended to propagate via various mechanisms.
Worm_Korgo.G, previously detected as Worm_Korgo.F, propagates by exploiting a flaw in the Windows LSASS (Local Security Authority Subsystem Service), which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
W32/Spybot-CO is a P2P worm that spreads via the KaZaA file sharing network.
Today, the threats to our online activities are shifting. eSecurityPlanet's new columnist, Bob Hillery, takes a look at the changing threats and what we should be doing about them.
According to data from PandaLabs, the Zafi.B worm, first detected last week, is now spreading widely around the world.
Executive Tech columnist Brian Livingston chats with Julian Haight, controversial director of spam-blocking system SpamCop, about the value of and problems with 'blocklists'.
Troj/Sober-H emails messages in German to addresses found in files on the hard disk.
W32/Pam.worm is a floppy worm written in Delphi.
W32/Rbot-AE is a worm that attempts to spread to remote network shares.
W32.Sasser.G is a minor variant of W32.Sasser.Worm.
W32/Zafi-B is a peer-to-peer (P2P) and email worm that will copy itself to the Windows system folder as a randomly named EXE file and set the following registry entry to ensure that it will be run on system restart.
X97M.Crex is a macro virus that infects Microsoft Excel 97 (and later) spreadsheets.
After new breaches found in CVS, open source community mulls how extensively they use the online repository.
VB_Pub.A is malicious Visual Basic (VB) script that spreads via email.
Downloader-LB is a trojan believed to have been Spammed to many users as an attachment 'Clock.exe.'
Browser vulnerabilities carry an 'extremely critical' rating and is being exploited to launch adware on infected machines.
W32/Agobot-XX is capable of spreading to computers on the local network protected by weak passwords.
W32/Agobot-JX is a backdoor Trojan and worm that spreads to computers protected by weak passwords and to computers infected with variants of W32/MyDoom.
Downloader-KP is not an email virus.
W32/Agobot-JT is a backdoor worm that runs in the background as a system process and allows unauthorized remote access to the computer.
W32.Tubty.A@mm is a mass-mailing worm that uses its own SMTP engine to send itself to all the contacts in the Windows Address Book.
Panda Software Wednesday issued a high threat alert for Downloader.GK, a Trojan that downloads and runs adware programs on the affected computer.
W32/Korgo-I is a member of the W32/Korgo network worms family that propagates by using the LSASS exploit.
Worm_Rbot.AF is a worm that spreads through network shares.
US-CERT warns that attackers could exploit the vulnerability and execute arbitrary SQL statements.
BackDoor-AET is a remote access trojan written in Microsoft Visual C++.
W32/Agobot-JP is a backdoor Trojan and worm that spreads to computers protected by weak passwords.
W32/Rbot-AA is a worm that attempts to spread to remote network shares.
Trojan.Gletta.A is a Trojan horse that steals Internet banking passwords.
Report comes out warning that the creator of the Korgo family of worms seems to be carrying out experments with new variants aimed at catching users off guard while aiming to cause a serious epidemic.
IT administrators and security officers are under a lot more pressure than ever before. Ken Xie, president of Fortinet Inc., talks to eSecurityPlanet about the added workload and what can be done to make the job a little easier.
Trojan.Dingsta.A is a keylogger that tries to log keystrokes that are typed in open Web browser windows.
Bagle-AA has moved up the ranks to become the fifth most dangerous malware roaming the Internet.
Troj/StartPa-AE changes browser settings for Microsoft Internet Explorer each time Windows is started.
Keylog-Dingxa is a keylogging Trojan that captures keystroke information on the victim machine.
W32/Spybot-CC is a backdoor Trojan and worm that spreads via file sharing on Kazaa P2P networks and by copying itself to network shares that have weak password protection on the $ADMIN share.
Spam levels have reached new heights -- or lows as the case may be. Nine out of 10 emails traveling across the U.S. are spam, according to a new report.
Gartner says filters, sender authentication-reputation initiatives not likely to provide short-term relief.
Security vendors Tuesday issued alerts for the G and H variants of the Korgo worm, a network worm that uses the LSASS exploit to propagate.
W32/Dumaru-AK consists of a dropper and a number of dropped files.
W32/Spybot-BZ attempts to copy itself to CRCSSV.EXE in the Windows system folder.
Backdoor.Ducy is a backdoor program designed to grant unauthorized access via MSN Messenger.
A security company is shipping today new software it claims will better protect your servers against hacker attacks -- whether or not you've installed the latest patches from Microsoft.
During Sunday and Monday, MessageLabs reported intercepting several copies of a new, multi-stage Trojan whose name is unknown.
The spam volume remains unchanged over the month, but Internet users don't have reason to celebrate, as the plateau is not indicative of an imminent decline in unwanted messages.
eSecurityPlanet's new columnist Ken van Wyk talks about the way we defend ourselves from attack. Reacting to a situation isn't working, and it hasn't been working for some time. Van Wyk says it's time we get proactive.
Trojan.Mitglieder.L is a Trojan horse program that allows a compromised system to be used as an email relay, according to Symantec, which issued an alert Monday.
W32/Sdbot-DB is a network worm and IRC backdoor Trojan that runs in the background as a service process and allows unauthorized remote access to the computer via IRC channels.
