- Latest
- Apr 2013
- Mar 2013
- Feb 2013
- Jan 2013
- Dec 2012
- Nov 2012
- Oct 2012
- Sep 2012
- Aug 2012
- Jul 2012
- Jun 2012
- May 2012
- Apr 2012
- Mar 2012
- Feb 2012
- Jan 2012
- Dec 2011
- Nov 2011
- Oct 2011
- Sep 2011
- Aug 2011
- Jun 2011
- May 2011
- Apr 2011
- Mar 2011
- Feb 2011
- Jan 2011
- Dec 2010
- Nov 2010
- Oct 2010
- Sep 2010
- Aug 2010
- Jul 2010
- Jun 2010
- May 2010
- Apr 2010
- Mar 2010
- Feb 2010
- Jan 2010
- Dec 2009
- Nov 2009
- Oct 2009
- Sep 2009
- Aug 2009
- Jul 2009
- Jun 2009
- May 2009
- Apr 2009
- Mar 2009
- Feb 2009
- Jan 2009
- Dec 2008
- Nov 2008
- Oct 2008
- Sep 2008
- Aug 2008
- Jul 2008
- Jun 2008
- May 2008
- Apr 2008
- Mar 2008
- Feb 2008
- Jan 2008
- Dec 2007
- Nov 2007
- Oct 2007
- Sep 2007
- Aug 2007
- Jul 2007
- Jun 2007
- May 2007
- Apr 2007
- Mar 2007
- Feb 2007
- Jan 2007
- Dec 2006
- Nov 2006
- Oct 2006
- Sep 2006
- Aug 2006
- Jul 2006
- Jun 2006
- May 2006
- Apr 2006
- Mar 2006
- Feb 2006
- Jan 2006
- Dec 2005
- Nov 2005
- Oct 2005
- Sep 2005
- Aug 2005
- Jul 2005
- Jun 2005
- May 2005
- Apr 2005
- Mar 2005
- Feb 2005
- Jan 2005
- Dec 2004
- Nov 2004
- Oct 2004
- Sep 2004
- Aug 2004
- Jul 2004
- Jun 2004
- May 2004
- Apr 2004
- Mar 2004
- Feb 2004
- Jan 2004
- Dec 2003
- Nov 2003
- Oct 2003
- Sep 2003
- Aug 2003
- Jul 2003
- Jun 2003
- May 2003
- Apr 2003
- Mar 2003
- Feb 2003
- Jan 2003
- Dec 2002
- Nov 2002
- Oct 2002
- Sep 2002
- Aug 2002
- Jul 2002
- Jun 2002
- May 2002
- Apr 2002
- Mar 2002
- Feb 2002
- Jan 1995
- Jan 1994
8/31: Anisc-B a Macro Virus
W97M.Anisc.B is a macro virus that infects Microsoft Word documents.
8/31: Savage-A Worm, Creates, Executes File
Upon initial execution, Worm_Savage.A creates the file Me^sa~e#4% in the Windows temporary folder.
8/31: PE_Bobax.AF-O Virus Infects .EXE Files
PE_Bobax.AF-O is Trend Micro's detection for the mother virus of PE_BOBAX.AF that infects all running .EXE files by appending its code.
8/31: Forbot-FL Worm, Trojan Exploits Flaws
W32/Forbot-FL is a worm and IRC backdoor Trojan for the Windows platform.
Mytob Variant Still Trolling Web
The hackers who unleashed Mytob and Zotob may be behind bars, but variants of their work continue to appear.
8/31: QQPass-U a Password-Stealing Trojan
Troj/QQPass-U is a password stealing Trojan for the Windows platform.
8/31: Fumilo-A Trojan Blocks Website Access
Troj/Fumilo-A is a Trojan for the Windows platform.
8/31: Bancban-EW an Internet Banking Trojan
Troj/Bancban-EW is an internet banking Trojan.
8/31: PE_Bobax-AF Virus Appends .EXE File Code
PE_Bobax.AF is a memory-resident virus that infects all executable (EXE) files running on an affected system by appending its code to a target file.
8/31: Trojan.Exphook Steals IE Passwords
Trojan.Exphook is a password stealing Trojan horse that hooks Internet Explorer and searches local files in an attempt to collect passwords and other sensitive information from the compromised computer.
8/30: Bobax-AH a Mass-Mailing Worm
W32.Bobax.AH@mm is a mass-mailing worm that attempts to use the compromised computer as a covert proxy.
8/30: Rbot-AMA Worm, Trojan, Exploits Flaws
W32/Rbot-AMA is a worm and IRC backdoor Trojan for the Windows platform.
8/30: Mytob-JH Worm Lowers Security Settings
W32.Mytob.JH@mm is a mass-mailing worm the opens a back door and lowers security settings on the compromised computer.
