The rise of the (http) botnet
We're seeing more and more http-based botnet controllers. Even though these botnets are still limited in number of infected hosts, there's also some new and…
FakeImages
I have just discovered a new kind of fakecodecs. This time, instead of being related with codecs to watch videos, it is related to images,…
Ani exploit plus Heap Spraying
Today we have detected a server exploting the last ani vulnerability with the known “Heap Spraying” technique. The ani file exploits the vulnerability nevertheless there…
Nurech.Z
In the last hours we have received several mails containing the worm Nurech.Z. In order to avoid being detected, this worm comes in a .zip…
ANI loader vulnerability analysis
The guys over at Hispasec have just published a very nice analysis of the ANI loader vulnerability. It's also very interesting to see the stats…
Point-and-click Internet Explorer VML exploits
Just a curiosity, but today's the 3 month anniversary of the integer overflow vulnerability in VML (vgx.dll). We shouldn't get too caught up on the…
Trojan Snatch installed in a lot of malware servers
Lately, I’ve been coming across several websites that infect computers with the Trojan Trj/Snatch by using exploits. This malware not only monitors the passwords entered…