The Latest in IT Security

Posts Tagged ‘dll’

Evading Malware Researchers: Shylock’s New Trick

28
Nov
2012

Shylock is a financial malware platform discovered by Trusteer in 2011.  Like most malware strains, Shylock continues to evolve in order to bypass new defensive technologies put in place by financial institutions and enterprises.  While analyzing a recent Shylock dropper we noticed a new trick it uses to evade detection. Namely, it can identify and […]

Category General Written by Trusteer blogs 0 Comments

Read more ...

LOL Links Wake Up Rage?

01
Nov
2012

W32.IRCBot.NG and W32.PhopifasIn a previous blog, my colleague Kevin Savage detailed a social engineering attack that utilized instant messaging applications. While the infection rates of W32.IRCBot.NG and W32.Phopifas have passed their peaks, the modules continue to be updated daily.The infection routine of these threats has not changed since they were discovered, but the threat authors […]

Category General Written by Symantec Security Response Blog 0 Comments

Read more ...

PE_XPAJ: Persistent File Infector

23
Oct
2012

We’re currently investigating several file infectors that have affected several countries, particularly Australia. Trend Micro detects these as PE_XPAJ.C, PE_XPAJ.C-1, PE_XPAJ.C-2, and PE_XPAJ.C-O.Based on our initial analysis, these PE_XPAJ variants connect to the following C&C servers to send and receive information: {BLOCKED}.{BLOCKED}.162.208:35516 {BLOCKED}.{BLOCKED}.152.218:35516 {BLOCKED}.{BLOCKED}.71.249:35516 {BLOCKED}.{BLOCKED}.60.108:35516 {BLOCKED}.{BLOCKED}.123.153:35516 {BLOCKED}.{BLOCKED}.132.25:35516 {BLOCKED}.{BLOCKED}.16.5:389 {BLOCKED}.{BLOCKED}.0.1:1056 {BLOCKED}.{BLOCKED}.16.9 {BLOCKED}.{BLOCKED}.16.10 {BLOCKED}.{BLOCKED}.183.224:35516 {BLOCKED}.{BLOCKED}.0.1:1070 {BLOCKED}.{BLOCKED}.16.12:389 {BLOCKED}.{BLOCKED}.4.250:80 […]

Category General Written by Security Intelligence 0 Comments

Read more ...

« Older Entries
Newer Entries »

Categories

TUESDAY, MARCH 11, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments