network traffic | DataProtectionCenter.com

Analyzing malicious files for writing network signatures

11

Nov

2011

Attackers continually modify malware in order to evade antivirus software. Attackers will pack or encrypt malicious files using various packers. Blocking each and every malicious executable is a challenging task for antivirus vendors. Most malicious files, once installed, try to download additional malware or send HTTP GET/POST requests to malicious servers controlled by attackers. Malicious […]

Category Security Written by Zscaler Research 0 Comments

Galaxies Collide

21

Oct

2011

Duqu contains a backdoor that steals information. Infostealers need to send the stolen info back somehow. Careful infostealers try to make the transfer look innocent in case somebody is watching network traffic. Duqu hides it’s traffic by making it look like normal web traffic. Duqu connects to a server (206.183.111.97 aka canoyragomez.rapidns.com, which used to […]

Category General Written by F-Secure Antivirus Research Weblog 0 Comments

Virus Bulletin 2011 – Chinese DDoS Bots

05

Oct

2011

Hello from Virus Bulletin 2011! Several talks this morning were very good, and an unusual topic about DDoS in the east was presented early in the afternoon. Over 40 families of Chinese DDoS bots were identified by Arbor Networks and have been tracked over the past year. Online occurance of the malware itself is increasing. […]

Category General Written by Securelist / Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘network traffic’

Analyzing malicious files for writing network signatures

Galaxies Collide

Virus Bulletin 2011 – Chinese DDoS Bots

Categories

Featured

Archives

Latest Comments

About Us

Contact Us