Overblog Tous les blogs Top blogs Technologie & Science Tous les blogs Technologie & Science
Suivre ce blog Administration + Créer mon blog
MENU

Web blog d'un ingénieur en sécurité informatique. IT Security watcher's blog: news, threats analysis, AV issues, PoC, IT security, bugs... Contact: philippe.vialle@wanadoo.fr

Publicité

veille virale

Nouveau hameçonnage ciblant Paypal

Nouveau hameçonnage ciblant Paypal

The malicious code is:

Not detected by most browsers: Opera, IE,....

Lire la suite
Publicité

Android scareware/ransomware? case study...

Android scareware/ransomware? case study...

The mobile malware (are we gonna call it mobalware someday?) fashion seems to copy the regular malware one... maybe somewhat a little bit faster. Anyway, I was keen on an app aiming to improve standard Android SMS reader/writer. The app is called ChompSMS....

Lire la suite

Android ad-ware case study

Android ad-ware case study

I would believe we are back to Win 9x systems fashion, when adwares used to be legion (at least, in proportion compared to global threats trends at this time). But this case seems to concern any Android OS from 1.6 to 2.x, much more modern systems......

Lire la suite

New fake AV, spreading over email (GMail...)!

New fake AV, spreading over email (GMail...)!

First I thouht this was like regular spam, and something close to Viagra (and others...). But, in the end, no... The contact told me his "mail account" had been stolen, whereas I do believe his computer has been compromised (and then, the bad guys used...

Lire la suite
Publicité

New fake antivirus, quite dangerous!

New fake antivirus, quite dangerous!

This malware did succeed to install itself on the following configuration: - Win7 64 bits, fully-patched - KAV 2011 - user account not administrator (account switch using UAC) - Opera 11.52 up-to-date I was just surfing... Therefore I do believe it is...

Lire la suite

Compromised CentOS server trying massive SSH connexions, plus spam relay

Compromised CentOS server trying massive SSH connexions, plus spam relay

I just found out that one of my NIPS' reports seems pretty clear regarding the daily top alerts: For those who forgot to secure a lil bit their (open)SSH server, time's running... What about that IP address 65.98.36.50? Well, it is the reverse DNS pointer...

Lire la suite

Faux positif Kaspersky 2011, sur nom de fichier

Faux positif Kaspersky 2011, sur nom de fichier

En navigant sur le web, j'ai eu la surprise de voir KAV 2011 alerter lors de l'accès à un site (trojanedbinaries.com). Voici le message complet : Analysons donc le sens du message , via le nom de la détection : - HEUR pour Heuristique, certainement. -...

Lire la suite

Nouvel hameçonnage Orange/Free

Nouvel hameçonnage Orange/Free

L'échantillon parle de lui-même : L'utilisation d'un compte GMail , comme point de contact pour une promo "Orange" , semble loufoque. Au pire, un Wanadoo aurait déjà pu semer le trouble pour les "nouveaux internautes"... Et le comble, c'est que le message...

Lire la suite
Publicité

Wordpress bouncing romanian viagra spam / russian domain

Wordpress bouncing romanian viagra spam / russian domain

To those who believe russian web tends to be safer, please first read Kaspersky's threat report Q2 2011. (cf. https://www.securelist.com/en/analysis/204792186/IT_Threat_Evolution_Q2_2011 ) Then, have a look at the following. Here is the mail I received...

Lire la suite

Hameçonnage Orange (fausse facture), 6 jours après...

Hameçonnage Orange (fausse facture), 6 jours après...

Cette fois-ci, j'ai préféré ne pas évaluer l'efficience de solutions de sécurité à l'instant T où la menace atteignait le poste, mais quelques temps après... Voici le courriel , assez bien fait d'ailleurs : Thunderbird 64 (Miramar) avait alerté sur un...

Lire la suite