Security Hero Rotating Header Image

Posts Tagged ‘Virus’

Adobe Reader / Acrobat and Flash Remote Code Execution

Adobe Reader / Acrobat and Flash Remote Code Execution Summary: Fortinet’s FortiGuard Global Security Research Team investigates a vulnerability in multiple Adobe products through SWF. Impact: Remote Code Execution. Affected Software: Adobe Reader and Acrobat 9.1.2 and earlier 9.x versions Adobe Flash Player and and earlier 9.x and 10.x versions Solutions: The FortiGuard [...]

Its summer…Do you know what your kids are doing?, (Fri, May 29th)

Its summer…Do you know what your kids are doing?, (Fri, May 29th) School is over or about to be over for many kids. With that comes many families whose parents work and kids will be left at home to relax and enjoy their summer vacation. This means alot of free time and an internet out [...]


4116 BAT/Qhost.NBP (2), INF/Autorun (3), PDF/Exploit.Pidief.ONM, PDF/Exploit.Pidief.ONN (2), PDF/Exploit.Pidief.ONO, PDF/Exploit.Pidief.ONP (2), Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (4), Win32/Adware.InternetAntivirus, Win32/Adware.PersonalAntivirus, Win32/Adware.SpywareRemover, Win32/Adware.SystemSecurity (18), Win32/Agent.PMR (2), Win32/Agent.WPI, Win32/AntiAV.AZQ, Win32/AntiAV.NAO (2), Win32/AutoRun.ABH, Win32/AutoRun.ADR (2), Win32/AutoRun.FakeAlert.BR, Win32/AutoRun.FakeAlert.M, Win32/AutoRun.VB.CN (2), Win32/Bagle.RG, Win32/Delf.NSQ (3), Win32/Dialer.NHQ (3), Win32/Dialer.NHR (3), Win32/FlyStudio.NMJ, Win32/FlyStudio.NMK, Win32/Hupigon.NPD, Win32/Injector.PK, Win32/IRCBot.ADZ, Win32/Koobface.NBG (2), Win32/Koutodoor.AB, Win32/Koutodoor.AD, Win32/Koutodoor.AE (4), Win32/Koutodoor.G, Win32/Kryptik.QY, Win32/Olmarik.GW (2), Win32/Olmarik.HG [...]

Microsoft DirectShow Remote Code Execution Vulnerability

Microsoft DirectShow Remote Code Execution Vulnerability Summary: Fortinet’s FortiGuard Global Security Research Team investigates a vulnerability in Microsoft DirectX (DirectShow) through a specially crafted QuickTime media file. Impact: Remote Code Execution. Affected Software: DirectX 7.0 on Microsoft Windows 2000 Service Pack 4 DirectX 8.1 on Microsoft Windows 2000 Service Pack 4 DirectX 9.0 on Microsoft [...]

Advanced Two-Way Firewall for Mac OS X unveiled

Advanced Two-Way Firewall for Mac OS X unveiled ProteMac has announced ProteMac NetMine 1.2, their network firewall for Mac OS X. ProteMac NetMine intercepts all network activity traveling from and to your Mac and from every an application of your Mac. NetMine firewall can prevent all unwanted outside and inside traffic from reaching protected machines. [...]


4114 IRC/SdBot, Win32/Adware.Coolezweb (5), Win32/Adware.InternetAntivirus, Win32/Agent.WPI, Win32/AutoRun.Autoit.P, Win32/AutoRun.Delf.CB (2), Win32/AutoRun.IRCBot.AM (2), Win32/BHO.NLG, Win32/Kryptik.QW, Win32/Olmarik.HG (4), Win32/PSW.YahooPass.AF, Win32/Spy.Webmoner.NBN, Win32/Spy.Zbot.CK, Win32/TrojanClicker.Delf.NBA, Win32/TrojanClicker.Delf.NDS, Win32/TrojanClicker.Delf.NFC, Win32/TrojanDownloader.Adload.FIB (2) URL:


