Brian Prince

Malware writers have added new moves to the notorious Mebroot rootkit. The malware also goes by the name Sinowal and Torpig, and made headlines late last year when EMC’s RSA security division found a trove of financial data stolen by attackers. Now, security vendors say a new variant has been armed with functionality designed to […]

Ever wonder how it was that the Conficker worm spread so rapidly even though there was a patch available for the Microsoft vulnerability it exploited? As it turns out, the patch management process is not as straightforward or simple as outsiders might imagine. With that in mind, Microsoft is teaming up with security consulting company […]

While the U.S. economy may have contracted, the RSA Conference has gone the opposite way. The annual security conference has actually expanded to a total of 17 class tracks and 240 sessions. Still, the number of exhibitors is down to about 325 in 2009, Sandra Toms LaPedis, area vice president and general manager of the […]

Symantec Showcases Digital Malware Snapshots for 2009 RSA Conference by Brian Prince Sexdating1 Text/HTML spam started in late 2007 and promoted “adult dating” or “extreme dating”‘ Websites. The content of the spam, and the Website that it links to, is typically sexually explicit. Phishing1 This image depicts a phishing attack, still among the banes of […]

Marshal8e6 has acquired Avinti to add behavior-based malware detection to its repertoire. The acquisition, made for an undisclosed sum, is aimed at helping organizations better deal with the blended threats users face. The purchase comes roughly six months after Marshal and 8e6 Technologies tied the knot to combine their e-mail and Web security gateway products. […]

Microsoft has bundled five critical bulletins into a mammoth April Patch Tuesday release. The release contains a total of eight bulletins, a few of which address vulnerabilities already under attack. Among these are critical bulletins affecting Microsoft Office Excel and text converters for WordPad and Office. MS09-09 touches on two memory corruption vulnerabilities in Excel […]

Trend Micro is talking up a new set of endpoint security technologies it says will cut complexity and improve systems management. At the core of the discussion is Trend Micro’s Endpoint Security Platform, the result of a partnership between the security company and systems management vendor BigFix. In some ways, the platform can be looked […]

Twitter continues to battle a new iteration of a worm that first hit users of the service over the weekend. The worm, dubbed “StalkDaily,” exploits a cross-site scripting vulnerability. It began to spread this weekend, and so far only seems to infect users’ profiles with the goal of propagating. According to its confessed creator, Mikeyy […]

The Rise and Fall of the Srizbi Botnet No Title No Title Birth of a Botnet The first reports of the botnet surfaced in 2007. Srizbi spread through a Trojan deployed by various malware toolkits, most notably MPack. The botnet would spam out messages containing malicious links that would lead to the malware kit. MPack […]

Amazon.com is disputing an account that a hacker was to blame for an error that caused thousands of books to lose their sales ranks over the weekend. According to Amazon.com Director of Corporate Communications Patty Smith, the situation was due to a cataloging error. Smith disputed a supposed confession posted on a LiveJournal discussion group […]