Eye on Security: Microsoft Windows Emergency Patch, Botnets Grab Data, Malware Scam Analysis
- Dr. Roy Schestowitz
- 2010-08-06 12:12:28 UTC
- Modified: 2010-08-06 12:12:28 UTC
Summary: An update on problems Windows users may be experiencing
●
Microsoft rushes out emergency fix for critical Windows bug (
more about this emergency)
Microsoft on Monday rushed out an emergency patch for a critical vulnerability that criminals are exploiting to install malware on all supported versions of the Windows operating system.
●
Botnet with 60GB of stolen data cracked wide open
Most botnet command-and-control channels run on compromised webservers or web-hosting services designed for criminals, making it possible to dismantle the network by taking down the central server. Mumba, by contrast, makes use of fast-flux technology, in which the operations are carried out on thousands of compromised PCs. That allows the IP address and host machine to change every few minutes, a measure that frequently foils takedown attempts by researchers and law enforcement.
●
Anatomy Of An Attempted Malware Scam
The display media segment is the newest target of malvertising, the latest trend in online criminal methodology. The problem has escalated in recent months and despite many suppliers' best efforts, it continues to grow. The culprits behind many of these attacks are based in foreign states leaving little course to take action. While the best defense against malvertising is to prevent it from happening in the first place, this has proven to be a challenge for even the most astute publishers, networks and the like.
We were recently the targets of one such attempt, and while it certainly wasn't the first "fake agency" we've been besieged by (and that we've successfully stopped), it is one of the most organized efforts we've encountered so far. Below we've outlined the approach that was used and the findings of our investigation as an FYI to others who may be on the target list.
Recent Techrights' Posts
- Why We Support Richard Stallman and You Probably Should Too
- It's not about being "Richard Stallman fan", it is about maintaining the right to hold positions (on technology) like his
- Some Large German Media Covers Richard Stallman's Talks in Germany Earlier This Week
- LLM-based chatbots are just "bullshit generators" (as he has long called them)
- Trouble in Red Hat/IBM and a Retreat to Ponzi Economics in Search of Wall Street Market Heist
- Would you invest your life savings in this kind of crap?
- Who Asked Software in the Public Interest (SPI) for a Refund? ($100,000, Resulting in Losses of $267,201 in 12 Months, Highest-Ever Losses)
- The IRS does not reveal who or what's tied to this refund (or the cause/reason)
-
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, October 23, 2025
- IRC logs for Thursday, October 23, 2025
- More Clues Shed on Collapse of Microsoft XBox
- XBox is basically circling down the drain as Microsoft implements 2-3 waves of layoffs each month
- 'Vibe Coding' Doesn't Work
- In a lot of ways, so-called 'Vibe Coding' is already considered vapourware or a passing fad promoted in the media by managers who try to justify mass layoffs, especially ridding companies of "very expensive" software engineers
- Links 24/10/2025: Microsoft's Killing of XBox Connected to Revenue/Profit Problems, "How Elon Musk Ruined Twitter"
- Links for the day
- Gemini Links 24/10/2025: 86,400 Seconds and "Society's Task"
- Links for the day
- Slopwatch: Google News and Slopfarms That Relay Nonsense From LLMs
- Google News, which once prioritised or used to care about provenance and quality, is feeding slopfarms
- Links 23/10/2025: More Health Concerns Over Dumb Chatbots (LLMs) and "Talking Cars" as Latest Buzz
- Links for the day
- Gemini Links 23/10/2025: Daylight Savings Time and Duration Shorthand
- Links for the day
- Links 23/10/2025: LLM 'Hallucinations' (Defects) in Practical Code 'Generation', China Becomes More Economically and Technologically Independent
- Links for the day
- Linux Foundation Uses LLM Slop to Promote Microsoft in Linux.com (Again), Rendering It a Linux-Hostile Slopfarm
- Openwashing with slop by "Linux.com Editorial Staff", which basically seems to be a bot
- Links 23/10/2025: Windows TCO Galore and "The Internet Is Going to Break Again"
- Links for the day
- Social engineering attack: Debian voted to trick you on binary blobs
- Reprinted with permission from Daniel Pocock
- Techrights Will Always Stand for Women's Rights
- We even invest money - personal savings that it - in our principles
- Certified Lawyers Should Know Better (Than to Intimidate Us With Man Who Drives on Motorcycle Through a Really Bad Storm Between Distant Cities, Then Collects Photos of Our Home)
- Mentioning someone was in prison for bad things isn't a crime, it's a public service
- The "AI" (Slop) Bubble is Already Imploding
- "ChatGPT Usage Has Peaked and Is Now Declining, New Data Finds"
- The So-called "Sexy" Buckets (AI, Quantum) Cannot Save IBM From Reality, Shares Tank
- "No matter how much financial hocus-pocus they use to reclassify revenues to land in the "sexy" buckets (AI, Quantum), it still smells old and musty - just like this company."
