Overblog Tous les blogs Top blogs Technologie & Science Tous les blogs Technologie & Science
Suivre ce blog Administration + Créer mon blog
MENU

Web blog d'un ingénieur en sécurité informatique. IT Security watcher's blog: news, threats analysis, AV issues, PoC, IT security, bugs... Contact: philippe.vialle@wanadoo.fr

Publicité

veille virale

Fake VLC / Windows Media video file (sample)

Fake VLC / Windows Media video file (sample)

To those who still believe that downloading a file from "common downloadZ websites", here is (another?) kindda sample of how dangerous it can be for your computer... First, the video file displays the following message in the Windows Media Player (or...

Lire la suite
Publicité

New fake video/malware related to Obama / Osama spread

New fake video/malware related to Obama / Osama spread

Here is the mail that currently spreads: The link provided does not work itlself. But the real link does: http://noticias. terra.woonet.co.kr/videos/paquistao/terrorismo/osama/05/05/2011/video-proibido-mostra-momento-da-execucao-de-obama-por-agentes-na-operacao.php?0.14094...

Lire la suite

Petit guide de désinfection virale (v1.4) - grand public

A force de lire un petit peu tout et n'importe quoi sur le sujet, je me suis dit que je devrais mettre à profit le retour d'expériences de quelques années de lutte antivirale (notamment désinfection en centre d'assistance). Je vais donc proposer ici un...

Lire la suite

New spam (MSN email), with link pointing to malicious exefile

Just to say that I received a few hours ago a spam , like in the ancient time :), but not in French this time. Here is the link that appears within the body of the email: http://g1.globo.com/sao-paulo/noticia/2011/02/video-em-que-ex-escriva-de-policia-e-despida-em-delegacia-cai-na-internet.html-0.79795...

Lire la suite
Publicité

Warning: ClamWin + MS SQL Server 2000

Hi all, just to say: be very carefull with CamWin running on a Windows Server 2003 (well, yeah that can happen...). You have not only to specify exclusions for the databases themselves, BUT also for the SQL Server binaries! If not, the last updates (for...

Lire la suite

Update your AV... not to detect harmless files...

At the time AV vendors tend to complain about theiir difficulties to maintain a base of malicious software definition (20 millions in 2009, according to Kaspersky?), some people may remember old ideas of creating a "whitelist" of harmless / well known...

Lire la suite

faux courriel de commmande 123radar.fr, avec code viral

faux courriel de commmande 123radar.fr, avec code viral

Je n'ai pas honte de le dire, j'ai failli m'y faire prendre moi-même. Voilà le courriel reçu (e 04/11), faussement émis par 123radar que je connais de nom : L'affichage dans Lanikaï est trompeur : le champ envelope-from est en fait : envelope-from ...

Lire la suite

Nouveau hameçonnage ciblant France Telecom

Nouveau hameçonnage ciblant France Telecom

Je vais rédiger cet article en Français, vu que le message et la cible sont francophones... :) J'ai reçu un message, et j'avoue que moi le premier j'ai failli me faire prendre. Heureusement, je me suis souvenu que j'avais résilié il y a quelques mois...

Lire la suite
Publicité

Clam in the cloud less efficient that regular ClamAV?

Clam in the cloud less efficient that regular ClamAV?

I had recently to deal with a compromised computer. It was though supposed to be protected by a up to date antivirus with real policies. The file has been detected using Spybot S&D: ZBot. It's been a long time ago since I did not find a malware which...

Lire la suite

Fake Google Analytics website hosting current 0day Adobe

Fake Google Analytics website hosting current 0day Adobe

Just after the Adobe and French CERTA advisories, I wanted to talk a lil bit about the website that is said to host the Adobe 0day. Here is Adobe's advisory: http://www.adobe.com/support/security/advisories/apsa10-01.html According to Symantec (see: http://www.symantec.com/business/security_response/writeup.jsp?docid=2010-060601-3020-99,...

Lire la suite