Decoding the methods in malicious code is becoming more difficult, according to reverse-engineering experts. Attacks no longer scramble simple function names, but encrypt entire blocks of code. Attackers use obfuscation to make it harder to analyze malicious software and stymie security tools, such as intrusion-detection systems, from recognizing the attack. Initially, obfuscation merely scrambled the names of the functions being called by a program, complicating analysis of the binary code...

A new piece of malware being distributed by Sality uses stolen Facebook credentials to surreptitiously install rogue apps under the corresponding profiles. Sality is the world‘s top file infecting malware and dates back to 2003. The threat has evolved over the years and was fitted with P2P, self-propagation, and malware distribution functionality. According to security researchers from Symantec, at the beginning of 2011, Sality operators pushed a malicious component through its P2P ne...

The Web site of the European Space Agency (ESA) has been hacked into and a list of FTP accounts, as well as email addresses and passwords for administrators and editors have been leaked. The www(dot)esa(dot)int Web server was compromised by a well-known Romanian grey hat hacker who uses the online moniker of TinKode. The hacker posted details of the compromise on his blog in full disclosure style. However, the method he used was not revealed. The published data includes FTP accounts for a r...

Well as many of you old timers here know, and some may not but will now, I run a YouTube Channel called "3rdID8487" and I post videos from the DoD, DVIDS, CENTCOM, NATO and the Pentagon and make a few of my own from materials I get from them. I of course got written permission from all of those first (That was interesting and a story in itself!). Well it started out small and I thought that even if one or two people a day looked at the videos I would be happy. Wow how could I have known what it ...

The FBI and the U.S. Justice Department (DOJ) said April 13 they have disabled a "botnet" of more than 2 million computers infected with malicious code that Eastern European cyber criminals may have used to drain millions of dollars from bank accounts around the world. U.S. authorities continue to combat the network of remotely controlled computers called the "Coreflood" botnet, which has secretly recorded computer users’ keystrokes to compromise vast amounts of banking and financial ...

A recently identified ZeuS trojan sample is digitally signed with a fake certificate whose purpose is to make the piece of malware harder to detect. According to security experts from Avira who discovered the sample, the digital certificate is signed by an entity called "DetectMe " and dates since the end of February. Although the ability to digitally sign code has been around since Windows NT, the practice has only seen more adoption starting with Vista where the difference between signed...

Hackers have compromised several servers that support WordPress and may have obtained source code, according to the founding developer of Automattic, the company behind the popular blogging platform. He wrote on the WordPress blog that Automattic has been reviewing log records to determine how much information was exposed and re-evaluating "avenues to gain access." "We presume our source code was exposed and copied," he wrote. "While much of our code is open source, there are sensitive bits...

Texas exposes addresses, SSNs of 3.5 million residents. The state of Texas revealed April 11 that personal information for 3.5 million citizens has been exposed to the public, including names, addresses, Social Security numbers, and more. According to the Texas State Comptroller, the data was not exposed by a hacker or a group of vigilantes — it ended up on a state-controlled public server after having been passed around between various state agencies. The data came from the Teac...

Facebook has fixed a bug in the site’s password reset feature that could have been exploited to expose passwords of a small number of users who also use Hotmail. "We can access password of any facebook user who uses hotmail email address as their facebook account," a Turkish security researcher wrote in an e-mail to CNET the weekend of April 9 and 10. "If you have any hotmail account and if it is used as facebook account, we can change and send you your new password:)." A Facebook spok...

Yahoo! has introduced a new feature that allows users to review their account’s log-in history for strange activity and signs of possible compromise. E-mail accounts are valuable for cyber criminals and can be compromised in a variety of ways, including via keyloggers or phishing. Since storage space is no longer a major issue, a lot of people fail to delete old e-mails. This is a security risk because those messages can contain passwords and sensitive information about other accounts. ...

Solo Iranian hacker takes credit for Comodo certificate attack.   A solo Iranian hacker March 26 claimed responsibility for stealing multiple SSL certificates belonging to several Web sites, including Google, Microsoft, Skype, and Yahoo. Early reaction from security experts was mixed, with some believing the hacker’s claim, while others were dubious. During the week of March 21, conjecture had focused on a state-sponsored attack, perhaps funded or conducted by the Ira...

This is interesting, having your own computer held hostage, remotely. A recent malicious campaign spotted by GFI researchers uses a variation of spoofed reported attack pages, which spurs users to install an "update" for Internet Explorer. The offered update is fake and the downloaded code actually locks the user out of his/her PC and plasters a warning across the the screen telling him/her that 19 "unlicensed software, movies and music" files have been found on the computer, along with "mat...

While looking for some good videos of Iraq I ran into these that were done by different U.S. Units and individual Soldiers. They vary in length and vary in content, take a minute and see it through the eyes of the men and women themselves. You may learn something. http://video.google.com/videoplay?docid=-2429702440603469880&q=iraq (I really liked this one, well done) http://video.google.com/videoplay?docid=-5858432572912318014&q=iraq (Good stuff from CNN raw footage) http://video.goog...