This number of US Veterans have had their personal details stolen in a recent data theft case, reported by the US-CERT.
(more…)

We saw a flurry of new viruses last Friday which gave us a further insight into the methodologies of virus writers (VXers) and exposed the staging ground for a new series of breplibot/brepibot variants.
(more…)

In keeping with our previous article on poor coverage from commercial AV vendors, we performed another comparison of AV systems against our IRCBot-639 Trojan, with interesting results.
(more…)

Bank Holidays?

May has definitely not been as drab and dreary as showery April. Although the overall view of spam, ham and viruses has not altered extremely, it is the breakdown of each of these which is interesting; the amount of ham seen has decreased from last month by ~3%, with spam gaining this percentage. Phishing activity is continually increasing, but we haven’t seen anything of much excitement. It’s also been a while since we have seen a new virus in the wild - but with May we have seen a change - a new virus and its several variants were detected between the middle and end of the month.
(more…)

Some time ago we spoke about a VCard parsing vulnerability in Windows Exchange Servers. This threat was classified as high risk and we monitored for abnormal activities but never detected any targeted attacks.
(more…)

The Football World Cup will see for the first time the use of RFID for the ticketing system of a major event.
(more…)

What is the VBL

The VBL is a virus host blacklist which is provided by the Internet Defence team. The database is a list of all IP addresses from which email containing a virus, or phishing/fraud email, has been sent from. As with the SBL, the identification is an automated process - no user preferences are involved in making the decision about whether an email contains a virus or not. It is an aged database, so no IP’s remain in the database over 3 days, unless the timeout is reset by receiving another virus from the same address.

(more…)