dancho danchev

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Windows 7's default UAC bypassed by 8 out of 10 malware samples

8 out of 10 malware samples tested on Windows 7 with default UAC user access control settings don't trigger a warning. by Dancho Danchev

Tags: Malware, Microsoft Windows 7, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Operating Systems, Microsoft Windows, Software, Dancho Danchev

Blog posts 2009-11-05

Which antivirus is best at removing malware?

According to a comparative review of sixteen antivirus solutions, only a few were successful at completely removing the malware they were tested against. by Dancho Danchev

Tags: Antivirus, Malware, Spyware, Adware & Malware, Viruses And Worms, Cyberthreats, Security, Dancho Danchev

Blog posts 2009-11-05

iHacked: jailbroken iPhones compromised, $5 ransom demanded

Yesterday, a "Your iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your phone right now!" message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from...

Tags: Apple iPhone, SSH, Smart Phones, Consumer Electronics, Personal Technology, Dancho Danchev

Blog posts 2009-11-03

Phishing experiment sneaks through all anti-spam filters

A recently conducted ethical phishing New study details the dynamics of successful phishing experiment impersonating LinkedIn by mailing invitations coming from Bill Gates, has achieved a 100% success rate in bypassing the anti-spam filters it was tested against. The experiment emphasizes on how small-scale spear phishing campaigns...

Tags: Anti-spam, LinkedIn, E-mail, Phishing, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Dancho Danchev

Blog posts 2009-10-29

Spooky Halloween - scareware or crimeware?

With all the "spooky" cybercrime trends taking place on a monthly basis, such as the death of CAPTCHA, the suspicious idleness of the Conficker botnet, the clear presence of government-tolerated and upcoming government-sponsored botnets, the inevitable migration from using malicious infrastructure to entirely relying on legitimate one, followed by the...

Tags: Search Engine Optimization, Campaign, Cybercriminal, Search, Marketing Research, Strategy, Security, Marketing, Management, Dancho Danchev

Blog posts 2009-10-29

New LoroBot ransomware encrypts files, demands $100 for decryption

Researchers from CA have intercepted a new ransomware variant encrypting popular file extensions (.zip; .rar; .pdf; .rtf; .txt; .jpg; .jpeg; .waw; .mp3; .db; .xls; .docx; .xlsx; .doc) and demanding a $100 for the decryption software. According to the message which replaces the desktop's background upon execution, the...

Tags: Decryption, SMS, Text Messaging/SMS/MMS, Telephony, Cellular Phones, Consumer Electronics, Personal Technology, Online Communications, Networking, Dancho Danchev

Blog posts 2009-10-27

Gawker Media tricked into featuring malicious Suzuki ads

A group of cybercriminals have successfully managed to trick Gawker's ad sales team into featuring malicious ads serving Adobe exploits (CVE-2008-2992; CVE-2009-0927) and scareware, by impersonating a legitimate ad agency inquiring about an upcoming Suzuki ad campaign. According to Gawker Media, the malware distributors were one of...

Tags: Advertisement, Gawker Media, Suzuki, Dancho Danchev

Blog posts 2009-10-27

Fake 'Conficker.B Infection Alert' spam campaign drops scareware

An ongoing spam campaign is once again attempting to impersonate Microsoft's security team -- the same campaign was first seen in April -- by mass mailing Conficker.B Infection Alerts (install.zip), which upon execution drop a sample of the Antivirus Pro 2010 scareware. Whereas the theme remains the...

Tags: Infection, Microsoft Corp., Microsoft Windows, Internet, Spyware, Spyware, Adware & Malware, E-mail, Security, Viruses And Worms, Operating Systems, Software, Online Communications, Dancho Danchev

Blog posts 2009-10-19

'Evil Maid' USB stick attack keylogs TrueCrypt passphrases

Security researcher Joanna Rutkowska has released a PoC proof of concept of a keylogger that is capable of logging TrueCrypt's disk encryption passphrase enabling the attacker to successfully decrypt the hard drive's content. Dubbed, the 'evil maid' attack due to its 'plug-and-exploit' functionality requiring 1-2 minutes for...

Tags: Disk, Passphrase, USB, Laptop Computer, Attack, TrueCrypt, Hotel Room, Mobile Proximity Alarm, Notebooks, Security, Hardware, Notebooks & Tablets, Dancho Danchev

Blog posts 2009-10-19

Commonwealth fined $100k for not mandating antivirus software

According to a recently published SEC cease-and-desist order, the Commission has recently fined Commonwealth Financial Network $100,000, for not mandating antivirus software on the computers of its representatives, leading to a security incident which took place in November 2008, allowing the cybercriminal behind the attack to place eighteen unauthorized purchase...

Tags: Software, Electronic Banking, Antivirus Software, Commonwealth Financial Network, Banking, Security, Viruses And Worms, Financial Services, Dancho Danchev

Blog posts 2009-10-19

Does software piracy lead to higher malware infection rates?