4113 BAT/Agent.NBW, PDF/Exploit.Pidief.ONK, Win32/Adware.Antivirus2008 (2), Win32/Adware.Coolezweb (2), Win32/Adware.InternetAntivirus (5), Win32/Adware.SystemSecurity (4), Win32/Agent.NXT, Win32/Agent.PHC, Win32/Agent.PKT (2), Win32/Agent.WPI (4), Win32/AutoRun.Agent.OG, Win32/AutoRun.Agent.OH, Win32/AutoRun.Agent.OI, Win32/AutoRun.FakeAlert.AF (3), Win32/AutoRun.KS, Win32/AutoRun.VB.DQ, Win32/Boberog.AC, Win32/Dialer.NHP (2), Win32/Hupigon.NPB, Win32/Hupigon.NPC, Win32/Injector.PH, Win32/Injector.PI, Win32/IRCBot.ADZ (2), Win32/KeyLogger.BitLogic, Win32/NetPass (2), Win32/Obfuscated.NCY, Win32/Olmarik.HG (4), Win32/Poebot, Win32/Prosti.NCL (2), Win32/PSW.LdPinch.NJG, Win32/PSW.WOW.NKO (2), Win32/PSW.YahooPass.NAD (2), Win32/PSWTool.IEPassView.NAD, Win32/PSWTool.MailPassView.150, Win32/PSWTool.PassFox.111 (2), Win32/Rustock.NIH, Win32/Rustock.NIK, Win32/Sohanad.BM, Win32/Sohanad.NEJ, [...]


4110 BAT/TrojanDownloader.Ftp.NDM, BAT/TrojanDownloader.Ftp.NDN, IRC/SdBot (2), PDF/Exploit.Pidief.ONF, Win32/Adware.AntiVirus1, Win32/Adware.Antivirus2008, Win32/Adware.AntivirusPlus (2), Win32/Adware.BHO.NCX, Win32/Adware.MySideSearch, Win32/Adware.NaviPromo (2), Win32/Adware.PersonalAntivirus (2), Win32/Adware.PrivacyComponents, Win32/Adware.UltraAntivirus2009 (3), Win32/Adware.Virtumonde (2), Win32/Adware.WinPCDefender, Win32/Agent.DKR (2), Win32/Agent.PGA, Win32/Agent.PKT, Win32/Agent.PMI (3), Win32/AntiAVNAK (2), Win32/Autoit.FV (2), Win32/AutoRun.FlyStudio.KC, Win32/AutoRun.IRCBot.AK, Win32/AutoRun.KS, Win32/AutoRun.VB.CX (2), Win32/AutoRun.VB.DP (2), Win32/Bagle.RD, Win32/BHO.NOR, Win32/Delf.ODU, Win32/Delf.OJB, Win32/Dialer.NAD, Win32/Hupigon.NOU, Win32/KillAV.NDT (4), Win32/KillProc.NAF, Win32/Kryptik.QR, Win32/Kryptik.QS, Win32/Mebroot.BL, Win32/Mebroot.BM (2), Win32/Mebroot.BN (2), [...]

Host file black lists , (Wed, May 27th)

Host file black lists , (Wed, May 27th) Henry Hertz Hobbit who maintains a black list of bad hosts wrote in today with some host file links and comments on them. I have included most of his comments with very little editing (I removed a few names and comments about other list maintainers and corrected [...]


4109 IRC/SdBot, Win32/Adware.AdvancedCleaner (3), Win32/Adware.BHO.NCG, Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (2), Win32/Adware.PersonalAntivirus.AA, Win32/Adware.PersonalAntivirus.AB, Win32/Adware.SystemSecurity.AA (2), Win32/Adware.Virtumonde, Win32/Adware.WinPCDefender (2), Win32/Adware.WSearch, Win32/Agent.PME, Win32/Agent.PMF, Win32/Agent.PMG (6), Win32/Agent.PMH (2), Win32/AntiAV.NAK, Win32/AutoRun.Autoit.P, Win32/BHO.NOS, Win32/BHO.NPJ, Win32/BHO.TBL (2), Win32/Bifrose.ADR, Win32/Delf.OJA (2), Win32/Flyagent.NAV (2), Win32/Flyagent.NAW (2), Win32/FlyStudio.NMH, Win32/Injector.PB, Win32/Injector.PC, Win32/Koutodoor.AB (3), Win32/Koutodoor.G, Win32/Kryptik.QO, Win32/Kryptik.QP, Win32/Mebroot.BL, Win32/Merond.P (2), Win32/Olmarik.GW, Win32/Olmarik.HG (2), Win32/Popwin.NBI, Win32/PSW.OnLineGames.NMY, Win32/PSW.OnLineGames.OKB (3), Win32/PSW.QQPass.NEH (4), [...]


