Category Archives: botnet

The Zombie Perspective

Nice article by Dennis Fisher on “The Root of the Botnet Epidemic” at

http://threatpost.com/en_us/blogs/root-botnet-epidemic-113009.

Starting from a historical overview of the situation around the turn of the century, with the first DDoS attacks, Mafiaboy, trinoo, stachedraht and all that, with copious quotes from Joe Stewart and Jose Nazario.

Should be an interesting series.

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/

A Few Interesting Links

Nice commentary by Lysa Myers in SC Magazine. “Facebook’s new wrinkles must be understood”: 

 

 

Since this post is likely to find its way onto several twitter accounts and at least one Facebook page in the next few minutes, point taken. 🙂

Also, a paper drawn to my attention by Jose Nazario, with whom I’ve had animated discussions in the past about whether there’s any value in user education.

http://research.microsoft.com/en-us/um/people/cormac/papers/2009/SoLongAndNoThanks.pdf

Incidentally, I happen to think the answer  is yes, there is some value, and Randy Abrams and I put our point of view into an AVAR paper last year:

http://www.eset.com/download/whitepapers/People_Patching.pdf 

And a paper on botnets I hadn’t noticed before.  “ITU Botnet Mitigation Toolkit”: 

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

 

 

 

 

iBotnet updates

Some updated information posted at http://www.eset.com/threat-center/blog/2009/11/22/ibot-mark-2-go-straight-to-jail-do-not-pass-go and  http://www.eset.com/threat-center/blog/2009/11/23/ibot-revisited-briefly.

Thanks to Mikko, Graham, Duck, and Henk for keeping the information flow going.

Is there still anyone out there with an iPhone or iPod Touch who hasn’t taken remedial action? I suppose so…

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/

iPhone botnet

It seems to me that, like it or not, Apple is moving slowly but remorselessly closer to joining the rest of us in the 21st century threatscape.  Their products may never be subject to the sheer volume of problems (especially malware problems) that we enjoy in the Wonderful World of Windows, but the time when Apple could say with any conviction “we don’t have security issues” is long, long gone.

The iPhone bot is another small but significant step on that road: it demonstrates that the bad guys are paying serious attention.

Blogged at more length at
 http://www.eset.com/threat-center/blog/2009/11/22/ibot-mark-2-go-straight-to-jail-do-not-pass-go

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/