- Paul Krugman is Wrong About the Scope of Mass Layoffs in the United States
- A few years ago society was accelerating its journey towards feudalism, boosted by COVID-19
- Links 23/10/2025: Proprietary Blunders and CISA's Latest Disclosure of Holes
- Links for the day
- Gemini Links 23/10/2025: Fast Past (F1), 99.9% Uptime
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, October 22, 2025
- IRC logs for Wednesday, October 22, 2025
- Slopwatch: Google News is Promoting Fake 'Articles' About Fake Xubuntu, Fake Articles About Replacing Windows With GNU/Linux
- The quality of the Web deteriorates and unless someone cleans up the mess, real sites will lose an incentive to produce anything
- When "AI Layoffs" Mean Layoffs Due to the "AI" Bubble Popping
- many people that are laid off by Microsoft claim to be specialists in "AI"
- Mysterious grant forfeited, $100,000 from Software in the Public Interest accounts 2023
- Reprinted with permission from Daniel Pocock
- Evidence: bullying, student union behaviour: Armijn Hemel's FSFE resignation
- Reprinted with permission from Daniel Pocock
- Evidence: psychological abuse, stalking, Galia Mancheva, Susanne Eiswirt ignored by FSFE judgment for Matthias Kirschner
- Reprinted with permission from Daniel Pocock
- Helping FSFE scam victims and conference organisers
- Reprinted with permission from Daniel Pocock
- Nigerian fraud in FSFE constitution
- Reprinted with permission from Daniel Pocock
- Worrying and Amusing Stories of "Clown Computing" Gone Awry
- Many of these disasters could be avoided
- Links 22/10/2025: Amazon Plans to Replace Workers With Robotics, AWS and Clown Computing in General Ridiculed
- Links for the day
- Gemini Links 22/10/2025: Niri Completely Changes Multitasking and Overview of Diff-ers
- Links for the day
- Links 22/10/2025: Study on Misinformation by Slop and Heavily Debt-Sabbled Microsoft OpenAI (ClosedSlop) Uses "Browser" as Gimmick/Distraction
- Links for the day
- They've Already Spent Close to a Million Dollars on Lawyers and Sent Us About 50 KG of Legal Papers (Sponsored by Mysterious Third Party) to Try to Censor Techrights, Without Success
- They try to overcompensate with sheer volume for a lack of solid, clear arguments (we are the victims here)
- 12 Months Ago the 'Hulk Hogan of UEFI' Officially Went 'Tag-Team'
- We're actually sort of flattered or proud that such despicable people are so desperate to censor us
- "Cloud Computing" Was Always a Joke, But This Week Was the Punchline
- Maybe stop following tech trends and fashions
- "Cloud Computing" Does Not Mean Safety
- Fault tolerance is related to the notion of software freedom
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, October 21, 2025
- IRC logs for Tuesday, October 21, 2025
- The Fall of Windows: From Something to Nothing
- Of course Microsoft will pretend everything is fine and "just trust the hey hi" (AI)