Zotob Writer Had Busy Summer
One of the programmers arrested in connection with the Zotob outbreak may have authored at least 20 other worms, according to an anti-virus software vendor.
8/30: Banker-FH Trojan Monitors Open Windows
Troj/Banker-FH is a Trojan for the Windows platform.
8/30: Zotob-E Worm Exploits Plug-and-Play Flaw
For the second time this month, a security vendor has issued an alert for Worm_Zotob.E, which spreads by exploiting the Windows Plug and Play vulnerability.
8/30: Dloader-SR Trojan Runs Malicious Code
Troj/Dloader-SR is a Trojan for the Windows platform.
8/30: Dloader-TB Trojan Installs Driver
Troj/Dloader-TB is a Trojan for the Windows platform.
8/30: Trojan.Cdtray Opens CD-ROM Drive
Trojan.Cdtray is a Trojan horse program that causes the CD-ROM drive to open and close repeatedly.
8/29: Nethief-P a Backdoor Trojan
Troj/Nethief-P is a backdoor Trojan for the Windows platform that provides unauthorized remote access to the infected computer.
8/29: Chode-G Worm Spreads Via IM
W32/Chode-G is a worm with IRC backdoor Trojan functionality.
8/29: Haxdoor-AI Trojan Has Stealth Functions
Troj/Haxdoor-AI is a backdoor Trojan incorporating stealth functionality, which allows a remote intruder to gain access and control over the computer.
8/29: Mytob-JH Worm Lowers Security Settings
W32.Mytob.JH@mm is a mass-mailing worm the opens a back door and lowers security settings on the compromised computer.
8/29: Mytob-EG a Mass-Mailing Worm
W32/Mytob-EG is a mass-mailing worm and backdoor Trojan that can be controlled through the Internet Relay Chat (IRC) network.
8/29: Feutel-U a Backdoor Trojan
Troj/Feutel-U is a backdoor Trojan for the Windows platform.
Mytob-GW Grabs Third Spot in Top Threats
The Mytob-GW variant is considered the third most widespread malware on the Internet, according to Central Command's listing of the Top Threats.
Cabbies Put the Brakes on USB Security Risk
At least one company isn't going to let viruses in or corporate information out through one seemingly harmless little avenue -- the USB port.
8/26: Deld-A Trojan Downloads Files
Troj/Deld-A is a Trojan for the Windows platform.
Feds Bust Spam Porn Operation
Department of Justice scores first indictments and a conviction for spamming obscene, unsolicited e-mail.
8/26: Sacrep-A a Keylogger Trojan
Troj/Sacrep-A is a keylogger Trojan.
8/26: Mytob-JF a Mass-Mailing Worm
W32.Mytob.JF@mm is a mass-mailing worm that opens a back door and lowers security settings on the compromised computer.
8/26: Reatle-I a Mass-Mailing Worm
W32.Reatle.I@mm is a mass-mailing worm that downloads remote files and lowers security settings.
8/25: Downloader-EJD Trojan Installs Bugs
Downloader.EJD is a Trojan that downloads other Trojan to the affected computer from a certain website.
8/25: Zotob-L Worm Exploits Various Flaws
W32.Zotob.L is a worm that opens a back door and exploits various vulnerabilities.
8/25: IRCBot.KN Backdoor Connects to Server
IRCBot.KN is a backdoor that connects to an IRC server in order to receive remote control commands. It can be instructed to search for computers to affect, launch DoS (Denial of Service) attacks, download files, etc.
8/25: Reatle-F Worm Spreads Via Email
Worm_Reatle.F propagates via email.
8/25: Lebreat-F a Mass-Mailing Worm
W32/Lebreat-F is a mass-mailing worm and backdoor for the Windows platform.
8/25: Troj/SDM-C Exploits Access Flaw
Troj/SDM-C is a Trojan for the Windows platform.
8/25: Allocu-A Worm Uses Buffer Overflow
W32/Allocu-A is a worm for the Windows platform.
8/25: Agent-AII Trojan Logs Keystrokes
Agent.AII is a Trojan that logs keystrokes entered by the user while accessing websites whose address contain certain following text strings.
8/25: Backdoor.Mepcod Opens Door
Backdoor.Mepcod is a Trojan horse that opens a back door and downloads a file containing additional commands.
Bank Puts Money and Time into IT Savings Account
One bank turned off its firwall and anti-virus software. Sounds risky? Not for Ulster Savings Bank. They went with outsourced security management, saving them time and money.
8/24: Ruland-A a Mass-Mailing Worm
W32.Ruland.A@mm is a mass-mailing worm that spreads using Microsoft Outlook and downloads a Trojan Horse.
