- Latest
- Apr 2013
- Mar 2013
- Feb 2013
- Jan 2013
- Dec 2012
- Nov 2012
- Oct 2012
- Sep 2012
- Aug 2012
- Jul 2012
- Jun 2012
- May 2012
- Apr 2012
- Mar 2012
- Feb 2012
- Jan 2012
- Dec 2011
- Nov 2011
- Oct 2011
- Sep 2011
- Aug 2011
- Jun 2011
- May 2011
- Apr 2011
- Mar 2011
- Feb 2011
- Jan 2011
- Dec 2010
- Nov 2010
- Oct 2010
- Sep 2010
- Aug 2010
- Jul 2010
- Jun 2010
- May 2010
- Apr 2010
- Mar 2010
- Feb 2010
- Jan 2010
- Dec 2009
- Nov 2009
- Oct 2009
- Sep 2009
- Aug 2009
- Jul 2009
- Jun 2009
- May 2009
- Apr 2009
- Mar 2009
- Feb 2009
- Jan 2009
- Dec 2008
- Nov 2008
- Oct 2008
- Sep 2008
- Aug 2008
- Jul 2008
- Jun 2008
- May 2008
- Apr 2008
- Mar 2008
- Feb 2008
- Jan 2008
- Dec 2007
- Nov 2007
- Oct 2007
- Sep 2007
- Aug 2007
- Jul 2007
- Jun 2007
- May 2007
- Apr 2007
- Mar 2007
- Feb 2007
- Jan 2007
- Dec 2006
- Nov 2006
- Oct 2006
- Sep 2006
- Aug 2006
- Jul 2006
- Jun 2006
- May 2006
- Apr 2006
- Mar 2006
- Feb 2006
- Jan 2006
- Dec 2005
- Nov 2005
- Oct 2005
- Sep 2005
- Aug 2005
- Jul 2005
- Jun 2005
- May 2005
- Apr 2005
- Mar 2005
- Feb 2005
- Jan 2005
- Dec 2004
- Nov 2004
- Oct 2004
- Sep 2004
- Aug 2004
- Jul 2004
- Jun 2004
- May 2004
- Apr 2004
- Mar 2004
- Feb 2004
- Jan 2004
- Dec 2003
- Nov 2003
- Oct 2003
- Sep 2003
- Aug 2003
- Jul 2003
- Jun 2003
- May 2003
- Apr 2003
- Mar 2003
- Feb 2003
- Jan 2003
- Dec 2002
- Nov 2002
- Oct 2002
- Sep 2002
- Aug 2002
- Jul 2002
- Jun 2002
- May 2002
- Apr 2002
- Mar 2002
- Feb 2002
- Jan 1995
- Jan 1994
7/30: Backdoor-CHI Lifts MSMoney App Data
BackDoor-CHI is a remote access trojan bearing several characteristics.
7/30: Dropper-O a 'High Threat' Trojan
Panda Software has issued a high threat level for Dropper.O, a Trojan that drops and executes the adware detected by the security vendor as Adware/Nsearch, in the affected computer.
7/30: Moridin Macro Virus Infects Word Docs
W97M.Moridin is a macro virus that infects Microsoft Word documents.
7/30: Rbot-FC Runs in Background
W32/Rbot-FC is a worm that attempts to spread to remote network shares.
7/30: Agobot-KM Exploits Weak Passwords
W32/Agobot-KM is a network worm that spreads to other computers by exploiting network services with either weak passwords or unpatched vulnerabilities.
Think Globally, Block Locally
Experts at international anti-spam conference hold out little hope of a global solution to the rising tide of rotten e-mails.
7/30: Tompai-A Has Backdoor Functionality
W32/Tompai-A is a virus with backdoor functionality for the Windows platform.
'Critical' IE Patch Released
Microsoft goes out-of-cycle to fix software flaws that led to last month's malware attack.
Research Says Linux Servers Mostly Hack-Free
Research shows majority of Linux servers are never infected or hacked.
7/29: Mabutu-B a Mass-Mailing Worm
W32/Mabutu.b@MM is a minor variant of W32/Mabutu.a@MM, a mass-mailing worm with several characteristics.
7/29: Sdbot-KU May Initiate SYNFlood Attacks
W32/Sdbot-KU is an IRC backdoor Trojan and network worm that can run in the background as a service process and allow unauthorized remote access to an intruder via the IRC network.
7/29: Rbot-EW Worm Allows Remote Access
W32/Rbot-EW is a worm that attempts to spread to remote network shares.
7/29: Berbew.I Steals Cached Passwords
Backdoor.Berbew.I attempts to steal cached passwords.
DNSSEC: For When a Spoof Isn't a Comedy
The third time around promises to be the charm for DNSSEC: An enhancement to the Internet name service protocols that blocks spoofing attacks, and promises to help clean up the spam problem, too.
7/29: Lovgate-AK a Mass-Mailing Worm
W32.Lovgate.AK@mm is a variant of W32.Lovgate.W@mm.
Human Error: The 'Oops' Factor
Training, audits and a new breed of technology solutions can help protect corporate networks from a common (and dangerous) adversary: humans.
7/28: Downloader-NE.dr a New Trojan
Downloader-NE.dr is a downloader dropper trojan packed with FSG and injects a DLL component in to the memory space of the Explorer.exe process.
7/28: Korgo-Z Worm Exploits LSASS Flaw
W32.Korgo.Z is a worm that attempts to propagate by exploiting the Microsoft Windows PCT Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS04-011) on TCP port 113.
7/28: Toraja-I Macro Virus Attacks Office 97
OF97/Toraja-I is a macro virus for the Microsoft Office 97 platform.
MyDoom's One-Two Punch Lacks Wallop
With the latest MyDoom variant largely under control, the second wave of the virus author's attack is losing steam, according to security analysts.
7/28: Small-AO Trojan Allows Remote Control
Troj/Small-AO is a backdoor Trojan.
7/27: Zindos-A Performs DoS Attack on Microsoft.com
W32.Zindos.A is a worm that performs a Denial of Service (DoS) attack against the domain, microsoft.com.
Is Second Wave of MyDoom Attack Rolling In?
A new variant of the MyDoom worm is kicking up a small online storm, battering search engines and opening backdoors across the globe. And now a security analyst says a second wave of the attack -- Zindos-A -- may just be beginning.
7/27: Zindos Worm Uses MyDoom Backdoor
W32/Zindos.worm is a worm that uses the backdoor of W32/Mydoom.o@MM in order to infect a machine. It also launches a DoS attack against Microsoft.com.
7/27: MyDoom.N Raised to 'Amber Alert'
Panda Software has increased the threat of MyDoom.N to AMBER ALERT.
7/27: Mabutu-A Harvests Email Addresses
W32/Mabutu.a@MM is a mass-mailing with several characteristics.
7/27: Lovgate-AE Worm Spreads Via Email
Lovgate.AE is a worm that propagates via email and network shares.
Microsoft Office Upgrade Tackles Spam
The software giant targets spam in an Office 2003 upgrade and reworks two other components.
7/27: Rbot-ET Worm Allows Remote Access
W32/Rbot-ET is a worm that attempts to spread to remote network shares
eEye Stares Down Security Threats
The Blink security software helps companies safeguard against known and unknown network threats.
7/26: Spybot-CZ Runs in Background
W32/Spybot-CZ is a network worm with backdoor Trojan functionality.
7/26: Rbot-EP is Both a Worm and a Trojan
W32/Rbot-EP is a network worm and an IRC backdoor Trojan.
7/26: Rbot-EQ Calls Up Remote IRC Server
W32/Rbot-EQ is a member of the W32/Rbot family of worms with backdoor capabilities.
Real Security Demands a New Way of Thinking
eSecurityPlanet's guest columnist Gilles Samoun says the only way to be secure is to change the way we think about security -- and to start thinking more about security policies.
7/26: Seliuq-D Virus Infects Word Documents
W97M.Seliuq.D is a virus that infects Microsoft Word documents and templates.
7/26: PatchLs-A Creates Exploitable Flaw
Troj/PatchLs-A is a Trojan that attempts to create an exploitable vulnerability within the active LSASS.EXE/LSASRV.DLL process by injecting malicious instructions, which must then be exploited via the normal LSASS interfaces.
7/26: MyDoom-M a Mass-Mailing Worm
The W32.MyDoom.M@mm mass-mailing worm performs multiple functions.
7/26: MyDoom-O Spreads Using SMTP Engine
W32/MyDoom-O is a mass-mailing worm that spreads by emailing itself via its own SMTP engine.
7/26: Lovgate-AT Worm has Backdoor
Lovgate.AT is a worm with backdoor characteristics that uses several techniques in order to spread: e-mail messages, the peer-to-peer (P2P) file sharing program KaZaA, shared network resources, etc.
7/23: Korgo.AC Uses LSASS Vulnerability
Worm_Korgo.AC is a memory-resident worm that propagates across the network by utilizing the LSASS vulnerability, which is a buffer overrun vulnerability that allows remote code execution and enables an attacker to gain full control of an affected system.
7/23: Psyme-AI Downloads, Executes Trojan
Troj/Psyme-AI is a multi-component script Trojan that downloads and executes Troj/Multidr-Y.
7/23: Dluca-CQ an Adware Application
Troj/Dluca-CQ is an adware application, according to Sophos.
Samba Patches Buffer Overflows
The open-source implementation of Microsoft's SMB/CIFS protocol gets a security update.
7/23: Bagle-ak!proxy Connects to Foreign Sites
W32/Bagle.ak!proxy is a variant that does not mass-mail like previous variants.
7/22: Agent-B Trojan Hides in Web Sites
Backdoor.Agent.B is a backdoor Trojan that installs a DLL (Dynamic Link Library) on the affected computer when a user visits certain malicious Web sites.
7/22: W97M.Kuna Virus Modifies Office Settings
W97M.Kuna is a virus that modifies Microsoft Office configuration settings and infects Microsoft Word documents and the Normal.dot template.
Bagle-AI Quickly Becomes Online Menace
After only being in the wild for three days, the Bagle-AI variant has cracked the Top Five list of Most Dangerous Malware.
After 6 months, Netsky-B Still Tricking Users
Yet another variant of the Netsky family of worms has topped the charts as one of the worst pieces of malware to torment the Internet.
7/22: Sdbot-KM Trojan Opens IRC Channel
W32/Sdbot-KM is an IRC backdoor Trojan and network worm that can run in the background as a service process and allow unauthorized remote access to a remote intruder via the IRC channel.
Netsky-Q Works its Way Back into Top 5
Netsky-Q is more aggressive in harvesting email addresses from infected computers, and that has helped to keep it widely spreading for more than three months.
7/21: Xordoor Trojan Allows Remote Access
Backdoor.Xordoor is a backdoor Trojan horse that allows unauthorized remote access to a compromised computer.
7/21: Delf-DU Tojan Copies Itself to Windows
Troj/Delf-DU is a backdoor Trojan.
Bagle Worm Resurfaces -- More Variants Expected
The Bagle family of worms, fairly dormant for the past few months, has spawned a flurry of variants that are kicking up a storm in the wild. And with the release of the worm's source code, more are expected to be on the way.
7/21: MyDoom-N Emails Itself Via SMTP Engine
W32/MyDoom-N is a mass-mailing worm that spreads by emailing itself via SMTP using its own engine.
7/21: W97M.Diperis-A a Macro Virus
W97M.Diperis.A is a macro virus that infects Microsoft Word documents and templates.
7/21: Lovgate-V Worm Provides Remote Access
W32/Lovgate-V is a variant of the W32/Lovgate family of worms that spread via email, network shares and filesharing networks.
7/21: Downloader-MY Executes Remote File
Downloader-MY is a downloading trojan that serves only to download and execute a remote file.
7/20: Bagle.AH Worm a 'Severe Threat'
PandaSoftware has issued a severe threat level alert for the new worm Bagle.AH (W32/Bagle.AH.worm).
