SysProt AntiRootkit v1.0.0.7 released!

42
vote

Here's a quick update on SysProt AntiRootkit. Various improvements were made in SSDT hook detection and hidden files scanning feature. And as a result, here's the latest release - SysProt AntiRootkit v1.0.0.7.

Download SysProt AntiRootkit v1.0.0.7 from MajorGeeks. Your feedback is welcome :)

Supported operating systems: Windows 2000/XP/2003 32 bit.

SysProt AntiRootkit v1.0.0.6 released!

56
vote

Here comes the latest version of SysProt AntiRootkit, with various improvements over the previous version. Following list summarizes the improvements in SysProt AntiRootkit v1.0.0.6:

  • Improved hidden drivers and services detection
  • Improved driver/service disabling feature
  • Improved process killing mechanisms
  • Added DLLs view for processes (double-click on a process to see loaded DLLs)
  • Brand new hidden and locked files/folder scanning
  • Color coded display (hidden items are displayed in red color)
     read more »

Sophos sees increase in malicious email attachments

76
vote

Spam using malicious attachments and social engineering techniques are targeting computer users in rising numbers, according to security vendor Sophos.

Community banks to increase security spending, survey finds

75
vote

Smaller banks place a priority on protecting customer data and plan to spend more on security technology, according to a new survey.

Security flaw exposes Google G1 phone to attacks

71
vote

If you’re planning to bring a new smartphone to market anytime soon, you might want to check with the guys at Independent Security Evaluators first. For the second time in about 15 months, ISE researchers have discovered a security flaw in the operating system of a high-profile smartphone, this time it’s a vulnerability in the [...]  read more »

Fake DivX codec

Tagged:  
78
vote

Here's a new Zlob fake codec variant, which touts itself as DivX codec. The dropper is named as DivXCodecPKG.7.exe and is hosted at http://softawe-download-forpc.com (66.232.126.78). Whois information for this domain can be found here.  read more »

Trojan exploiting Microsoft RPC flaw

54
vote

A new Trojan exploiting the Microsoft RPC flaw propagates automatically through networks and finds cached passwords.

Microsoft releases Windows patch to stop worm attack

68
vote

Microsoft issued an out of cycle update, plugging a dangerous hole that could be used to craft a worm attack.

Microsoft to release urgent security patch

65
vote

Microsoft said it plans to release a critical security update out of its normal patching cycle to plug a hole that affects Windows 2000, XP, and Windows Server 2003.

IBM issues updates to fix serious DB2 flaws

63
vote

IBM released updates for its DB2 database management system, fixing a variety of flaws that could be exploited by hackers to bypass security controls.

Cisco warns of security appliance flaws

59
vote

Cisco Systems warned customers Wednesday that its Adaptive Security and PIX Security appliances contained flaws affecting the security of VoIP and VPN connections.

Alcatel-Lucent's 3G laptop security card goes international

65
vote

The new Laptop Guardian tracks the location of lost or stolen laptops and gives IT pros the ability to wipe the hard drive remotely.

Penetration tester explains secrets to accessing corporate systems

64
vote

Penetration tester Chris Nickerson talks about the fun of penetration tests, the risks of outsourcing and unveils how ethical hacking helps companies with risk assessments.

IT security pros focus on internal threats during tough economy

61
vote

Layoffs, mergers and acquisitions are forcing some IT security pros to look closely at the internal threats posed by disgruntled employees and mishandled data.

The RPC Worm Victim List.

Tagged:  
62
vote

An RPC worm is currently active and running based upon NamedPipes abuse as seen in the advisory from Microsoft. It's extremely important to patch any Windows machine you have under your control, because when RPC and NamedPipes are enabled you are in for one hell of a ride. A moment ago I discovered the list of affected host that are compromised by the RPC Worm. I'll post it here, so anyone can see which hosts are vulnerable.  read more »

Trojan exploiting MS08-067 RPC vulnerability

64
vote

There are reports emerging Friday morning of a new Trojan exploiting the MS08-067 RPC vulnerability in Windows that Microsoft patched with an emergency fix yesterday. Known as Gimmiv.A, the Trojan propagates automatically through networks, and also installs a number of small programs on compromised machines. But its most worrisome capability is a feature that enables [...]  read more »

Microsoft RPC flaw could be worm bait

62
vote

The vulnerability that Microsoft patched today with an out-of-band patch is about as serious as they come, allowing remote code execution on every supported version of Windows. The rare emergency patch–which is the first Microsoft has issued since early 2007–was prompted by the fact that the company has been seeing targeted attacks against the vulnerability [...]  read more »

Syndicate content