W32.Rainwash is a worm that propagates by copying itself to the Kazaa shared folder.
A patch Microsoft issued in April could fend off the malicious mutant.
Backdoor.IRC.Aladinz.R is a backdoor server that allows a remote attacker to obtain access to your computer.
W32/Korgo-A is a network worm using the LSASS exploit to propagate, according to Sophos, which issued an alert Friday.
Worm_Korgo.D is a member of the KORGO family of worms, which propagates by exploiting a buffer overrun vulnerability in the Windows LSASS (Local Security Authority Subsystem Service).
To propagate this worm exploits the Windows LSASS vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
Worm_Korgo.G propagates by exploiting a flaw in the Windows LSASS (Local Security Authority Subsystem Service), which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
Worm_Plexus.A arrives via network shares, and takes advantage of the Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability in Windows.
W32/Agobot-JM is a member of the W32/Agobot family of network worms and backdoor Trojans that exploits a number of known vulnerabilities and is also able to function as an IRC bot.
Broadcom has unveiled storage management software that puts the company at the forefront of vendors addressing storage security concerns.
After weathering a storm of viruses last month, security analysts are hoping that June isn't hit nearly as hard. But they're not getting their hopes too high.
Worm/Agobot.300544 is a memory resident Internet worm that spreads by capitalizing on various Microsoft vulnerabilities, as well as through network shares.
The Sasser worm continues to raise its ugly head, battering enterprise and home user networks around the globe.
The flaw carries a 'moderately critical' rating and could give malicious hackers administrative access to vulnerable devices.
Worm/Rbot.94208 is an Internet worm that spreads through the use of the mIRC network.
W32/Rbot-Y is a worm that attempts to spread to remote network shares, according to Sophos, which issued an alert Thursday.
Worm_Korgo.E is a member of the Korgo family of worms, which propagates by exploiting a buffer overrun vulnerability in the Windows LSASS (Local Security Authority Subsystem Service).
W32.Korgo.G is a minor variant of W32.Korgo.C, according to Symantec and McAfee, which issued low-level alerts Thursday.
Worm_Agobot.SU is a memory-resident worm that spreads through network shares.
While PDA and smartphone security is often a forgotten piece of the security infrastructure, these devices have the ability to transmit and receive viruses, and can be exploited in numerous ways. In this article, the first in a series on the subject, we provide a general overview of PDA security and discuss vulnerabilities, products, security issues, and policies.
W32/Korgo-D is a variant of the W32/Korgo-C network worm and backdoor that propagates by using the LSASS exploit, according to Sophos, which issued an alert Thursday.
Netsky-P, first discovered March 22, has a new trick up its sleeve. Thousands of reports are in that the worm now is disguising itself as a Harry Potter Computer game.
Because of a flood of submissions in the past 12 hours, at least one anti-virus company has raised the threat level on Korgo-F.
W32/Agobot-SG is a backdoor Trojan and network worm that can spread by copying itself to network shares with weak passwords and may attempt to spread using the DCOM RPC and/or RPC locator vulnerabilities, according to Sophos, which issued an alert Wednesday.
Worm_Korgo.D is a worm that propagates by exploiting the Windows LSASS vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
W32.Korgo.F is a minor variant of W32.Korgo.E, according to Symantec, which issued an alert Wednesday.
W32/Rbot-X is an IRC backdoor Trojan and network worm, according to Sophos, which issued an alert Wednesday.
W64_RUGRAT.A is a file infector that targets 64-bit systems and infects 64-bit .EXE files by appending its code to the host PE (Portable Executable) file.
McAfee issued alerts for three variants of the Korgo worm: W32/Korgo.worm.f and the c and e variants, all of which are self-executing worms that spread by exploiting a Microsoft Windows vulnerability.
Backdoor-CBA is a Trojan that when run, installs itself in the 'Run' key as SCHECK to be loaded on next restart.
We have added a few things to eSecurityPlanet -- changes designed to give you more information, faster.
The carrier introduces a new service to thwart denial-of-service attacks in corporate systems.
IRC-Scanbot is an IRC bot Trojan that has share-hopping and remote access functionality.
Netsky-Z, discovered April 21, 2004, uses a ZIP file to evade corporate perimeter protection.
The D-variant of the Netsky family has become one of the most problematic bugs roaming the Internet.
Worm_Lamud.A is a worm that spreads via network shares, according to Trend Micro, which issued an alert Tuesday.
Security researchers have discovered a heap overflow vulnerability in Concurrent Versions System (CVS), the source code maintenance system used to power open-source software development projects.
IT security attacks on some of the world's leading financial institutions more than doubled from last year, according to a new survey from Deloite & Touche.
- What are the top Android security apps?
- What are the top Android security risks?
- What are today's top cyber threats?
- What's the most secure way to delete data?
- How does hard drive encryption work?
- Is old software inherently insecure?
- Are Macs immune to malware?
- How can BYOD risk be managed?
- Which web browser is the most secure?
- How do I protect my iOS device?
- What are the top iPhone security apps?
- How do I secure my wireless network?
- Are public Wi-Fi hotspots safe?