by Alex Eckelberry | Aug 30, 2008 | Uncategorized
If you’re interested in forensics or log file analysis, Dave Kleiman has posted some useful information on using Microsoft’s Log Parser in forensics. As Dave says:What is Log Parser? Microsoft’s Log Parser is perhaps the most underutilized and unknown tool for...
by Alex Eckelberry | Aug 28, 2008 | Uncategorized
Lots of pages over at the Calumet Township Trustee’s Office, redirect to pages pushing XP Antivirus. Alex Eckelberry
by Alex Eckelberry | Aug 28, 2008 | Uncategorized
From Brian Krebs today:The portions of Atrivo most heavily used by RBN were Hostfresh — which provides routing for Atrivo through Hong Kong and China — and UkrTeleGroup (also known as Inhoster) out of Ukraine. These two networks remain core components of...
by Alex Eckelberry | Aug 28, 2008 | Uncategorized
Follow-up from my blog post yesterday on SWF files being used in spam: One researcher has shared with me a little over 800 SWF files on ImageShack, all pushing malware. I did a quick spot check and many of these are still live. I have been told that ImageShack...
by Alex Eckelberry | Aug 28, 2008 | Uncategorized
Total Secure 2009 is a new rogue security product from IEDefender familyThe Trojan from the site Getneededsoftware. com installs a malicious BHO which is responsible for advertising the new rogue productO2 – BHO: RupTool –...