Matthew Hines

A malware researcher with the SANS Internet Storm Center has uncovered a new twist on the fast-flux botnet infrastructure model that could make networks of zombie PCs even harder to take down. For the last several years fast flux has proved to be an efficient technique for botnet herders seeking to insulate their networks of […]

Mobile malware hasn’t materialized to the extent that some experts were predicting it would several years ago, but that doesn’t mean that threats won’t emerge targeting popular handhelds. That’s why it’s interesting to keep tabs on flaws discovered in mobile device infrastructure, such as the Enterprise Server PDF Processing Vulnerability acknowledged by Research In Motion […]

Anti-virus specialist Panda Security has issued a listing of the most unique and unusual malware specimens that its researchers uncovered during the first six months of 2008. And much like the crowd of basement-dwelling, fashion-defying miscreants that likely created many of the code samples, the list is populated by some truly strange and perplexing examples. […]

According to a new report published by experts at security filtering specialist Finjan, the company observed more than 1,000 unique Web site domains serving up the well-publicized Asprox malware attack over the first two weeks of July 2008 alone, including many URLs belonging to some of the world’s most recognizable businesses and institutions. Among the […]

Malware distributors have moved to a new vehicle (think big brown vans) for delivering their wares, tapping into the popularity of overnight giant UPS’ e-mail delivery notifications in an attempt to lure users into taking their bait. Security researchers including those working for AV provider Panda Security highlighted the UPS-themed spam/malware attacks on Tuesday, reporting […]

Following on some interesting vulnerability research in the area by vendors who shall go unnamed for the purpose of avoiding conflicts of interest (ahem…) SCADA security experts Uniloc have published a top 10 list of tips for keeping the systems safe from attacks. This is encouraging stuff, seeing as how not too long ago the […]

Shocking news arrived over the last day from Hawaii, where the body of Webroot founder Steven Thomas was discovered post mortem. Thomas, 36, had apparently run upon some troubled days after being diagnosed with bipolar disorder, and, according to a report in the newswires (UPI), failing to take his medication. He had been missing for […]

DLP vendors (and really any other security and encryption technology providers), take heart: Most IT executives are still uneasy about their ability to keep sensitive corporate data from walking out the door, floating over the transom or being ripped from their grasp by opportunistic cyber-thieves. Or at least data-handling regulations like the PCI DSS standard […]

Researchers at gateway security specialist Secure Computing have identified a new Trojan virus being distributed in the wild via infected multimedia files. First detailed in a report posted to the company’s TrustedSource research blog, Secure Computing experts said the Trojan specifically infects multimedia files stored on a victim’s computer, embedding its content via the ASF […]

Hats off to Google for chipping in a new (free) tool to help Web site builders scour their URLs for potential security vulnerabilities. The tool was first detailed in a blog post July 1 by Michal Zalewski, a highly respected security researcher who has gone to work for the company that aims to “do no […]