7/20: Mydoom.M Installs DLL to Open TCP Port
Mydoom.M is a worm that installs a dynamic link library (DLL) that opens TCP port 1042 and listens to it, thus behaving as a backdoor.
7/20: Wukill.E Arrives as Executable File
Worm_Wukill.E is a worm that usually arrives as an executable (.EXE) file that uses the folder icon.
7/20: Sdbot-KK Targets Weak Passwords
W32/Sdbot-KK is a worm that attempts to spread to remote shares that have weak passwords.
7/20: Lovgate-AJ Copies Itself to Win Folder
W32/Lovgate-AJ is a Windows worm that spreads via email, network shares and filesharing networks.
7/20: Mydoom.L@mm a Mass-Mailing Worm
The W32.Mydoom.L@mm mass-mailing worm performs several functions.
7/20: Bancban-C a Password-Stealing Trojan
Troj/Bancban-C is a password stealing Trojan targeted at customers of a Brazilian bank.
7/20: Bagle-AL Searches for Email Addresses
W32/Bagle-AI is a member of the W32/Bagle family of email worms. W32/Bagle-AI spreads by emailing itself to addresses found on the infected computer's hard disk.
Windows 2000 Exploit Code Released
Apply those MS04-019 and MS04-022 security patches as needed.
7/19: Worm_Korgo.Y Exploits LSASS Vulnerability
Worm_Korgo.Y worm exploits the Windows LSASS vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.
7/19: Worm_Agist.A Spreads Via Email
TrendLabs has received several infection reports regarding a new worm known as Worm_Agist.A, spreading via email.
7/19: Rbot-DX Spreads to Remote Shares
W32/Rbot-DX is a worm that attempts to spread to remote network shares.
7/19: Bagle.AG Affects Win XP/2000/NT
Several security vendors have issued high level threat alerts for Bagle.AG, a worm that affects Windows XP/2000/NT computers only.
7/19: Agobot-KW Worm Copies Itself
W32/Agobot-KW is a network worm that spreads by copying itself to computers protected by weak passwords and via IRC channels.
7/19: Duts-A Infects Pocket PCs
Several security vendors have issued alerts for WCE/Duts-A, a proof-of-concept parasitic virus that infects EXE files for the Pocket PC environment.
7/19: Beagle.AC@mm Uses Own SMTP Engine to Spread
W32.Beagle.AC@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1080.
7/16: Rbot-DY an IRC Backdoor Worm
W32/Rbot-DY is an IRC backdoor worm.
7/16: Atak.B a Mass Mailing Worm
W32/Atak-B is a mass mailing worm.
7/16: Beagle.AB@mm Uses SMTP Engine to Spread
W32.Beagle.AB@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1080.
7/16: Rbot-DT Spreads to Remote Shares
W32/Rbot-DT is a worm that attempts to spread to remote network shares.
PHP Zaps Security Leaks
The PHP Group patches a pair of potentially serious vulnerabilities in the popular open-source scripting language.
7/16: Backdoor.Doster Creates Remote Access
Backdoor.Doster is a Backdoor Trojan horse that attempts to give an attacker access to a computer.
7/16: Rbot-DP Trojan Has Spreading Capability
W32/Rbot-DP is an IRC backdoor Trojan with spreading capability.
7/16: Bagle.AF a 'Medium Threat Alert'
Several security vendors have issued medium level threat alerts for Bagle.AF, a new variant of the well-known Bagle virus.
7/16: Bagle-Zip is Series of Archived Files
W32/Bagle-Zip is the password-protected archive files created by W32/Bagle-F, W32/Bagle-G, W32/Bagle-H, W32/Bagle-I, W32/Bagle-J, W32/Bagle-K (ZIP archives), W32/Bagle-N, W32/Bagle-O (ZIP and RAR archives), W32/Bagle-W, W32/Bagle-AA and W32/Bagle-AF.
7/15: AdClicker-AU Installs Itself on System
AdClicker-AU is a Win32 trojan written in Borland Delphi.