8/24: Mytob-JX Worm in Attachment
Similar to other MYTOB variants, Worm_Mytob.JX propagates by sending a copy of itself as an attachment to an email message, which it sends to target recipients using its own Simple Mail Transfer Protocol (SMTP) engine.
8/24: Troj/Whistler-F Deletes Files
Troj/Whistler-F is a destructive Trojan for the Windows platform.
8/24: IRC.Litebot Trojan Opens Back Door
Backdoor.IRC.Litebot is a Trojan horse that opens a back door to a remote IRC server allowing a remote attacker access to the compromised computer and lowers security settings.
8/24: Kelvir-HI Drops Another Worm
W32.Kelvir.HI is a worm that drops a copy of W32.Spybot.Worm, a family of worms that spreads using the Kazaa file-sharing network and mIRC.
8/24: Zotob-K Worm Opens Backdoor
W32.Zotob.K is a worm that opens a back door and exploits the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (as described in Microsoft Security Bulletin MS05-039) on TCP port 445.
8/24: Tilebot-M a Worm and a Trojan
W32/Tilebot-M is a worm and IRC backdoor Trojan for the Windows platform.
8/24: Troj/Dloader-SK Installs Apps
Troj/Dloader-SK is a Trojan for the Windows platform.
8/24: PrsKey-A a Password-Stealing Worm
W32/PrsKey-A is a password stealing and keylogging worm aimed at the Priston Tale game and Yahoo! web email accounts.
8/24: KGBSpy a Hacking Tool
KGBSpy is a hacking tool.
8/24: Backdoor.Mepcod Downloads FIle
Backdoor.Mepcod is a Trojan horse that opens a back door and downloads a file containing additional commands.
8/23: Zotob-J a Mass-Mailing Worm
W32.Zotob.J@mm is a mass-mailing worm that opens a back door and exploits the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (described in Microsoft Security Bulletin MS05-039), on TCP port 445.
8/23: Trojan Adclicker-DF Lowers Security
Trojan Adclicker-DF lowers internet security settings, adds itself to firewall exclusion policies and downloads multiple adwares.
8/23: PurScan-W Trojan Affects Browser
Troj/PurScan-W is a dropper Trojan for the Windows platform that also changes the browser security settings and attempts to open predefined URL.
8/23: Rbot-ALG Worm, Trojan Hits Windows
W32/Rbot-ALG is a worm and IRC backdoor Trojan for the Windows platform.
8/23: Keylog-AM Trojan Eyes Internet Usage
Troj/Keylog-AM is a Trojan DLL that provides keylogging functionality.
8/23: Esbot-C Uses Plug-and-Play Flaw
W32.Esbot.C is a worm that spreads by exploiting the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (described in Microsoft Security Bulletin MS05-039), allowing a remote attacker access to the compromised computer.
8/23: Tixanbot Trojan Gives Remote Control
Backdoor.Tixanbot is a Trojan horse that gives a remote attacker control over the compromised computer.
8/23: Guapim Worm Spreads Via IM
W32.Guapim is a worm that spreads through Instant Messenger programs and file-sharing networks.
8/23: Hupigon-BS Takes Commands
Hupigon.BS is a backdoor that receives remote control commands such as logging the keystrokes typed by the user, obtaining files from the affected computer, downloading files to the affected system in order to run them later, capturing screenshots or checking which processes are running and attempts to download files from several domains.
8/23: Fuetel-T Drops Second Backdoor
Fuetel.T is a backdoor that drops another backdoor, detected as Hupigon.BS, to the affected computer.
8/23: Litebot-D Trojan Runs in Background
Troj/Litebot-D is a Trojan for the Windows platform.
8/23: Nailpol-A Downloads Malicious Code
Troj/Nailpol-A is a Trojan for the Windows platform.
8/23: PWSteal.Flecsip-B Grabs Passwords
WSteal.Flecsip.B is a password stealing Trojan horse that logs passwords and other confidential data entered by the user onto Internet Explorer Web pages.
Not All Security Pros are Equal
With security issues ranking at the top of IT's list of concerns, many companies are looking to hire 'security gurus' to keep their information and profits safe. But beware -- not just anyone should be protecting your network.
8/22: Dref-D Worm Spreads Via IRC
W32/Dref-D is a worm for the Windows platform that spreads via IRC channels and by emailing itself to email addresses harvested from the infected computer.
8/22: Gaobot-DXO Worm Has Backdoor
W32.Gaobot.DXO is a network-aware worm with back door capabilities that can be controlled through IRC channels and spreads to network shares protected by weak passwords.
8/22: Spybot-UOL Worm has DDoS Ability
W32.Spybot.UOL is a worm that has distributed denial of service and back door capabilities.
