malware

8 November 2012 at 2:59pm
There was an excellent line-up of speakers at Janet CSIRT’s conference this week.
17 October 2012 at 1:22pm
Malicious software, generally shortened to malware, is involved in a wide variety of security incidents, from botnets and phishing to industrial sabotage. Analysing what malware does and how it can be detected, neutralised and removed from infected computers is an important part of keeping networks and computers secure.
29 April 2013 at 11:47am
Nominet have announced a consultation on allowing (someone with a very long memory has pointed out to me that this is actually re-allowing) the registration of domains directly under the .uk top level domain, as well as in the familiar second-level domains such as .ac.uk, .co.uk, .org.uk, etc. Illustrating the sort of domain that could become possible, the proposed service is called Direct.uk
4 May 2012 at 12:04pm
Given the outcome of previous hearings on copyright infringement, the court’s conclusion this week that the UK’s major ISPs should be ordered to block access to The Pirate Bay was no surprise. However the judgment raises an interesting technical issue. In a previous hearing, it had been pointed out that there was a way to get around blocks on individual web pages that would not be possible if the block instead referred to the IP address of the website as a whole.
4 May 2012 at 9:48am
A bot is a program, maliciously installed on a computer, that allows that computer and thousands of others to be controlled by attackers. Bots are one of the major problems on the Internet, involved in many spam campaigns and distributed denial of service attacks, as well as allowing attackers to read private information from the computer’s disk and keyboard. Some bots even allow cameras and microphones to be monitored by the attacker. Detecting and removing bots is therefore in the interests of both individuals and internet providers.
Anonymous
PB/INFO/012 (10/06) Every few months a computer virus outbreak is publicised in the national press. One in every thirty e-mail messages contains a virus. Every computer user should therefore be aware of the danger and take simple steps to protect themselves against it.
Anonymous
From time to time Janet CSIRT may report activity to you that is related to the Conficker worm. Typically this is a record of traffic from an infected host, to a Conficker sinkhole server. These sinkhole servers pretend to be part of the worm’s command and control infrastructure. The worm then attempts to load a web page on the sinkhole server, that were the server real, would contain instructions for the worm. Our reports typically look like this
Anonymous
The Conficker worm (also known as Downup, Downadup and Kido) is probably the most prevalent computer worm on Janet and the Internet at this time. It’s success can be attributed to it’s use of a number of different vectors it uses to infect machines:
Anonymous
Zeus is the name for a family, or perhaps ecosystem of malware that is created and customised using a single toolkit. Not only does the toolkit generate the executable that infects systems, but it also produces server files that act as the command and control infrastructure for the operator’s botnet. Primarily Zeus is used to steal banking details through the use of keystroke logging and screen captures that are sent from the infected system to the command and control sever.
Subscribe to malware