7/15: Rbot-DS Spreads to Remote Shares
W32/Rbot-DS is a worm that attempts to spread to remote network shares.
7/15: Agobot-KN Sets Up an IRC Channel
W32/Agobot-KN is an IRC backdoor Trojan and network worm that establishes an IRC channel to a remote server in order to grant an intruder access to the compromised computer.
7/14: Agobot-KS Creates Registry Entries
W32/Agobot-KS is an IRC backdoor Trojan and network worm.
7/14: Agobot-KT Trojan Exploits Passwords
W32/Agobot-KT is a backdoor Trojan and worm that spreads to computers protected by weak passwords.
7/14: Rbot-DR Worm Carries a Backdoor
W32/Rbot-DR is a worm that attempts to spread to remote network shares.
Microsoft Hits, Misses on Security Releases
Redmond had plenty of news for ISVs at Partnerworld, including delays in its patch management tool.
Microsoft Updates Download.Ject Removal Tool
The cleanup from last month's malware attack continues.
7/14: Cargao Trojan Emails Windows Contacts
Trojan.Cargao is a Trojan horse that sends emails to all contacts it finds in Windows address book.
7/14: Lovgate.AC@mm Exploits Buffer Overrun
W32.Lovgate.AC@mm is a mass-mailing worm that spreads using the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS03-026), and through open network shares.
7/13: Rbot-DL Empowers Remote Users
W32/Rbot-DL is a network worm and backdoor Trojan for the Windows platform.
7/13: Xebiz.A Trojan Connects to Web Site
Xebiz.A is a Trojan that connects to a specific web site in order to download another Trojan, Zerolin.A, to the affected computer.
7/13: Rbot-DP an IRC Backdoor Trojan
W32/Rbot-DP is an IRC backdoor Trojan with spreading capability.
7/13: Korgo-U Worm Exploits LSASS Flaw
W32/Korgo-U is a network worm which uses the LSASS exploit to propagate.
7/13: PE-Lovgate.AH is a File Infector
PE-Lovgate.AH is a memory-resident file infector that spreads through email and network shares.
7/13: Lovgate.AG a Memory-Resident Worm
Worm_Lovgate.AG is a memory-resident worm that propagates via email and network shares.
7/13: Lovgate.AD@mm Uses RPC Vulnerability
W32.Lovgate.AD@mm is mass-mailing worm that spreads using the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS03-026) and through open network shares.
7/13: Beagle.AA@mm Worm Uses SMTP Engine
W32.Beagle.AA@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1234.
7/13: Lovgate.AC@mm Infects Executable Files
W32.Lovgate.AC@mm is mass-mailing worm that spreads using the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS03-026) and through open network shares.
7/13: Rbot-DJ Has Backdoor Capabilities
W32/Rbot-DJ is a member of the W32/Rbot family of worms with backdoor capabilities.
Resistance is Futile. Your e-Mail Is Being Watched.
According to a new survey anyway. At least you know you're not paranoid.
7/12 Atak.A Worm Low Threat but High Traffic
Atak.A is a worm without damaging effects that spreads via e-mail in a message with variable characteristics.
7/12: Lemoor.A Exploits FTP Server Vulnerability
W32.Lemoor.A is a worm that spreads by exploiting a vulnerability in the FTP server component of the W32.Sasser family of worms.
7/12: Hardoc@mm Mass Emails Itself
W32.Hardoc@mm is a mass-mailing worm that sends itself to email addresses found in .html files and the Windows address book on the infected computer.
7/12: Lovgate.ah@MM Packed Multiple Times
W32/Lovgate.ah@MM is a new variant of W32/Lovgate that is packed multiple times.
7/12: Keylog-Q Trojan Steals Passwords
Troj/Keylog-Q is a password-stealing Trojan.
7/9: Berbew.H Trojan Steals Passwords
Backdoor.Berbew.H is a minor variant of Backdoor.Berbew.G.
7/9: Lovgate.ag@mm Packed Multiple Times
W32/Lovgate.ag@mm, a new variant of W32/Lovgate is packed multiple times.
