Zeus Now Using Autorun As Infection Numbers Rise

After tapering off, the Zeus Trojan has been staging a comeback over the last few months, possibly using a new infection routine that leverages Windows’ autorun feature even after a company update to limit infections that use it, according to research by Microsoft. Microsoft’s Malicious Software...

Zero Day Flaws Overvalued Says New Microsoft Report

Attention given to previously unknown or “zero day” flaws may be overrated, according to research from Microsoft Corp. In an analysis, “Zeroing in on Malware Propagation Methods,” Microsoft follows the propagation of malware and how certain forms measure up against other vulnerability exploits...

Android Malware Increasing, AutoRun Attacks Still Prevalent

The recent trend of attackers focusing their attention on mobile platforms such as Android, Symbian and iOs is continuing to accelerate, researchers say, and the threats to smartphones are becoming more and more sophisticated and dangerous. Android is becoming the focus of much of the attention...

MyBB MyTabs Plugin - SQL Injection

===================================================================== MyBB 0day \ MyTabs plugin SQL injection vulnerability ===================================================================== Exploit title : MyBB 0day \ MyTabs plugin SQL injection vulnerability. Author: AutoRUN & dR.sqL Home :...

Black Ice Cover Page SDK - Insecure Method 'DownloadImageFileURL()' (Metasploit)

Blackice Cover Page SDK insecure method DownloadImageFileURL exploit arg1="http://www.google.com/robots.txt" arg2="C:\Documents and Settings\All Users\Start Menu\Programs\Startup\robots.txt" target.DownloadImageFileURL arg1 ,arg2 MSF Module $Id: blackicecoverpagedownload.rb 12540 2011-06-20...

AutoRun Infections Plummet Following Upgrade

A mid-February AutoRun update has had a dramatic effect on malware infection rates on the XP and Vista platforms, reducing infection rates using the AutoRun feature by as much as 68% across Windows platforms, according to Microsoft. Infections via the AutoRun feature in systems running Windows XP...

USB Immunizer : Anti-Malware Tool Against Autorun Viruses

USB Immunizer : Anti-Malware Tool Against Autorun Viruses The USB immunizer is BitDefender's response to this growing issue. Autorun-based malware has been atop of the worldwide e-threat landscape, with notorious representatives such as Trojan.AutorunInf, the Conficker worm Win32.Worm.Downadup or...

Microsoft Pushes Fix to Disable AutoRun

As malware authors and attackers have continued to employ the Windows AutoRun functionality to help spread their malicious creations–culminating famously in the Stuxnet worm–Microsoft has been making gradual changes to help prevent these attacks. This week the company took the major step of putti...

Fake Microsoft security update spreads Autorun worm !

Have you received an email seemingly from Microsoft's security team telling you to "Update your Windows"? Have you been sent a file called KB453396-ENU.zip and told to run it on your Windows computer? Well, think twice before following the instructions. Cybercriminals are up to their old tricks,...

Removable Media Security Practices

US-CERT is aware of recent reports indicating that some newly purchased removable media devices are infected with malicious code. This malicious code is a worm that attempts to propagate itself via multiple methods. If a Windows user connects an affected removable media device to a system that ha...

GeekLog 1.7.0 (fckeditor) Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications ============================================================= GeekLog 1.7.0 fckeditor Arbitrary File Upload Vulnerability ============================================================= db 88 88 ,ad8888ba, d88b 88 88 d8"' "8b d8'8b 88 88 d8' d8'...

GeekLog 1.7.0 Shell Upload

db 88 88 ,ad8888ba, d88b 88 88 d8"' "8b d8'8b 88 88 d8' d8' 8b 88aaaaaaaa88 88 d8YaaaaY8b 88""""""""88 88 88888 d8""""""""8b 88 88 Y8, 88 d8' 8b 88 88 Y8a. .a88 d8' 8b 88 88 "Y88888P" Exploit Title: Geeklog Date: 18-10-2010 Author: Kubanezi AHG Software Link: http://www.geeklog.net/ Version: 1.7....

Early Stuxnet Variants Used 'Cunning' Hack of AutoRun to Spread

Early versions of the Stuxnet worm used a novel and cunning method to manipulate Windows Autorun feature in order to spread, according to information published by a Symantec Researcher who helped analyze the worm after it was first identified. Writing on the Symantec Connect blog, Symantec...

Worm: VBMania

Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network...

New Malware Emerges to Exploit Windows LNK Flaw

Researchers have found two distinct new malware families that are exploiting the newly discovered Windows shell LNK vulnerability, leading to concerns that the development of a worm could be in the offing. One of the new pieces of malware, dubbed Chymine by researchers at Eset, exploits the LNK...

Automatic Drive-by Download

Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...

Automatic Drive-by Download

Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...

Microsoft Windows快捷方式LNK文件自动执行文件漏洞

BUGTRAQ ID: 41732 Microsoft Windows是微软发布的非常流行的操作系统。 Windows支持使用快捷方式或LNK文件。LNK文件是指向本地文件的引用，点击LNK文件与点击快捷方式所指定的目标具有相同的效果。...

Microsoft Windows .LNK Vulnerability

US-CERT is aware of a vulnerability affecting Microsoft Windows. This vulnerability is due to the failure of Microsoft Windows to properly obtain icons for .LNK files. Microsoft uses .LNK files, commonly referred to as "shortcuts," as references to files or applications. By convincing a user to...

Microsoft Windows automatically executes code specified in shortcut files

Overview Microsoft Windows automatically executes code specified in shortcut LNK and PIF files. Description Microsoft Windows supports the use of shortcut or LNK files. A LNK file is a reference to a local file. A PIF file is a shortcut to a MS-DOS application. Clicking on a LNK or PIF file has...