8/22: Zotob-I Uses Plug-and-Play Flaw
Worm_Zotob.I takes advantage of the Microsoft Windows Plug and Play vulnerability to propagate across networks.
8/22: Spybot-DU Worm and Trojan
W32/Spybot-DU is a worm and IRC backdoor Trojan for the Windows platform.
8/22: Tilebot-B Worm Spreads to Shares
For the second time this month, security vendor Sophos has issued an alert for W32/Tilebot-B, a worm that attempts to spread to remote network shares.
8/22: Bardus-A Trojan Steals Information
Troj/Bardus-A is a backdoor and keylogging Trojan for the Windows platform.
IE Workarounds For Zero-Day Exploit
A potential zero day issue emerges as Microsoft issues an advisory about Msdds.dll that could cause IE to crash.
8/22: Troj/Spexta-A Sends Bogus CNN Email
Security vendor Sophos has issued an alert for Troj/Spexta-A, a Trojan for the Windows platform, for the second time this month.
8/19: Backdoor.Darkmoon Trojan Opens Back Door
Backdoor.Darkmoon is a Trojan horse that opens a back door on a compromised computer and has keylogging capabilities.
8/19: Mytob-JU Worm Links to IRC Server
Worm_Mytob.JU propagates by sending a copy of itself as an attachment to email messages using its own Simple Mail Transfer Protocol (SMTP) engine.
8/19: Troj/ByteVeri-M a Java Applet
Troj/ByteVeri-M is a Java Applet that exploits a vulnerability in the Byte Code Verify component of the Microsoft VM to download and run an executable file.
8/19: Troj/Brospy-A a Windows Trojan
Troj/Brospy-A is a Trojan for the Windows platform.
8/19: Processor a Hacking Tool
Processor is a hacking tool.
8/19: Cmdow-A a Hacking Tool
Cmdow.A is a hacking tool.
8/19: Dogbot-C Worm Exploits OS Flaws
W32/Dogbot-C is a network worm with IRC backdoor Trojan functionality forogbot-c worm the Windows platform.
8/19: Tilebot-Gen Worms Link to IRC Server
W32/Tilebot-Gen detects IRC backdoor worms of the Tilebot family.
8/19: Mytob-EE a Worm and a Trojan
W32/Mytob-EE is a mass-mailing worm and backdoor Trojan that can be controlled through the Internet Relay Chat (IRC) network.
8/19: RKPort-Fam Rootkits Hide Information
Troj/RKPort-Fam is a family of kernel-mode driver rootkits.
8/19: Demotry-B Worm Scans Network
W32/Demotry-B is a network worm for the Windows platform.
8/19: Mytob-JT Worm Uses Own Engine
Worm_Mytob.JT propagates by sending a copy of itself as an attachment to email messages using its own SMTP (Simple Mail Transfer Protocol) engine.
8/18: Tilebot-J Worm Spreads to Shares
W32/Tilebot-J is a worm that attempts to spread to remote network shares.
8/18: Kassbot-H a Worm and a Trojan
W32/Kassbot-H is a worm and backdoor Trojan for the Windows platform.
Warily Watching Worm Variants
Versions of Zotob continue to slam corporate networks while security vendors and Microsoft play defense.
Global Spam and Porn Volume Jump in July
In a month when the volume of spam circulating around the world jumped by 20 percent, pornographic spam also made a comeback after a year-long slowdown.
8/18: Zotob-H Uses Plug-and-Play Flaw
W32.Zotob.H is a worm that opens a back door and exploits the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (as described in Microsoft Security Bulletin MS05-039) on TCP port 445.
8/18: Tilebot-I Worm, Trojan Exploits Flaws
W32/Tilebot-I is a worm and IRC backdoor Trojan for the Windows platform.
8/18: Small-NY Trojan Talks With Server
Troj/Small-NY is a Trojan for the Windows platform.
8/17: Troj/BagleDl-R Runs New Software
Troj/BagleDl-R is a downloader Trojan that will download, install and run new software without notification that it is doing so.
8/17: Rbot-CBS Worm Uses Windows Bug
Worm_Rbot.CBR takes advantage of the Microsoft Windows Plug and Play vulnerability to propagate across networks.
8/17: Zotob-F Worm Opens Backdoor
Several security vendors have issued alerts for W32.Zotob.F, a worm that opens a back door and exploits the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (described in Microsoft Security Bulletin MS05-039) on TCP port 445.
8/17: Zotob-G Worm Also Opens Backdoor
W32.Zotob.G is a worm that opens a back door and exploits the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (described in Microsoft Security Bulletin MS05-039) on TCP port 445.
8/17: Zotob-E Worm Uses Port 445
W32.Zotob.E is a worm that opens a back door and exploits the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (described in Microsoft Security Bulletin MS05-039) on TCP port 445.
