Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pa…
Posted in bug, infosec, jboss, jbossas, jmx-console, update, virus, work, worm | Comments Off | permalink
Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pa…
Posted in bug, infosec, jboss, jbossas, jmx-console, update, virus, work, worm | Comments Off | permalink
Most complete research on stuxnet comes from Symantec in a form of their paper called “W32.Stuxnet Dossier”.
Posted in analysis, hacking, infosec, malware, PLC, SCADA, Security, siemens, stuxnet, symantec, virus | Comments Off | permalink
Blog posts from Symantec tagged as ‘stuxnet’ — most current research on the topic usually announced there.
Posted in analysis, infosec, malware, Security, stuxnet, virus | Comments Off | permalink
[some notes on] How to use clamav built-in JIT byte-code interpreter to create new viri signature definitions.
Posted in clamav, infosec, jit, Linux, llvm, virus | Comments Off | permalink
statistical method for detection of statistical malicious javascript, perl implementation.
Posted in evristics, infosec, javascript, Perl, programming, statistics, virus | Comments Off | permalink
awesome paper about business of spam/malware/etc, kinda scary
Posted in business, computer, for:collidr, internet, malware, research, Security, spam, virus | Comments Off | permalink
You are currently browsing the archives for the virus category.
Konstantin Antselovich (c) 2004-2011
powered by WordPress
Entries (RSS)
and Comments (RSS).