7/9: Korgo.X Worm Exploits LSASS Flaw
W32.Korgo.X is a worm that attempts to propagate by exploiting the Microsoft Windows LSASS Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS04-011) on TCP port 445.
7/9: HacDef-F a New Backdoor Trojan
Troj/HacDef-F is a backdoor Trojan that is targeted at NT/2000/XP operating systems.
7/9: Rbot-DE Spreads to Remote Shares
W32/Rbot-DE is a worm that attempts to spread to remote network shares.
7/9: VBS.Gaggle.E Overwrites Files
VBS.Gaggle.E is a variant of VBS.Gaggle.D--a mass-mailing worm that overwrites several files.
7/8: Lovgate.AB@mm Spreads Via Open Shares
W32.Lovgate.AB@mm is mass-mailing worm that also spreads through open network shares.
7/8: Agobot-KM Uses Weak Passwords
W32/Agobot-KM is a network worm that spreads to other computers by exploiting network services with either weak passwords or unpatched vulnerabilities.
7/8: Bagle. AD Worm a 'Medium Threat'
TrendLabs has declared a Medium Risk (YELLOW) alert for WORM_BAGLE.AD, the latest Bagle variant, to control the spread.
7/8: BackDoor-BDJ Written in MSVC
BackDoor-BDJ is a remote access trojan written in MSVC.
7/8: BackDoor-CFB a DLL Component
BackDoor-CFB is a DLL component that may be installed automatically onto the victim's machine while visiting a web site.
7/8: Padodo-Fam Trojan Steals Passwords
Troj/Padodo-Fam is a family of proxy and backdoor trojans with password-stealing functionality.
7/8: LegMir-K Trojan Steals Passwords
Troj/LegMir-K is a password-stealing Trojan.
Experts Question UN's Anti-Spam Plan
Wiping spam from the planet within two years is not going to happen, industry experts predict.
Another IE Flaw in the Wild?
Recently 'patched' hole in Microsoft's browser still springing leaks.
7/7: Trojan.Ecure.B Changes IE Home Page
Trojan.Ecure.B is a Trojan horse that modifies the Hosts file and the Internet Explorer home page.
7/7: PE_Lovgate.AC is a File-Infector
PE_Lovgate.AC is a memory-resident file-infector that spreads through email and network shares.
7/7: Trojan.Ecure.C Modifies Hosts File
Trojan.Ecure.C is a Trojan horse that modifies the Hosts file and the Internet Explorer home page.
7/7: Sdbot-JY Uses P2P to Spread
W32/Sdbot-JY is a worm that attempts to spread using P2P shared folders.
7/7: Lovgate-AG Worm Spreads Many Ways
W32/Lovgate-AG is a Windows worm that spreads via email, network shares and filesharing networks.
7/7: PE_Lovgate.AD Uses Email to Spread
PE_Lovgate.AD is a memory-resident file-infector that spreads through email and network shares.
7/7: Rbot-CZ Resets Registry Entries
W32/Rbot-CZ is a worm that attempts to spread to remote network shares.
Getting Aggressive in Battling Spam
Since we're a long way from email Utopia, here are some weapons in your ongoing battle against spam.
7/6: Evaman.A Worm a 'Medium' Threat
Several security vendors have issued medium-level threat alerts for Evaman.A, a worm without damaging effects that spreads via e-mail, in a message that seems to be returned to sender because of a false error.
7/6: Sdbot-JS Spreads to Remote Shares
W32/Sdbot-JS is a worm that attempts to spread to remote network shares.
7/6: PWSteal.Likmet.A Displays Fake Window
PWSteal.Likmet.A is a Trojan horse that displays a fake MSN Messenger logon window and steals the password provided.
7/6: Refst.A Trojan Drops .DLL File
Troj_Refst.A is a Trojan program that drops a .DLL file in the Windows system folder with a random file name composed of lower case characters.
7/6: Lovgate-F a Mass-Mailing Worm
W32/Lovgate-F is a mass mailing and network worm.
7/6: Lovgate.AF Worm Executes File
Worm_Lovgate.AF propagates via email and network shares.