8/17: Tpbot-A Worm Exploits System Flaws
W32/Tpbot-A is a network worm with backdoor Trojan functionality for the Windows platform.
8/17: Tilebot-Z Worm Spreads to Shares
W32/Tilebot-Z is a worm that attempts to spread to remote network shares.
8/17: Bozori.Worm-B Contacts IRC Server
W32/Bozori.worm.b is designed to contact a remote IRC server (IP address is hard-coded in the worm's body - 72.20.41.139 ) to join a channel (#tbp ) and wait for further instructions.
8/17: IRCbot.KD Worm Connects to IP Address
IRCbot.KD is a worm that connects to a certain IP address, acting as a backdoor.
8/17: Bobax-AD Worm Copies Itself
Worm_Bobax.AD propagates by sending a copy of itself to email addresses harvested from the default address book of the system.
8/17: IRCbot-KC Worm Connects to Many Servers
IRCbot.KC is a worm that connects to several IRC servers in order to receive remote control commands, such as delete, download and run files.
8/17: Esbot-B Worm Exploits Plug-and-Play Flaw
W32.Esbot.B is a worm that spreads by exploiting the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (described in Microsoft Security Bulletin MS05-039).
8/17: Hwbot-B Worm Connects to Server
W32/Hwbot-B is a network worm for the Windows platform.
8/17: Esbot-C Worm Hits Plug-and-Play Flaw
Worm_Esbot.C takes advantage of the Microsoft Windows Plug and Play vulnerability to propagate across networks.
The Third Wave of Security Appliances
A new generation of security appliances is aimed at making instant messaging safe to use in the enterprise.
Windows Worm Goes Global
The worm and its variants are now using chat channels to allow hackers to control infected PCs.
8/16: Randex-EUS Worm Spreads to Shares
W32.Randex.EUS is a network-aware worm that spreads to network shares protected by weak passwords.
8/16: Zotob-C Worm Exploits Plug-and-Play Flaw
Several security vendors have issued alerts for Worm_Zotob.C, which takes advantage of the Microsoft Windows Plug and Play vulnerability to propagate across networks.
8/16: Rbot-ALA Worm, Trojan Exploits Passwords
W32/Rbot-ALA is a network worm with backdoor Trojan functionality for the Windows platform.
8/16: Troj/RKPort-Fam Hides Information
Troj/RKPort-Fam is a family of kernel-mode driver rootkits.
8/16: Mydoom-BV a Mass-Mailing Worm
W32/Mydoom.bv@MM is a mass-mailing worm.
8/16: Tilebot-F Worm, Trojan Exploits Flaws
W32/Tilebot-F is a worm and IRC backdoor Trojan for the Windows platform.
8/16: Bobax-AF a Mass-Mailing Worm
W32.Bobax.AF@mm is a mass-mailing worm that opens a back door, downloads remote files, and lowers security settings on the compromised computer.
8/16: Esbot-A Worm Exploits Plug-and-Play Flaw
W32.Esbot.A is a worm that spreads by exploiting the Microsoft Windows Plug and Play Service Vulnerability, as described in Microsoft Security Bulletin MS05-039.
8/16: Rbot-ALI Worm, Trojan Targets Passwords
W32/Rbot-ALI is a worm and IRC backdoor Trojan for the Windows platform.
8/16: Drudgebot-A Worm Exploits Plug-and-Play Flaw
Worm_Drudgebot.A takes advantage of the Microsoft Windows Plug and Play vulnerability to propagate across networks.
8/15: Worm_Rbot-CBJ Spreads Via Shares
Worm_Rbot.CBJ propagates via network shares.
8/15: Zotob-A Worm has Backdoor Trojan
Several security vendors have issued alerts for W32/Zotob-A, a worm and backdoor Trojan for the Windows platform.
8/15: Forbot-FI Worm Connects to Server
W32/Forbot-FI is a network worm with backdoor Trojan functionality for the Windows platform.
8/15: Zotob-B Worm Exploits Plug-and-Play
Several security vendors have issued alerts for W32.Zotob.B, a worm that spreads by exploiting the Microsoft Windows Plug and Play Service Vulnerability, as described in Microsoft Security Bulletin MS05-039.
8/15: Zotob Worm Creates File
W32/Zotob.worm creates the file botzor.exe in the WINDOWS SYSTEM directory and registry run keys are created to load the worm at startup.
Zotob Targets Windows Update Laggards
A critical vulnerability in Microsoft's plug-and-play code can wreak havoc on unpatched PCs.
8/15: Antix-A an MSN Messenger Worm
W32/Antix-A is an MSN Messenger worm with backdoor functionality for the Windows platform.
