Monthly Archives: July 2012

Windows Registry Downloader

I was having a discussion with a non-security person and the topic turned to dangerous file extensions. He eventually asked how a single “.REG” file launch would be dangerous. Aside from messing up configurations, lowering the system’s or browser’s security, … Continue reading

Posted in Malscript | Tagged , | 1 Comment

Spear-Phish Leads to Cridex

I haven’t seen a spear-phish campaign like this in awhile. This is a rather decent campaign as it contains the recipient’s full name and address. While the email contains some grammar errors, I think this has the potential to fool … Continue reading

Posted in Malicious Email | Tagged , , , , | Leave a comment

Playing Hide and Seek with Malicious Scripts

When I encounter a drive-by download that involves a compromised host, there will usually be a malicious script somewhere on the website. The “malicious script” could be a meta refresh tag, an iframe, an external Javascript file, or even in … Continue reading

Posted in Malscript | Tagged , , , | 3 Comments