4108 IRC/SdBot (2), SWF/Exploit.Agent.AB (2), Win32/Adware.Antivirus2008, Win32/Adware.BHO.NCX, Win32/Adware.SpywareProtect2009 (2), Win32/Adware.XPGuard, Win32/Agent.PIS, Win32/Agent.PIX, Win32/AutoRun.Agent.IE (3), Win32/AutoRun.FlyStudio.KB, Win32/AutoRun.VB.CD, Win32/Delf.NHH, Win32/Injector.MB, Win32/Injector.MC, Win32/Injector.MD, Win32/Injector.NV, Win32/IRCBot.ADZ, Win32/Koutodoor.AB (4), Win32/Koutodoor.G, Win32/Kryptik.QN, Win32/Lanc.A, Win32/Pacex.Gen (2), Win32/PSW.OnLineGames.OIX, Win32/PSW.YahooPass.NAD, Win32/StartPage.BR, Win32/TrojanClicker.Agent.NGS (2), Win32/TrojanDownloader.Agent.OXU, Win32/TrojanDownloader.Agent.OYU, Win32/TrojanDownloader.Banload.OOC, Win32/TrojanDownloader.Banload.OOP, Win32/TrojanDownloader.Bredolab.AA (2), Win32/TrojanDownloader.Delf.ORH, Win32/TrojanDownloader.Small.OKW (2), Win32/TrojanDownloader.VB.NWO, Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDropper.Agent.NSS, Win32/TrojanProxy.Small.NCA, Win32/Wigon.KU URL:

Facebook sued by user over virus

Facebook sued by user over virus A Florida librarian and activist has filed a civil lawsuit against Facebook alleging that the social network failed to adequately protect users from a virus. Theodore Karantsalis, of Miami Springs, Fla., is seeking $70.50 from Facebook in the lawsuit, which was filed a week ago in Miami-Dade county court. [...]


4107 BAT/Qhost.NBP (2), Win32/Adware.PersonalAntivirus (3), Win32/Adware.SystemSecurity (3), Win32/Adware.SystemSecurity.AA, Win32/Adware.WinPCDefender (6), Win32/Agent.CCWW, Win32/Agent.NYJ (2), Win32/Agent.PMD, Win32/AutoRun.ABH (4), Win32/AutoRun.FakeAlert.AF, Win32/AutoRun.FlyStudio.KA, Win32/Delf.NSE, Win32/Injector.PA, Win32/Koobface.NBG (2), Win32/Kryptik.QM, Win32/Qhost, Win32/Spy.Banker.QQJ (3), Win32/Spy.Webmoner.NBR (3), Win32/Spy.Zbot.JF, Win32/TrojanDownloader.Agent.OZA, Win32/TrojanDownloader.DelfOTP, Win32/TrojanDownloader.Small.NZM, Win32/TrojanDropper.Agent.OBC URL:


4106 BAT/Agent.NBV (2), INF/Autorun, Win32/Adware.PersonalAntivirus, Win32/Adware.SystemSecurity, Win32/Adware.SystemSecurity.AA, Win32/Adware.WinPCDefender (2), Win32/Agent.CIHM, Win32/Agent.NYI (6), Win32/Agent.PLZ (2), Win32/Agent.PMA, Win32/Agent.PMB (3), Win32/Agent.PMC, Win32/Autoit.AG, Win32/BHO.NOR, Win32/Buzus.AZGJ, Win32/Daonol.B, Win32/Daonol.C, Win32/Delf.NFV (2), Win32/Delf.ODU, Win32/Delf.OIY, Win32/Delf.OIZ (2), Win32/FlyStudio.NMG (2), Win32/Hupigon.NOY (2), Win32/Koutodoor.AA (3), Win32/Koutodoor.G, Win32/Kryptik.QK, Win32/Kryptik.QL, Win32/Olmarik.GW (2), Win32/Olmarik.HG (4), Win32/Rootkit.Ressdt.NBO, Win32/SpamTool.Agent.NCL, Win32/Spy.Agent.NNS, Win32/Spy.Banbra.NPQ, Win32/Spy.Banker.QNJ, Win32/Spy.KeyLogger.ME (4), Win32/Spy.VB.NDV, Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.NJ, Win32/Spy.Zbot.RI, Win32/Spy.Zbot.RJ, [...]

New cscope packages fix arbitrary code execution

[SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution <!– Envelope-to: email@address Delivery-date: Mon, 25 May 2009 17:47:31 +0100 Received: from ([] by with esmtp (Exim 4.43) id 1M8dKl-0000wJ-NC for email@address; Mon, 25 May 2009 17:47:31 +0100 Received: from ( []) by (Postfix) with QMQP id C8835144259; Mon, 25 [...]

Bad Behavior has blocked 352 access attempts in the last 7 days.