8/15: Spybot-UBH Worm Launches DDoS
W32.Spybot.UBH is a worm that has distributed denial of service and back door capabilities. The worm spreads by using the vulnerability in Microsoft Windows Plug and Play Service (as described in Microsoft Security Bulletin MS05-039).
Phishing: What's Spam Got to Do With It?
Spam and phishing attacks are not as similar as you might think. And that means you need different tools, and different strategies, to battle Phishing.
8/12: Trojan.Tooso-L Ends Security
Trojan.Tooso.L is a Trojan horse that interferes with the operation of security software by ending processes, stopping services, removing registry entries, and deleting files.
8/12: Backdoor.Microkos Lets Hackers In
Backdoor.Microkos is a Trojan horse that opens a back door and allows unauthorized access to the compromised computer.
8/12: Symbos_Blanfon-A Hits Cell Phones
Symbos_Blanfon.A is malware that affects Series 60 mobile phones.
8/12: SpamNet-A Trojan Runs at Porn Site
SpamNet.A is a Trojan that is run when visiting an adult Website.
8/12: Troj/Nailpol-A Downloads Malware
Troj/Nailpol-A is a Trojan for the Windows platform.
8/12: Tilebot-E Worm, Trojan Exploits Flaws
W32/Tilebot-E is a worm and IRC backdoor Trojan for the Windows platform.
8/12: Bancban-EG Trojan Nabs Passwords
Troj/Bancban-EG is a password-stealing Trojan for the Windows platform.
8/12: Troj/Litebot-B Runs in Background
Troj/Litebot-B is a Trojan for the Windows platform.
8/12: Bagle-BJ Trojan Comes in Attachment
Troj_Bagle.BJ arrives as an attachment to emails sent by WORM_BAGLE variants.
8/12: Beagle-CE Worm Uses Own Engine
W32.Beagle.CE@mm is a mass-worm that uses its own SMTP engine to send out copies of Trojan.Tooso.L.
Windows Exploit Code Online
Redmond's working on the vulnerability.
8/11: Backdoor.Microkos Trojan Lets Hacker In
Backdoor.Microkos is a Trojan horse that opens a back door and allows unauthorized access to the compromised computer.
8/11: Bagle-BF Worm Uses Own Engine
Worm_Bagle.BF uses its own SMTP engine to mass-mail copies of TROJ_BAGLE.AA to target recipients, which it gathers from files downloaded from several Web sites.
8/11: Galapoper-C Trojan LInks to Websites
Galapoper.C is a backdoor that connects to several websites that host a PHP script, in order to download a file that contains remote control commands, such as download and run other files or update itself.
8/11: Beagle-CD a Mass-Mailing Worm
W32.Beagle.CD@mm is a mass-mailing worm that opens a back door on the compromised computer on TCP port 80.
8/11: Trojan.Pistmi Opens Back Door
Trojan.Pistmi is a Trojan horse that attempts to open a back door on a predetermined Web server by exploiting the Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability (as described in the Microsoft Security Bulletin MS01-023).
8/11: Tilebot-D Worm Spreads to Remote Shares
W32/Tilebot-D is a worm that attempts to spread to remote network shares.
8/11: Troj/Small-NY Accesses Remote Server
Troj/Small-NY is a Trojan for the Windows platform.
8/11: Troj/Weasyw-B Contacts Website
Troj/Weasyw-B is a backdoor Trojan.
8/11: Troj_Bagle.BI Opens Applicaton
Upon execution, Troj_Bagle.BI opens the application NOTEPAD.EXE.
AOL Gives Spam Booty to Members
The ISP will raffle off gold, cash and an SUV to members who helped bring down a spammer.
When E-Mail Isn't Monitored
A new book details the damage caused by unmonitored communication.
8/10: BankSnif-B Trojan Steals Info
Troj/BankSnif-B is an information stealing Trojan for the Windows platform.
8/10: Troj/Oran-A Gives Remote Access
Troj/Oran-A is a backdoor Trojan for the Windows platform that allows full remote access capabilities via a remote client.
8/10: SymbOS.Bankfont-A Drops File
SymbOS.Blankfont.A is a Trojan horse that drops a corrupt GDR font file onto the compromised device.
8/10: Bloodhound.Exploit.42 Exploits IE Flaw
Bloodhound.Exploit.42 is a heuristic detection for a vulnerability in Internet Explorer's handling of JPEG images, (as described in Microsoft Security Bulletin MS05-038).
8/10: Bloodhound.Exploit.41 Uses Flaw
Bloodhound.Exploit.41 is a heuristic detection for the Anchorclick Behavior Cross Frame Scripting Vulnerability, (as described in Microsoft Security Bulletin MS05-038).
8/10: Pyfls-A Trojan Executes File
Troj/Pyfls-A attempts to download and execute a file from a preconfigured URL.
