Recent Posts
ThreatFire Research Blog
Return To Blog Listing
Blog from the threat research team at Threatfire about computer security.
Recent Posts Tagged With 'software release'
Mebroot Noodles Straightened Out?
It seemed strange when the steady stream of changing, but similar, Mebroot (also known as Sinowal) executables dried up in late July. But alas, the mbr infecting family seems to have simply run out of flour and wheat for their "pasta theory" code, as...
A Recipe for Stealing Biscuits
As Koobface has proven, stealing biscuits can get malware distributors a long ways.Unfortunately, that hasn't helped to drive some of these ultra-popular social networking sites to review the security of their authentication procedures. Another techn...
Underground Marketplace during a Global Recession
As 2009 moves through a worldwide financial crisis, the underground markets continue to thrive.A recent perusal through prices offered various services shows that a user can obtain a private spambot kit for just under $5000, an exploit kit for anothe...
SANS Top 25 Programming Mistakes
The Sans Institute released not only a top 25 list of dangerous programming errors for developers, but resources for developers to understand and eliminate their coding errors as well. It looks like a prioritization and expansion on the exhaustive li...
Microsoft Patch Tuesday 009
We've been anxiously awaiting that first patch of the year, and here we have it:"Vulnerabilities in SMB Could Allow Remote Code Execution".The excitement for this one could be either downplayed or up-played. The MS09-001 patch replaces the patchwork ...
Peach Fuzz
Another open source fuzzing toolkit update was released today, the "Peach Fuzzing Platform v2.0".Fuzz. As in Peach. Ha!Anyways, how does fuzzing effect the security of one's computer? Directly, it does not. Indirectly, it does.Fuzzing an application ...
