payload | DataProtectionCenter.com

NACHA Spam / financeportal.sytes.net

14

Dec

2011

More NACHA spam this morning, this time the payload is at financeportal.sytes.net/main.php?page=111d937ec38dd17e on 174.140.165.90. Blocking the IP address rather than the domain is probably best as there may be other malicious sites on that server. 174.140.165.90 is on Directspace LLC in Oregon who seem to have a significant problem with malware at the moment, I […]

Category Security Written by Dynamoo's Blog 0 Comments

MSRT December: Win32/Helompy

14

Dec

2011

The December 2011 edition of the MSRT includes detection and clean-up for the Win32/Helompy Family. Helompy is a worm that propagates by copying itself to the root of removable drives, and its main payload is to record account credentials and login information and send them to a remote server, where the attacker could retrieve them […]

Category General Written by Microsoft Malware Protection Center 0 Comments

New zero-day Yahoo Messenger exploit allows malware to spread via hijacked status updates

03

Dec

2011

An unpatched zero-day flaw in Yahoo Messenger allows remote attackers to fiddle with any user’s status message – allowing malware to be spread, Bitdefender security researchers revealed on Friday. Vulnerable clients are found in version 11.x of Messenger, including the freshly released 11.5.0.152-us version. The reason the status update vector is so dangerous boils down […]

Category General Written by Naked Security - Sophos 0 Comments

The Latest in IT Security

Posts Tagged ‘payload’

NACHA Spam / financeportal.sytes.net

MSRT December: Win32/Helompy

New zero-day Yahoo Messenger exploit allows malware to spread via hijacked status updates

Categories

Featured

Archives

Latest Comments

About Us

Contact Us