8/10: Qdens-E Worm Lowers Security
W32.Qdens.E is a worm that lowers security settings and spreads through the instant messenger programs QQ Messenger and Tencent Messenger.
8/10: Trojan.Tooso-K Lowers Security
Trojan.Tooso.K is a Trojan horse that lowers security settings by ending processes, stopping services, removing registry entries, and deleting files.
8/10: X97M.Sarsnan a Macro Virus
X97M.Sarsnan is a macro virus that infects Microsoft Excel workbooks.
Microsoft Patches 3 Critical Flaws
The Redmond giant issues its August installment of security fixes.
8/9: Beagle-CC Worm Uses Own Engine
W32.Beagle.CC@mm is a mass-worm that uses its own SMTP engine to send out copies of Trojan.Tooso.K.
8/9: Trojan.Wayphisher-B Changes File
Trojan.Wayphisher.B is a Trojan horse that modifies the hosts file and redirects HTTP access from financial sites to a predetermined Web site chosen.
8/9: Trojan.Tooso-K Lowers Security
Trojan.Tooso.K is a Trojan horse that lowers security settings by ending processes, stopping services, removing registry entries, and deleting files.
8/9: Sdbot-ABV Runs in Background
W32/Sdbot-ABV is a worm and IRC backdoor Trojan for the Windows platform.
8/9: Troj/HideProc-H a DDL
Troj/HideProc-H is a DLL used for hiding processes.
8/9: BagleDl-R a Downloader Trojan
Troj/BagleDl-R is a downloader Trojan that will download, install and run new software without notification that it is doing so.
8/9: Trojan_Bagle-AA Opens App
Trojan_Bagle.AA opens the application Mspaint, then drops a copy of itself in the Windows system folder as WINSHOST.EXE.
8/9: Qdens-E Worm Lowers Security
W32.Qdens.E is a worm that lowers security settings and spreads through the instant messenger programs QQ Messenger and Tencent Messenger.
8/9: Mytob-JM Worm Uses Own Engine
Like other Mytob variants, Worm_Mytob.JM propagates by sending a copy of itself to email addresses harvested from the default address book of the system.
8/9: Codbot-Gen Targets Passwords
Worms detected as W32/Codbot-Gen provide backdoor Trojan functionality to a remote attacker via IRC channels.
Spam King, Microsoft End Standoff
Scott Richter agrees to pay $7 million to get Microsoft off his case.
8/9: Kelvir-CH Worm Spreads Via IM
Worm_Kelvir.CH propagates via the instant messaging application MSN Messenger.
8/9: Lebreat-E Worm also a Trojan
W32/Lebreat-E is a worm and backdoor Trojan for the Windows platform.
8/9: Mytob-ED Worm Changes Settings
W32/Mytob-ED is a mass-mailing worm and backdoor Trojan that can be controlled through the Internet Relay Chat (IRC) network.
8/8: Troj/Whistler-F Deletes Files
Troj/Whistler-F is a destructive Trojan for the Windows platform.
8/8: Damon-D Virus Overwrites Files
Damon.D is a proof of concept virus that overwrites the files with an MSH extension that are in its same directory with a copy of its own code.
8/8: Damon-E a Proof-of-Concept Virus
Damon.E is a proof of concept virus that uses the technique known as prepending in order to infect files with an MSH extension.
8/8: Mousey Trojan Opens Back Door
Backdoor.Mousey is a Trojan horse that opens a back door and allows a remote attacker to have unauthorized access to a compromised computer via IRC channels.
8/8: Damon-C Virus Infects Certain Files
Damon.C is a proof of concept virus that uses the technique known as EPO (Entry Point Obscuring) in order to infect files with an MSH extension.
8/8: Bkdr_Litbot-A Opens Random Port
Bkdr_Litbot.A is a backdoor program that is dropped by TROJ_DROPPER.JA.
8/8: Troj/Litbebot-A Runs in Background
Troj/Litebot-A is a Trojan for the Windows platform.
8/8: Troj_Dropper-JA in an Attachment
Troj_Dropper.JA arrives on a system as an attachment to an email message.
8/8: Damon-B Virus Infects Certain Files
Damon.B is a proof of concept virus that uses the technique known as cross infection in order to infect files with a BAT, CMD and MSH extension.
8/8: Troj/BMDrop-A Drops, Executes File
Troj/BMDrop-A will drop and execute a file to the Windows system folder with the name index.exe.
8/8: Damon-A Virus Infects MSH Files
Damon.A is a proof of concept virus that infects files with an MSH extension.
8/5: Beagle-BY a Mass-Mailing Worm
W32.Beagle.BY@mm is a mass-mailing worm that uses its own SMTP engine to email copies of itself to addresses gathered from the compromised computer.
