Archive

Archive for April, 2009

haxyou? haxed you!

“I am aware of the attack and yes I am behind this attack.” said twitter worm author.  [Read BNO News]

It seems that the author is not happy with the scrutiny/critics and media attention he’s getting now since another variant was spotted again in-the-wild.

“This is what happens to media whores….”  [Seclist FD thread]

Glorifying Bad Behavior

From today’s news “Twitter worm author gets a job at exqSoft Solutions

We often heard this kind of news from celebrities (hollywood stars, sports and social networks like youtube) but not for people commiting cyber crime. This is an alarming trend.

I’ve immediately searched if there’s a psychology research on this area, and here’s interesting info I’ve got:

“adolescents engage in bad behaviour because they find benefits — such as the immediate gratification of peer acceptance — are worth the risks.”  as published in journal Psychological Science.

No doubt, the 17 yrs old Twitter worm/spreader author landed a job. 

In Information Security this is absolutely not acceptable. Imagine an additional attack vector coming from this stream?

Digital Malware Snapshot

I was walking and looking around in an art gallery when fond thoughts came in – I was starring and imagining what if I am in a gallery of  malware digital art collection.  That would be sweet!  A researcher becoming artist by creating visual arts from the virus code.

Interestingly, this week Symantec’s MessageLabs will showcase 20 digital malware snapshot/pictures as part of 2009 RSA Conference.  It seems that my fond thoughts wasn’t far from reality.

malware_snapshot

More images/info published @ http://www.eweek.com/c/a/Security/Symantec-Showcases-Digital-Malware-Snapshots-for-2009-RSA-Conference-164639/

Categories: Daily Thoughts

another misused format

clever

Collab.getIcon()

geticon

Another in-the-wild exploited PDF so better patch!

Further Read:

Adobe Security Bulletin APSB09-04

Recommendation To Avoid this threat

Just For Laugh

I was trying my new pen & notebook (livescribe) when I decided to draw just for laugh.

profilingconficker1

PPT Zero Day

It’s not surprising if we have another zero day in MS office. Evidently, there is a continuous attack on these (Doc, Excel, PPT) file formats .

Just to keep diary, here are references as published days ago:

http://blogs.technet.com/mmpc/archive/2009/04/02/new-0-day-exploits-using-powerpoint-files.aspx

http://blogs.zdnet.com/security/?p=3088

http://blog.trendmicro.com/new-exploit-takes-on-ms-powerpoint/