The Latest in IT Security

Posts Tagged ‘proxy server’

Flame: Replication via Windows Update MITM proxy server

06
Jun
2012

The Flame malware uses several methods to replicate itself. The most interesting one is the use of the Microsoft Windows Update service. This is implemented in Flame’s “SNACK”, “MUNCH” and “GADGET” modules. Being parts of Flame, these modules are easily reconfigurable. The behavior of these modules is controlled by Flame’s global registry, the database that […]

Category General Written by Securelist / Blog 0 Comments

Read more ...

W32.Flamer: Microsoft Windows Update Man-in-the-Middle

05
Jun
2012

Flamer has a variety of ways of spreading on the local network. One of the methods is to hijack clients performing Windows Update. Three Flamer apps are involved in delivering the rogue update: SNACK, MUNCH, and GADGET. When Internet Explorer starts, by default it will automatically search for proxy configuration settings. This happens through the […]

Category General Written by Symantec Security Response Blog 0 Comments

Read more ...

FAQ: Disabling the new Hlux/Kelihos Botnet

28
Mar
2012

Q: What is the Hlux/Kelihos botnet? A: Kelihos is Microsoft’s name for what Kaspersky calls Hlux. Hlux is a peer-to-peer botnet with an architecture similar to the one used for the Waledac botnet. It consists of layers of different kinds of nodes: controllers, routers and workers. Q: What is a peer-to-peer botnet? A: Unlike a […]

Category General Written by Securelist / Blog 0 Comments

Read more ...

« Older Entries
Newer Entries »

Categories

TUESDAY, MARCH 11, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments