The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015

Symantec and Microsoft Eliminated Russian Bamital Botnet

Symantec and Microsoft Eliminated Russian Bamital Botnet

Symantec and Microsoft Corporation experts cooperating with USA government discovered a group of cybercriminals and put their activity to an end. Those criminals used Bamital botnet to control hundreds of thousand computers around the world.

Symantec experts claim to have discovered the botnet in 2009, but it took them almost 4 years to completely eliminate its activity. They said that Microsoft Corporation gave them a hand in this. The server, cut out on February 6, was controlling up to a million computers, which brought criminals about $1 million per year.

According to the reportpublished by Symantec, Bamital botnet infected new systems spreading malicious files through peer-to-peer nets. In 2011 experts spent 6 weeks analyzing one of the Bamital’s C&C servers, and disclosed about 1.8 IP addresses connected to it.

Bamital botnet changed searching results, redirecting users to ads, giving cybercriminals millions of extra clicks on ad banners of certain companies. Furthermore, criminals could install malicious products on infected PCs to hijack users personal data.

When the botnet C&C server was cut out and users that couldnt get connected to Internet were redirected to webpages notifying their computers were infected. They were also offered a free tool to clean up their PCs.

Experts claim the botnet was created in Russia or one of the former Soviet Republics, since downloaded cookie-files contained “yatutuzebil”, meaning Ive been here in Russian.

(c) Naked Security


Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015