Conficker.C Lecture Slides (and a couple of comments)
I guest-lectured the computer security class here today, and with it being the day Conficker.C starts looking for a payload, I figured it would be an excellent opportunity to deviate from the normal lesson plan. With the well-written Honeynet Project and SRI papers out there that describe the technical details of Conficker.C, it’s a great [...]
Ethan Frome macro virus at Disney
Hopefully I won’t be asked to take this one down:
I was just looking for hours of operation for the Picabu buffet/cafeteria here at Disney’s Dolphin resort while I’m here for the SANS SCADA Summit. I just can’t do anything anymore without stumbling across something security related, I guess.
If you haven’t spotted what’s “wrong” in the [...]
Homer Simpson’s AIM Account Hackers Own Up (sort of)
Regarding “Homer Simpson and the Kimya Botnet“, a new away message for Chunkylover53 (Homer Simpson’s AOL account, revealed in one of the episodes, and since hijacked) drops some names:
KRYOGENIKS EBK and DEFIANT RoXed HOMER sHouTz To VIRUS Warlock elul21 coll1er and Slacker.
I wouldn’t advise keeping him on your buddy list at this point, as the [...]
Trend Micro Boycott, and the Tale of the Lunchless Lunch & Learn
Trend Micro & Software Patents
So it seems that Trend Micro is trying to push themselves around on other antivirus products with a patent that they have on performing antivirus detection on SMTP and FTP gateways. Some commercial vendors have already settled with them over this, however Trend Micro are now suing Barracuda for their [...]
Bruce Schneier on the Storm “Worm”
Finally, someone gets the point of this thing and starts some discussion about what this malware is doing scarily right, instead of dwelling on the fact that this week it is sending itself out as greeting cards or whatever. Does it surprise me that “someone” is Bruce Schneier? Not really :) , although [...]
Thoughts on signed malware
I like SunbeltBLOG a lot (and I recommend that you add them to your reader), however, like most of the content in my RSS reader that I really like, I occasionally find myself disagreeing with them. Today’s post, For shame: Thawte trusts Gromozon is one of those times. While I can certainly understand [...]
Playing With Fire: Malware in VMs
Lately I’ve been reading Eldad Eilam’s “Reversing: Secrets of Reverse Engineering”, working through all of the exercises and such. I need to build up my skills at really low level workings of Windows, static analysis of disassembled code, and debugging a live process more effectively. This is the perfect book for that, so [...]