Overblog Tous les blogs Top blogs Technologie & Science Tous les blogs Technologie & Science
Suivre ce blog Administration + Créer mon blog
MENU

Le blog sécurité de Philippe Vialle / Phil Vialle's blog

Web blog d'un ingénieur en sécurité informatique. IT Security watcher's blog: news, threats analysis, AV issues, PoC, IT security, bugs... Contact: philippe.vialle@wanadoo.fr

Publicité

New scam 419 on viadeo | nouveau scam 419 sur viadeo

Quelquefois, pas besoin de chercher pour qu'un élément malveillant à analyser pour qu'un ben échantillon vienne à moi. Les mauvaises langues diront que ce sont tous mes pots de miel qui sont derrière ce constat... pas à tout à fait faux. Bref, en lisant...

Lire la suite
Publicité

suspicious NetBT request teamscrew: BotNet C&C on ADSL box?

I was not even really monitoring the LAN when I noticed strange requests... Why strange? because of the following: - Netbios over TCP protocol whereas the proxy should handle that kindda name resolution (part of web requests) - broadcast name query, spreading...

Lire la suite

CC number stealer, fake MSN webcam

CC number stealer, fake MSN webcam

Recently, a new contact requested me to add her/him as a new MSN one. Even if I did not recognize the address, I accepted the invitation. This was for analysing purpose, I do NOT recommend any people to do the same! Anyway, here is the contact: altagraciatehney09...

Lire la suite

Zango's come back: new MSN accounts stealer?

Zango's come back: new MSN accounts stealer?

Years ago, when I started to study viral threats, I discovered Zango. Zango used viral technologies to spread and remain resident on compromised computers. I won't give a new talk about the past Zango, search engines will on their own if you wanna try....

Lire la suite
Publicité

Firefox 64 bits... not yet really ready | test de Firefox 64 bits

Firefox 64 bits... not yet really ready | test de Firefox 64 bits

First of all, the problem of you wanna try Firefox 64bits version, is to find a way to download it. I honestly don't even understand why Mozilla did not add any special page on the official Firefox portal, for the 64 bits version! Why so...? don't know....

Lire la suite

Quand McAfee publie 50% d'une attaque

Quand McAfee publie 50% d'une attaque

A few people I recently met asked me why I do write articles in English, and not (or almost not) in French. Well... the thing is Google Translation is not yet fully functional, and French used to be an international language but things change. So... voila....

Lire la suite

Thunderbird believes Sophos enews is spam | Sophos enews indésirable ?

Thunderbird believes Sophos enews is spam | Sophos enews indésirable ?

I find it quite funny when an AV or any security system alerts for something regarding another security system. This time, it is about antispam and AV vendor security newsletter... The antispam is: Thunderbird 2.0.23 The newsletter is: Sophos enews Here...

Lire la suite

New campaign targetting MSN credentials | vague de vol d'identifiants MSN

New campaign targetting MSN credentials | vague de vol d'identifiants MSN

Well, this is not new, but it is not a reason not to talk about that, I guess. THis time, the supposed online MSN access server is hosted on the domain: come-face-the-truth.com. To be more accurate, I recently received the following MSN message, coming...

Lire la suite
Publicité

ESET kernel module memory leak | fuite de mémoire ESET ekrn.exe

ESET kernel module memory leak | fuite de mémoire ESET ekrn.exe

As everybody would say, an antivirus is not supposed to take all the system ressources. Taking that into account, I tested ESET Nod on my computers, because I knew it was said to prove quite reasonable memory and CPU usage. Anyway, this was about real...

Lire la suite

Russian domains targeting MS IIS | attaque des IIS par domaines russes

Russian domains targeting MS IIS | attaque des IIS par domaines russes

Let's act just for once as a Computer Security Incident Response Team member. What a great pleasure... An user called the helpdesk because the antivirus was yelling about a supposed malicious PDF file. The only problem was: this alert was happening while...

Lire la suite