8/5: Bagle-BN Worm in Dropped File
Worm_Bagle.BN arrives on a system as a dropped file of TROJ_DROPPER.IT.
8/5: Chod-D Worm Spreads Via IM
W32.Chod.D is a worm with back door capabilities that spreads via MSN Messenger.
8/5: Rbot-AKA Worm has Backdoor
W32/Rbot-AKA is a network worm with backdoor Trojan functionality for the Windows platform.
8/5: Bagle-BM Spreads Via Email
Worm_Bagle.BM propagates by mass-mailing copies of itself to email addresses it finds in the affected system's Windows Address Book (WAB), as well as from files with specific extension names.
8/5: Infober-A Worm Opens UDP Port
Infober.A is a worm that opens the UDP port 45075, as a backdoor and it allows the affected computer to be remotely administrated, in order to carry out actions that compromise users' confidentiality or that impedes their work.
8/5: Sdobt-ABS Worm Links to IRC Channel
W32/Sdbot-ABS is a network worm with backdoor functionality for the Windows platform.
Critical Windows Patch Around The Corner
Microsoft's advance notice of coming patches includes six plugs for Windows and something extra.
Spam Attack Poses as News on Marine Deaths
A widespread spam campaign is duping users into going to a malicious Web site by posing as breaking news on the death of American soldiers in Iraq.
8/4: Tilebot-B Worm Lets Hackers In
W32/Tilebot-B is a worm that attempts to spread to remote network shares.
8/4: Fan-A Worm Seeks Microsoft Documents
W32/Fan-A is a worm for the Windows platform.
8/4: Trojan.Joex Changes IE Page
Trojan.Joex is a Trojan horse that changes the Internet Explorer home page and disables the Windows Task Manager.
8/4: Mytob-DS Worm Controlled Via IRC
W32/Mytob-DZ is a mass-mailing worm and backdoor Trojan that can be controlled through the Internet Relay Chat (IRC) network.
8/4: Troj/Spexta-A Sends Spam Emails
Troj/Spexta-A is a Trojan for the Windows platform.
8/4: Bagle-BW WormTrojan uses P2P
W32/Bagle-BW is a worm and backdoor for the Windows platform.
8/4: Bagle-CB Worm Arrives As Attachment
W32/Bagle.cb@MM is a mass-mailing worm that arrives as an email attachment in a message.
IM Threats Bombard Systems
The increase in attacks has corporations on guard.
8/3: Incef-A Worm Modifies Settings
Incef.A is a worm that modifies several settings of the peer-to-peer (P2P) program KaZaA: it shares the root directory of the C: drive and a subfolder of the Windows directory, and it disables the firewall and the virus filtering included in it.
8/3: Mytob-HM Worm Controlled VIa IRC
W32/Mytob-HM is a mass-mailing worm and backdoor Trojan that can be controlled through the Internet Relay Chat (IRC) network.
8/3: Rbot-AJO Worm Spreads Via Shares
W32/Rbot-AJO is a Windows network worm that attempts to spread via network shares.
8/3: Lebreat-A Worm Exploits Flaw
W32/Lebreat-A is a worm with a backdoor component for the Windows platform.
8/3: Scram a Word Macro Virus
W97M.Scram is a Microsoft Word macro virus that deletes files and adds text to documents.
8/3: Mytob-DY Worm Harvest Emails
W32/Mytob-DY spreads through email. W32/Mytob-DY harvests email addresses from files on the infected computer and from the Windows address book.
Phishing Attacks Escalating
A study shows that phishing attacks reached a new height last month -- and analysts think it's just the beginning.
8/3: Mytob-HL Worm Uses Own Engine
W32.Mytob.HL@mm is a mass-mailing worm that uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer.
8/3: PWSteal.Bancos-AA Trojan Steals Info
PWSteal.Bancos.AA is a Trojan that steals passwords and logs keystrokes entered into certain Web sites.
8/3: Trojan.Joex Changes IE Home Page
Trojan.Joex is a Trojan horse that changes the Internet Explorer home page and disables the Windows Task Manager.
8/2: Trojan.Jupillites Runs as a Proxy
Trojan.Jupillites is a Trojan horse that runs as a proxy.
Spyware Skyrockets on Greynet Fuel
The applications are finding their way into the enterprise.
- What are the top Android security apps?
- What are the top Android security risks?
- What are today's top cyber threats?
- What's the most secure way to delete data?
- How does hard drive encryption work?
- Is old software inherently insecure?
- Are Macs immune to malware?
- How can BYOD risk be managed?
- Which web browser is the most secure?
- How do I protect my iOS device?
- What are the top iPhone security apps?
- How do I secure my wireless network?
- Are public Wi-Fi hotspots safe?