7/6: Beagle.Z@mm Worm Uses SMTP Engine
W32.Beagle.Z@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1234.
7/6: Bagle-AD Displays Fake Message
W32/Bagle-AD is a member of the W32/Bagle family of email worms.
7/6: Rbot-CP Spreads to Network Shares
W32/Rbot-CP is a worm that attempts to spread to remote network shares.
7/6: Korgo.X Worm Spreads Via LSASS
Korgo.X is a worm that spreads via the Internet by exploiting the LSASS vulnerability in remote computers.
7/6: Lovgate.Z@mm Spreads Via Open Shares
W32.Lovgate.Z@mm is a mass-mailing worm that also spreads through open network shares.
MFPs � An Overlooked Security Risk
Turns out security isn't just for PCs and networks — multifunction printers store sensitive data, too. Learn how to keep that information safe.
7/6: Lovgate-AH a Mass-Mailing Worm
W32/Lovgate-AH is a mass mailing worm that spreads by email, by copying itself to network shares protected by weak passwords and via the KaZaA peer-to-peer network.
Spam-Fighting Triumvirate Formed
Enforcers at home and abroad fight the big fight against the proliferation of spam.
Blaming Users for Virus Chaos?
Columnist Ken van Wyk takes a look at our tendancy to blame users for being duped -- continually -- into opening attachments and infecting the network. But are users really the only ones to blame?
7/6: Bagle.ae@MM Worm Uses Own Engine
W32/Bagle.ae@MM is a new variant of the Bagle worm and it has been repacked with PeX.
7/2: Sdbot-JG Has Backdoor Abilities
W32/Sdbot-JG is a network worm with backdoor capabilities that allows a remote intruder to access and control the computer via IRC channels.
7/2: Cascade Format Copies Its Code
Cascade Format is a virus that reaches computers in e-mail messages, via the Internet, floppy disks, etc.
7/2: Lovgate.Y@mm Spreads Via Open Shares
W32.Lovgate.Y@mm is a mass-mailing worm that also propagates through open network shares.
7/2: Sdbot-JP Allows Intruder Remote Access
W32/Sdbot-JP is a network worm with backdoor capabilities that allows a remote intruder to access and control the computer via IRC channels.
Microsoft Issues Security Update For Trojan
Redmond is urging customers to reconfigure their operating systems right away as it works on bigger patches for IE.
7/2: Korgo.W Exploits LSASS Vulnerability
W32.Korgo.W is a worm that attempts to propagate by exploiting the Microsoft Windows LSASS Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS04-011) on TCP port 445.
Netsky-P and Zafi-B Worms Slug it Out for Top Threat
June was a quieter month in the malware arena, but the Netsky-P and Zafi-B worms still were running a hotly contested race for the top spot in June's list of Worst Malware Threats.
7/1: PWSteal.Refest Steals Banking Info
PWSteal.Refest is a Trojan Horse that installs itself as a BHO (Browser Helper Object) for Internet Explorer and steals online banking information when it is submitted in web forms.
7/1: Webber.S Lets Hackers In System
Webber.S is a new variant of Webber.P and they have several functionalities in common.
'Critical' Flaw in Cisco Collab Server
Users at risk of malicious file upload and code execution.
U.S. Sending More Than Half of All Spam
While the flood of spam has increased sharply during the last six months, a new survey also shows that slightly more than half of it worldwide is coming out of the U.S.
7/1: Yesenio.Worm Runs at Startup
W32/Yesenio.worm!vbs will drop MSIEXEC32.EXE, which is detected by McAfee as W32/Yesenio.worm.
- What are the top Android security apps?
- What are the top Android security risks?
- What are today's top cyber threats?
- What's the most secure way to delete data?
- How does hard drive encryption work?
- Is old software inherently insecure?
- Are Macs immune to malware?
- How can BYOD risk be managed?
- Which web browser is the most secure?
- How do I protect my iOS device?
- What are the top iPhone security apps?
- How do I secure my wireless network?
- Are public Wi-Fi hotspots safe?
