The Latest in IT Security

Posts Tagged ‘Variants’

Viewing Vobfus infections from above

01
Jul
2013

Win32/Vobfus is a family of worms that spreads via removable drives and downloads other malware, and a family that is causing people a lot of pain lately. Vobfus was initially discovered in September 2009 and became prevalent with its use of the MS10-046 .LNK vulnerability. The .LNK vulnerability has also been used by Chymine, Sality, […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Read more ...

Another year, another rogue. Not what the doctor ordered

27
Jun
2013

Another new year is almost upon us. Or at least that’s what the distributors of Rogue:Win32/Winwebsec would have us believe – releasing a new branding System Doctor 2014 just prior to the middle of 2013. Figure 1: System Doctor 2014 user interface For some time, Winwebsec has had only one branding active at a time. […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Read more ...

PoisonIvy Uses Legitimate Application as Loader

21
Jun
2013

I recently obtained a PoisonIvy sample which uses a legitimate application in an effort to stay under the radar.In this case, the PoisonIvy variant detected as BKDR_POISON.BTA (named as newdev.dll) took advantage of a technique known as a DLL preloading attack (aka binary planting) instead of exploiting previously known techniques. The malware was located in […]

Category General Written by Security Intelligence 0 Comments

Read more ...

« Older Entries
Newer Entries »

Categories

SATURDAY, APRIL 19, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments