Tuesday, April 26, 2011

New Version of Stuxnet 'Stars' Reported

Just read few news today that says new version of stuxnet has been appeared in Iran. At this moment I can't find any sample related to the new stuxnet v2 with codenamed 'Stars'. This news still remain unclear and could be another rumors or just another version of another malware. More update will be available soon.

UPDATES (1 MAY 2011):
After being investigated from most resources, I was unable to find the sample and strong news about related story. At this moment, I just consider that it is a hoax.

News related:

Thursday, April 14, 2011

The 5th annual Counter-eCrime Operations Summit (CeCOS V)

The fifth annual Counter-eCrime Operations Summit (CeCOS V) will engage questions of operational challenges and the development of common resources for the first responders and forensic professionals who protect consumers and enterprises from the ecrime threat every day. This year's meeting will focus on the development of response paradigms and resources for counter-ecrime managers and forensic professionals. Presenters will proffer case studies of national and regional economies under attack, narratives of successful trans-national forensic cooperation as well as models for cooperation and unified response against ecrime and data resources for forensic activities.


The program will be spread across a three-day conference event on April 27, 28 and 29 in Kuala Lumpur, Malaysia at the Crown Plaza Hotel. The APWG believes under-appreciated operational issues are important enough to be the focus of a conference dedicated exclusively to them. They're often talked about as sidelights but rarely addressed directly as an organizational imperative for the entire counter-ecrime community. CeCOS V makes those operational issue the central focus of the program for the benefit of all ecrime fighters.




Tuesday, April 5, 2011

Zeus source code leaked

Just read the news today that the Zeus source code has been made public and can be downloaded by anyone. Luckily that the RARed file is password protected and prevent malicious people from using it as the code was written in Visual C++ (probably VC++ 2005 - 2010) and PHP and easy to  compile it. The source code is already made public around couple of weeks ago and probably sold by the malware author.

At the time I was writing this blog, there is no sign that people already crack the password. This could be dangerous once the password is cracked especially when it's fall into a wrong hand.

UPDATE - 06/04/2011

The source code seem to be already posted at r00tw0rm.com which is currently down due to the missing file.

The CMS they are using is probably vBulletin which is contain missing file.