The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015

Operation b70: Microsoft has the right to take over domains

Operation b70: Microsoft has the right to take over domains

In August 2011 Microsoft began to investigate the claims that pirated software along with malware were installed onto company`s PCs in China. The company sent its employees to buy 10 laptops and 10 desktops from "PC Malls" in various cities in China. It turned out that 4 PCs where infected with malware.

1 of 4 PCs was infected with Nitol virus that installs backdoor used for spam and DDoS attacks and was a part of a botnet hosted at 3322.org. Microsoft further investigation showed that there were around 500 different strains of malware on 70,000 sub-domains.

Microsoft was not successful in approaching the hosting company so it decided to apply to take over the domain through the courts. Microsoft's Digital Crimes Unit asked the Eastern District of Virginia to allow them to disable these domains as part of "Operation b70", and has now been given permission, through a temporary restraining order, to take over control of the 3322.org domain and block the operation of the Nitol botnet and the other malware. As there are legitimate subdomains of 3322.org, Microsoft is filtering access with the help of Nominum, and allowing traffic to them through while blocking access to malicious subdomains.

(c) Naked Security


Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015