The Latest in IT Security

Posts Tagged ‘melbourne’

Wecykler is a family of worms, that shares some similarities with the Worm:Win32/Autorun family, in that it that takes advantage of removable drives attached to an infected system in order to propagate to other machines. They target users’ familiarity with the content of drives (files and directories) disguising as directories with existing and catchy names […]

Read more ...

Recently we discovered an advanced backdoor sample – VirTool:WinNT/Exforel.A. Unlike traditional backdoor samples, this backdoor is implemented at the NDIS (Network Driver Interface Specification) level. VirTool:WinNT/Exforel.A implements a simple private TCP/IP stack and hooks NDIS_OPEN_BLOCK for the TCP/IP protocol, as shown in Figure 1.    Figure 1: Hooked functions in NDIS_OPEN_BLOCK This means that backdoor-related TCP traffic will be diverted to the private […]

Read more ...

This month one of the families introduced to MSRT is Win32/Phorpiex, a worm that spreads via removable drives and has IRC controlled backdoor functionality. In most respects Phorpiex is another worm, with typical command and control via IRC as well as spreading via removable drives. Like many other malware it usually does this by using […]

Read more ...


Categories

WEDNESDAY, JANUARY 26, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments