Comments for MW-Blog http://www.teamfurry.com/wordpress About malware, packers and reverse engineering Sat, 13 Mar 2010 10:41:07 +0000 http://wordpress.org/?v=2.2.3 Comment on On TOR by Privatsphäre mit TOR « KOPIS.DE http://www.teamfurry.com/wordpress/2007/11/19/on-tor/#comment-337 Privatsphäre mit TOR « KOPIS.DE Wed, 10 Mar 2010 11:01:44 +0000 http://www.teamfurry.com/wordpress/2007/11/19/on-tor/#comment-337 [...] weiß, es ist nicht mehr taufrisch – sogar heise berichtet schon drüber – aber ich möchte auch noch [...] […] weiß, es ist nicht mehr taufrisch – sogar heise berichtet schon drüber – aber ich möchte auch noch […]

]]> Comment on Under the Hood: Virut by information security http://www.teamfurry.com/wordpress/2007/02/15/under-the-hood-virut/#comment-336 information security Thu, 04 Mar 2010 07:26:12 +0000 http://www.teamfurry.com/wordpress/2007/02/15/under-the-hood-virut/#comment-336 <strong>information security...</strong> Einige sind der Ansicht, dass es sich mit dem Thema zu beschaeftigen wenig lohnt, da der Informationsmarkt hierueber bereits recht ueberlaufen sei, Es laesst sich wahrlich nur recht selten auf etwas wriklich Gutes dabei zu treffen. Trotzdem kann sich d... information security…

Einige sind der Ansicht, dass es sich mit dem Thema zu beschaeftigen wenig lohnt, da der Informationsmarkt hierueber bereits recht ueberlaufen sei, Es laesst sich wahrlich nur recht selten auf etwas wriklich Gutes dabei zu treffen. Trotzdem kann sich d…

]]> Comment on On TOR by Christians Blog » Blog Archive » Spy Tor Exit Node 2 http://www.teamfurry.com/wordpress/2007/11/19/on-tor/#comment-335 Christians Blog » Blog Archive » Spy Tor Exit Node 2 Sun, 17 Jan 2010 18:49:29 +0000 http://www.teamfurry.com/wordpress/2007/11/19/on-tor/#comment-335 [...] MW-Blog, das sich mit Malware & Co. beschäftigt, gibt’s einen interessanten Artikel über die [...] […] MW-Blog, das sich mit Malware & Co. beschäftigt, gibt’s einen interessanten Artikel über die […]

]]> Comment on TOR exit-node doing MITM attacks by Sniffing/MITM attacks on the Tor network | Chucks Blog http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-334 Sniffing/MITM attacks on the Tor network | Chucks Blog Mon, 14 Sep 2009 00:38:52 +0000 http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-334 [...] and does not make you more secure by using it. If you use tor with encrypted protocols and avoid fake SSL certificates then you should be fine. However, if you use a plain text protocol such as HTTP, you are pretty much [...] […] and does not make you more secure by using it. If you use tor with encrypted protocols and avoid fake SSL certificates then you should be fine. However, if you use a plain text protocol such as HTTP, you are pretty much […]

]]> Comment on Under the Hood: Virut by laptop dead - Help2Go http://www.teamfurry.com/wordpress/2007/02/15/under-the-hood-virut/#comment-333 laptop dead - Help2Go Mon, 24 Aug 2009 18:19:19 +0000 http://www.teamfurry.com/wordpress/2007/02/15/under-the-hood-virut/#comment-333 [...] spreading so trying to contain it is impossible. See this article on why it is so destructive. Under the Hood: Virut If you do try to repair this without reformatting then your best chance is using the Avira AntiVir [...] […] spreading so trying to contain it is impossible. See this article on why it is so destructive. Under the Hood: Virut If you do try to repair this without reformatting then your best chance is using the Avira AntiVir […]

]]> Comment on zxarps by Old Chinese Hack Tool Used for New Tricks « O24 – One Step Ahead http://www.teamfurry.com/wordpress/2007/08/29/zxarps/#comment-331 Old Chinese Hack Tool Used for New Tricks « O24 – One Step Ahead Wed, 20 May 2009 05:59:53 +0000 http://www.teamfurry.com/wordpress/2007/08/29/zxarps/#comment-331 [...] most malware we see these days, ZXArps (which dates back to 2006, and was discovered by the English-speaking security community the following year) isn’t designed to perform a single task. It’s more like a Swiss Army knife, [...] […] most malware we see these days, ZXArps (which dates back to 2006, and was discovered by the English-speaking security community the following year) isn’t designed to perform a single task. It’s more like a Swiss Army knife, […]

]]> Comment on zxarps by Old Chinese Hack Tool Used for New Tricks « Webroot Threat Blog http://www.teamfurry.com/wordpress/2007/08/29/zxarps/#comment-330 Old Chinese Hack Tool Used for New Tricks « Webroot Threat Blog Thu, 14 May 2009 20:01:15 +0000 http://www.teamfurry.com/wordpress/2007/08/29/zxarps/#comment-330 [...] most malware we see these days, ZXArps (which dates back to 2006, and was discovered by the English-speaking security community the following year) isn’t designed to perform a single task. It’s more like a Swiss [...] […] most malware we see these days, ZXArps (which dates back to 2006, and was discovered by the English-speaking security community the following year) isn’t designed to perform a single task. It’s more like a Swiss […]

]]> Comment on Botnet running on MIPS CPU devices. by Psyb0t Evolves, Targets Unprotected Linux Mipsel Routers | google android os blog http://www.teamfurry.com/wordpress/2009/03/23/botnet-running-on-mips-cpu-devices/#comment-329 Psyb0t Evolves, Targets Unprotected Linux Mipsel Routers | google android os blog Wed, 25 Mar 2009 19:26:06 +0000 http://www.teamfurry.com/wordpress/2009/03/23/botnet-running-on-mips-cpu-devices/#comment-329 [...] now appears to have returned, and evolved into a new beast, PSYB0T 2.9L, and it affects more than Netcomm NB5 devices. Approximately 30 Linksys devices, 10 Netgear models, and 15 other models and brands of DSL modems [...] […] now appears to have returned, and evolved into a new beast, PSYB0T 2.9L, and it affects more than Netcomm NB5 devices. Approximately 30 Linksys devices, 10 Netgear models, and 15 other models and brands of DSL modems […]

]]> Comment on Microsoft published a $250000 bounty on Downadup/Conficker by Microsoft назначил награду за создателя вируса | Моя газета http://www.teamfurry.com/wordpress/2009/02/12/microsoft-published-a-250000-bounty-on-downadupconficker/#comment-326 Microsoft назначил награду за создателя вируса | Моя газета Wed, 04 Mar 2009 14:57:49 +0000 http://www.teamfurry.com/wordpress/2009/02/12/microsoft-published-a-250000-bounty-on-downadupconficker/#comment-326 [...] MW-Blog » Blog Archive » Microsoft published a $250000 bounty on … [...] […] MW-Blog » Blog Archive » Microsoft published a $250000 bounty on … […]

]]> Comment on Illusion - Now you see me, now you don’t by DDoS attack against abuse.ch | abuse.ch http://www.teamfurry.com/wordpress/2007/10/16/illusion-now-you-see-me-now-you-dont/#comment-324 DDoS attack against abuse.ch | abuse.ch Sat, 14 Feb 2009 11:51:54 +0000 http://www.teamfurry.com/wordpress/2007/10/16/illusion-now-you-see-me-now-you-dont/#comment-324 [...] Source: MWBlog: “Illusion - Now you see me, now you don’t” [...] […] Source: MWBlog: “Illusion - Now you see me, now you don’t” […]

]]> Comment on Under the Hood: Virut by Virut - Personal Reflections « Of Bytes and Badges http://www.teamfurry.com/wordpress/2007/02/15/under-the-hood-virut/#comment-323 Virut - Personal Reflections « Of Bytes and Badges Thu, 12 Feb 2009 00:39:02 +0000 http://www.teamfurry.com/wordpress/2007/02/15/under-the-hood-virut/#comment-323 [...] unleashed) back in 2007, an excellent write-up of the virus’s initial strain can be found here. Just ignore the domain name and you’ll appreciate some serious disassembly and analysis. [...] […] unleashed) back in 2007, an excellent write-up of the virus’s initial strain can be found here. Just ignore the domain name and you’ll appreciate some serious disassembly and analysis. […]

]]> Comment on TOR exit-node doing MITM attacks by Disculpen las Molestias » 2. Cifrado http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-322 Disculpen las Molestias » 2. Cifrado Wed, 14 Jan 2009 22:00:13 +0000 http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-322 [...] Lo peligroso que puede resultar usarlas sin informarse antes, y es que si bien se garantiza el anonimato dentro de la red, es posible capturar la información desde los nodos de salida a Internet. [...] […] Lo peligroso que puede resultar usarlas sin informarse antes, y es que si bien se garantiza el anonimato dentro de la red, es posible capturar la información desde los nodos de salida a Internet. […]

]]> Comment on Zeus/Wsnpoem/Zbot targets by Zero Day mobile edition http://www.teamfurry.com/wordpress/2008/11/04/zeuswsnpoemzbot-targets/#comment-321 Zero Day mobile edition Fri, 05 Dec 2008 15:37:09 +0000 http://www.teamfurry.com/wordpress/2008/11/04/zeuswsnpoemzbot-targets/#comment-321 [...] - that modern banker malware is no longer exclusively targeting a particular E-banking site, but is targeting all of them simultaneously. "The Trusteer Attack Trace search engine allows IT professionals to submit their organization's [...] […] - that modern banker malware is no longer exclusively targeting a particular E-banking site, but is targeting all of them simultaneously. “The Trusteer Attack Trace search engine allows IT professionals to submit their organization’s […]

]]> Comment on TOR exit-node doing MITM attacks by TOR Proxy network under heavy fire for MITM attacks http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-319 TOR Proxy network under heavy fire for MITM attacks Sat, 22 Nov 2008 06:38:43 +0000 http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-319 [...] password and other sensitive information is possibly being snared by a hacker. In the following posting the gatherer is from [...] […] password and other sensitive information is possibly being snared by a hacker. In the following posting the gatherer is from […]

]]> Comment on New worm on the loose by Secure San Diego » Patch Or Die http://www.teamfurry.com/wordpress/2008/10/24/new-worm-on-the-loose/#comment-317 Secure San Diego » Patch Or Die Sun, 02 Nov 2008 20:06:21 +0000 http://www.teamfurry.com/wordpress/2008/10/24/new-worm-on-the-loose/#comment-317 [...] Another Good Entry - Team Furry [...] […] Another Good Entry - Team Furry […]

]]> Comment on TOR exit-node doing MITM attacks by OpenSSL für gesamten Domain-Namespace sinnvoll - sharkBLOG http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-314 OpenSSL für gesamten Domain-Namespace sinnvoll - sharkBLOG Fri, 01 Aug 2008 21:35:59 +0000 http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-314 [...] sich führen, da sonst man-in-the-middle möglich wäre (was z.B. bei Tor schon gang und gäbe ist: tor ssl man-in-the-middle). Hinzu kommt noch, dass ältere PCs ein bisschen länger brauchen (Schlüssel aushandeln, Daten [...] […] sich führen, da sonst man-in-the-middle möglich wäre (was z.B. bei Tor schon gang und gäbe ist: tor ssl man-in-the-middle). Hinzu kommt noch, dass ältere PCs ein bisschen länger brauchen (Schlüssel aushandeln, Daten […]

]]> Comment on TOR exit-node doing MITM attacks by Wi-Fi security for road warriors: On-line banking | Network Administrator | TechRepublic.com http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-305 Wi-Fi security for road warriors: On-line banking | Network Administrator | TechRepublic.com Fri, 02 May 2008 04:24:37 +0000 http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-305 [...] option: I would use an IronKey device to setup a TOR-like SSL session with known (known is important) IronKey TOR servers. Then I would login to the bank’s web server using the log on web page. [...] […] option: I would use an IronKey device to setup a TOR-like SSL session with known (known is important) IronKey TOR servers. Then I would login to the bank’s web server using the log on web page. […]

]]> Comment on TOR exit-node doing MITM attacks by Volker noch immer in Macao http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-289 Volker noch immer in Macao Mon, 28 Jan 2008 07:22:20 +0000 http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-289 <strong>Playing with TOR...</strong> I've been playing with TOR again lately, and a but more carefully because the last time I tried michaelw got banned from IRC because of the exit server :-D It seems the crooks are really running it themselves these days. This is a "conversa... Playing with TOR…

I’ve been playing with TOR again lately, and a but more carefully because the last time I tried michaelw got banned from IRC because of the exit server :-D

It seems the crooks are really running it themselves these days. This is a “conversa…

]]> Comment on TOR exit-node doing MITM attacks by Anonymity with TOR and its limits | Perimeter Grid http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-278 Anonymity with TOR and its limits | Perimeter Grid Mon, 10 Dec 2007 22:32:04 +0000 http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-278 [...] a virus or Trojan.)  This actually happens; Bruce Schneier linked to some logs of a TOR exit node trying to carry out a MitM on an SSL session.  So while TOR protects your anonymity, it may actually risk your privacy — it’s very [...] […] a virus or Trojan.)  This actually happens; Bruce Schneier linked to some logs of a TOR exit node trying to carry out a MitM on an SSL session.  So while TOR protects your anonymity, it may actually risk your privacy — it’s very […]

]]> Comment on TOR exit-node doing MITM attacks by foobla - das Weblog von Norbert Wigbels » Blog Archive » Wenn Kaspertruppen für Anonymität kämpfen… http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-273 foobla - das Weblog von Norbert Wigbels » Blog Archive » Wenn Kaspertruppen für Anonymität kämpfen… Fri, 07 Dec 2007 08:23:05 +0000 http://www.teamfurry.com/wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/#comment-273 [...] 2 und [...] […] 2 und […]

]]>