Yes it does, at least according to a recently released report by the Business Software Alliance BSA which basically correlates data on the known piracy rates for particular countries and their malware infection rates, using public sources. The rationale behind their claims is fairly simple - users...

Tags: Software Piracy, Patch Management, Malware, Malware Infection Rate, Infection Rate, Patches, Spyware, Adware & Malware, Cyberthreats, Microsoft Windows, Viruses And Worms, Security, Operating Systems, Software, Dancho Danchev

Blog posts 2009-10-14

New Koobface campaign spoofs Adobe's Flash updater

Earlier this week, the botnet masters behind the most efficient social engineering driven botnet, Koobface, launched a new campaign currently spreading across Facebook with a new template spoofing Adobe's Flash updater embedded within a fake Youtube page. The malware campaign is relying on compromised legitimate web sites,...

Tags: Adobe Systems Inc., CAPTCHA, YouTube Inc., Social Engineering, Worm, Gang, Koobface, 0x3E8/youtube/console=yes/, Cyberthreats, Viruses And Worms, Security, Dancho Danchev

Blog posts 2009-10-14

Social engineering tactics of the Koobface botnet

The gang behind the Koobface botnet is periodically updating the template it relies on for infecting new years. Here are some of the most popular ones introduced by the gang throughout the year. by Dancho Danchev

Tags: Social Engineering, Gang, Security, Botnets, Malware, Cybercrime, Koobface, Photos, Screenshots, Dancho Danchev

Image galleries 2009-10-14

Click fraud facilitating Bahama botnet steals ad revenue from Google

Originally exposed as a botnet redirecting and monetizing hijacked traffic to over 200,000 parked domains primarily located in the Bahamas, researchers from ClickForensics have recently found evidence on active DNS hijacking of Google properties allowing cybercriminals to steal revenue from Google by pulling search results and displaying them on a...

Tags: Dancho Danchev

Blog posts 2009-10-08

Weak passwords dominate statistics for Hotmail's phishing scheme leak

The recently leaked accounting data of thousands of Hotmail users -- Gmail has also been affected -- obtained through what appears to be a badly executed phishing campaign, once again puts the spotlight on the how bad password management practices remain an inseparable part of the user-friendly ecosystem. ...

Tags: MSN Hotmail, Password, Phishing, Security, Spam And Phishing, Dancho Danchev

Blog posts 2009-10-06

MS Security Essentials test shows 98% detection rate for 545k malware samples

According to recent tests conducted by AV-Test.org aiming to measure the performance of Microsoft's Security Essentials, the freeware application achieved 98% detection rate for 545k malware samples including viruses, bots, trojan horses, backdoors and Internet worms, also achieving 90.95% detection rate for 14,222 adware/spyware samples it was tested against. ...

Tags: Freeware, Antivirus, Malware, Microsoft Corp., Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Dancho Danchev

Blog posts 2009-10-01

Research: Small DIY botnets prevalent in enterprise networks

Does the size of a botnet really matter? It's all a matter of perspective. Contrary to the “common wisdom” that based on their size, big botnets are theoretically capable of infiltrating a huge percentage of enterprise networks, a recently presented study entitled "My Bots Are Not Yours!...

Tags: Enterprise Network, Espionage, Cyberthreats, Spam, Robots, Viruses And Worms, Security, Spam And Phishing, Emerging Technologies, Dancho Danchev

Blog posts 2009-09-29

Chinese hackers launch targeted attacks against foreign correspondents

According to an assessment published by the Information Warfare Monitor, Chinese hacktivists politically motivated hackers have recently launched a targeted malware attack against foreign news correspondents attempting to trick them into executing a malware-embedded PDF attachment (Interview list.pdf), coming from a non-existent editor working for The Straits Times. ...

Tags: China, Malware, Hacker, Attack, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Dancho Danchev

Blog posts 2009-09-29

Modern banker malware undermines two-factor authentication

Once pitched as an additional layer of security for E-banking transactions, two-factor authentication is slowly becoming an easy to bypass authentication process, to which cybercriminals have successfully adapted throughout the last couple of years. Modern banker malware, also known as crimeware, is now fully capable of bypassing...

Tags: Bank, Two-factor Authentication, Antivirus, Malware, SMS, Cybercriminal, Banker Malware, Zeus, Text Messaging/SMS/MMS, Security Administration, Financial Services, Viruses And Worms, Security, Cellular Phones, Consumer Electronics, Personal Technology, Online Communications, Dancho Danchev

Blog posts 2009-09-23

Scareware scammers hijack Twitter trending topics

Researchers from F-Secure and Sophos are reporting on an ongoing scareware serving campaign abusing the popular micro-blogging service Twitter. Hundreds of tweets using four different URL shortening services are currently spammed through the automatically registered Twitter accounts, relying on a pseudo-random text generation using Twitter's trending topics....

Tags: Twitter Inc., Spamming, Spam, Cyberthreats, Viruses And Worms, Security, Spam And Phishing, Dancho Danchev

Blog posts 2009-09-23