Nerds On Site

Day: September 8, 2009

Heads Up – A Fake Firefox Add-on and a Vulnerability in IIS

Spyware comes in many forms, and spyware writers are always looking for new ways to take advantage of the unwary. This one masquerades as a plugin for Firefox. This is not malware of the botnet or password-stealing variety, but is does capture search data – and that is definitely spying. There are still quite a …

Heads Up – A Fake Firefox Add-on and a Vulnerability in IIS Read More »

Botnet profits, SQL Injection, and Realtime Keyloggers

I am often asked by clients about the economics of viruses, spyware, and botnets, so here are a couple articles that may help us all understand the financial incentives of getting malware onto computers: This article provides a little insight into the wold of botmasters. Cisco researchers managed to infiltrate this world by going undercover. …

Botnet profits, SQL Injection, and Realtime Keyloggers Read More »

Updates on the Linux Null Pointer Kernel Vulnerability

This is an issue that affects pretty much all Linux distribution released since 2001 (2.4 and 2.6 kernels). It allows local users with limited privileges to escalate their privileges to root level by initializing a socket or by invoking certain protocols. Exploits are publicly available. This exploit requires local console access and does NOT allow …

Updates on the Linux Null Pointer Kernel Vulnerability Read More »

Scroll to Top