Eye on Security: Microsoft Windows Emergency Patch, Botnets Grab Data, Malware Scam Analysis
- Dr. Roy Schestowitz
- 2010-08-06 12:12:28 UTC
- Modified: 2010-08-06 12:12:28 UTC
Summary: An update on problems Windows users may be experiencing
●
Microsoft rushes out emergency fix for critical Windows bug (
more about this emergency)
Microsoft on Monday rushed out an emergency patch for a critical vulnerability that criminals are exploiting to install malware on all supported versions of the Windows operating system.
●
Botnet with 60GB of stolen data cracked wide open
Most botnet command-and-control channels run on compromised webservers or web-hosting services designed for criminals, making it possible to dismantle the network by taking down the central server. Mumba, by contrast, makes use of fast-flux technology, in which the operations are carried out on thousands of compromised PCs. That allows the IP address and host machine to change every few minutes, a measure that frequently foils takedown attempts by researchers and law enforcement.
●
Anatomy Of An Attempted Malware Scam
The display media segment is the newest target of malvertising, the latest trend in online criminal methodology. The problem has escalated in recent months and despite many suppliers' best efforts, it continues to grow. The culprits behind many of these attacks are based in foreign states leaving little course to take action. While the best defense against malvertising is to prevent it from happening in the first place, this has proven to be a challenge for even the most astute publishers, networks and the like.
We were recently the targets of one such attempt, and while it certainly wasn't the first "fake agency" we've been besieged by (and that we've successfully stopped), it is one of the most organized efforts we've encountered so far. Below we've outlined the approach that was used and the findings of our investigation as an FYI to others who may be on the target list.
Recent Techrights' Posts
- FSFE (Ja, Das Gulag Deutschland) Has Lost Its Tongue
- Articles/month
- Ian Jackson & Debian reject mediation
- Reprinted with permission from disguised.work
- How to get selected for Outreachy internships
- Reprinted with permission from disguised.work
- Red Hat Corporate Communications is "Red" Now
- Also notice they offer just two options: MICROSOFT or... MICROSOFT!
- Links 26/04/2024: XBox Sales Have Collapsed, Facebook's Shares Collapse Too
- Links for the day
-
- Almost 2,700 New Posts Since Upgrading to Static Site 7 Months Ago, Still Getting More Productive Over Time
- We've come a long way since last autumn
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Friday, April 26, 2024
- IRC logs for Friday, April 26, 2024
- Overpaid lawyer & Debian miss WIPO deadline
- Reprinted with permission from disguised.work
- Brian Gupta & Debian: WIPO claim botched, suspended
- Reprinted with permission from disguised.work
- Microsoft's XBox is Dying (For Second Year in a Row Over 30% Drop in Hardware Sales)
- they boast about fake numbers or very deliberately misleading numbers that represent two companies, not one
- [Meme] Granting a Million Monopolies in Europe (to Non-European Companies) at Europe's Expense
- Financialization of the EPO
- Salary Adjustment Procedure at the EPO Challenged
- the EPO must properly compensate staff in order to attract and retain suitably skilled examiners
- Links 26/04/2024: Surveillance Abundant, Restoring Net Neutrality Rules (US)
- Links for the day
- Gemini Links 26/04/2024: uConsole and EXWM and stdu 1.0.0
- Links for the day
- Albanian women, Brazilian women & Debian Outreachy racism under Chris Lamb
- Reprinted with permission from disguised.work
- Microsoft-Funded 'News' Site: XBox Hardware Revenue Declined by 31%
- Ignore the ludicrous media spin
- Mark Shuttleworth, Elio Qoshi & Debian/Ubuntu underage girls
- Reprinted with permission from disguised.work
- Karen Sandler, Outreachy & Debian Money in Albania
- Reprinted with permission from disguised.work
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, April 25, 2024
- IRC logs for Thursday, April 25, 2024
- Links 26/04/2024: Facebook Collapses, Kangaroo Courts for Patents, BlizzCon Canceled Under Microsoft
- Links for the day
- Gemini Links 26/04/2024: Music, Philosophy, and Socialising
- Links for the day
- Microsoft Claims "Goodwill" Is an Asset Valued at $119,163,000,000, Cash Decreased From $34,704,000,000 to $19,634,000,000 and Total Liabilities Grew to $231,123,000,000
- Earnings Release FY24 Q3
- More Microsoft Cuts: Events Canceled, Real Sales Down Sharply
- So they will call (or rebrand) everything "AI" or "Azure" or "cloud" while adding revenues from Blizzard to pretend something is growing
- CISA Has a Microsoft Conflict of Interest Problem (CISA Cannot Achieve Its Goals, It Protects the Worst Culprit)
- people from Microsoft "speaking for" "Open Source" and for "security"
- Links 25/04/2024: South Korean Military to Ban iPhone, Armenian Remembrance Day
- Links for the day
- Gemini Links 25/04/2024: SFTP, VoIP, Streaming, Full-Content Web Feeds, and Gemini Thoughts
- Links for the day
- Audiocasts/Shows: FLOSS Weekly and mintCast
- the latest pair of episodes
- [Meme] Arvind Krishna's Business Machines
- He is harming Red Hat in a number of ways (he doesn't understand it) and Fedora users are running out of patience (many volunteers quit years ago)
- [Video] Debian's Newfound Love of Censorship Has Become a Threat to the Entire Internet
- SPI/Debian might end up with rotten tomatoes in the face
- Joerg (Ganneff) Jaspert, Dalbergschule Fulda & Debian Death threats
- Reprinted with permission from disguised.work
- Amber Heard, Junior Female Developers & Debian Embezzlement
- Reprinted with permission from disguised.work
- [Video] Time to Acknowledge Debian Has a Real Problem and This Problem Needs to be Solved
- it would make sense to try to resolve conflicts and issues, not exacerbate these
- Daniel Pocock elected on ANZAC Day and anniversary of Easter Rising (FSFE Fellowship)
- Reprinted with permission from Daniel Pocock
- [Video] IBM's Poor Results Reinforce the Idea of Mass Layoffs on the Way (Just Like at Microsoft)
- it seems likely Red Hat layoffs are in the making
- Ulrike Uhlig & Debian, the $200,000 woman who quit
- Reprinted with permission from disguised.work
- IRC Proceedings: Wednesday, April 24, 2024
- IRC logs for Wednesday, April 24, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day