DecryptedTech

Thursday18 August 2022

Displaying items by tag: Malware

broken-lockIt would appear that the developers of Stuxnet/Duqu and Flame shared at least some source code during development. At least that is what security research firm Kaspersky seems to think. Kaspersky was the company that found the massive bit of malware that was using a compromised Microsoft Terminal Server licensing model to sign certificates for their code. Flame appears to have been a very coordinated espionage attack on Iran and has been in the news thanks to the complexity and functionality that it has.

Published in News

broken-lockWe told you about the new malware threat in Iran (and some other Middle Eastern countries). This is a new and very sophisticated bit of spyware that appears designed to gather intelligence about the state of Iran’s nuclear program. Kaspersky discovered the worm after being asked to check some systems that appeared to be acting strange. This investigation led to the discovery on Flame and the identification of some 20 plug-ins for the malware that can do everything from capture screens, to turning on a system’s microphone to record anything around the system. It is also able to record VoIP communication through applications like Skype.

Published in News

broken-lockSo what is more frightening than having a worm or a virus infect your network? How about a virus or worm that can infect the hardware that controls your network. According researchers at Cambridge this could be possible through the use of hard coded back doors in control processors. Although the idea of being able to reprogram the microcode inside computer chips is nothing new it has never been viewed as a threat before. After all most companies are very careful about allowing someone other than themselves to have access to the paths that would allow the original code to be overwritten.

Published in News

facebook_moneyRemember when we told you that Facebook was going to allow companies to pay to promote certain posts? Well it is now in full swing as it looks like Facebook has rolled out the service to everyone’s pages. Over the last week we have been having issues with posting links on the DecryptedTech Facebook page, yet when we reported the issue there was almost no response from Facebook about the issue. As it turns out this issue was due to the changes that Facebook was making behind the scenes.

Published in Editorials

News_light-virus-1An interesting report has popped up about a rather large attack on a group of Middle Eastern countries. The attack (called Flame) appears to be a targeted attack against Iran, Israel, Palestine, Sudan, Syria, Lebanon, Saudi Arabia and Egypt with the most effected being Iran, Palestine, and Israel. The attack was reported by Kaspersky Labs and looks to be intended to collect all kinds of information (not just data on computers). Kaspersky believes that Flame has been operating for at least two years in this region.

Published in News

News_light-virus-1In the IT world there was a time when we all feared the Marco viruses that could be embedded into Word, Excel and other Microsoft Office Products. It was bad enough at one point that I found a single system with over 3,200 counts of an Excel Macro virus (it replicated itself quite nicely). Back then it was common for IT to recommend the use of RTF (Rich Text Format) instead of .DOC for documents and there was even an option inside exchange to force the use of this format even if the end user has Word as their email editor.

Published in News

14621rotten_appleWell, well, well… although we have been saying it ever since the first Macs with Intel CPUs rolled off the lines in the Foxconn factories in China it seems like the world is finally realizing that the Mac IS a PC just running a different OS. The first kick in the head was delivered when the Flashback Malware hit the streets in the form of a fake flash installer which made any infected Mac part of a global botnet.

Published in News

safeThere is a lot of talk in the news about a very old piece of malware. This malicious code was called DNSChanger and was part of a criminal enterprise that intended to route people’s traffic through their own servers instead of the intended servers. This opened the victims up to countless other potential infections. The Malware was discovered back in 2004 and had a small amount of fame for its time. The impact of this particular infection was rated into the millions of Windows based PCs. Although the malware was identified and six people were arrested for it, the authorities did not know what to do about the infected systems (which is VERY odd).

Published in News

14621rotten_appleAlthough it will come as no surprise to anyone really the is now a report stating that Symantec’s estimation of the number of infected Macs with the Flashback Trojan might have been a tad low. You all remember that a couple of weeks ago Apple admitted to the malware and its effect on OSX. They finally released a patch for the affected subsystem (the Java API in Safari) and then released a tool that was supposed to identify and fix infected systems. This was actually after Kaspersky and F-Secure released tools to perform the same task.

Published in News

News_light-virus-1Once upon a time Apple’s CEO and PR department constructed a mythology around the computers and devices that they sold. This mythology was needed to compete in the market and at the time was very good for business (even if it was less than honest). The mythology in question was that Apple products were somehow manufactured differently (or better) and that they were unable to become infected with malicious code that we all have come to know and loathe; the computer virus.

Published in News
Page 15 of 17