Web blog d'un ingénieur en sécurité informatique. IT Security watcher's blog: news, threats analysis, AV issues, PoC, IT security, bugs... Contact: philippe.vialle@wanadoo.fr
The mobile malware (are we gonna call it mobalware someday?) fashion seems to copy the regular malware one... maybe somewhat a little bit faster. Anyway, I was keen on an app aiming to improve standard Android SMS reader/writer. The app is called ChompSMS....
Lire la suite
I would believe we are back to Win 9x systems fashion, when adwares used to be legion (at least, in proportion compared to global threats trends at this time). But this case seems to concern any Android OS from 1.6 to 2.x, much more modern systems......
Lire la suiteFirst I thouht this was like regular spam, and something close to Viagra (and others...). But, in the end, no... The contact told me his "mail account" had been stolen, whereas I do believe his computer has been compromised (and then, the bad guys used...
Lire la suite
This malware did succeed to install itself on the following configuration: - Win7 64 bits, fully-patched - KAV 2011 - user account not administrator (account switch using UAC) - Opera 11.52 up-to-date I was just surfing... Therefore I do believe it is...
Lire la suiteI just found out that one of my NIPS' reports seems pretty clear regarding the daily top alerts: For those who forgot to secure a lil bit their (open)SSH server, time's running... What about that IP address 65.98.36.50? Well, it is the reverse DNS pointer...
Lire la suiteEn navigant sur le web, j'ai eu la surprise de voir KAV 2011 alerter lors de l'accès à un site (trojanedbinaries.com). Voici le message complet : Analysons donc le sens du message , via le nom de la détection : - HEUR pour Heuristique, certainement. -...
Lire la suiteL'échantillon parle de lui-même : L'utilisation d'un compte GMail , comme point de contact pour une promo "Orange" , semble loufoque. Au pire, un Wanadoo aurait déjà pu semer le trouble pour les "nouveaux internautes"... Et le comble, c'est que le message...
Lire la suite
To those who believe russian web tends to be safer, please first read Kaspersky's threat report Q2 2011. (cf. https://www.securelist.com/en/analysis/204792186/IT_Threat_Evolution_Q2_2011 ) Then, have a look at the following. Here is the mail I received...
Lire la suiteCette fois-ci, j'ai préféré ne pas évaluer l'efficience de solutions de sécurité à l'instant T où la menace atteignait le poste, mais quelques temps après... Voici le courriel , assez bien fait d'ailleurs : Thunderbird 64 (Miramar) avait alerté sur un...
Lire la suite