news
Security and Windows TCO
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by Debian (ffmpeg), Fedora (gnutls, linux-firmware, mingw-djvulibre, mingw-python-requests, and salt), Mageia (qtimageformats6), Oracle (gnome-remote-desktop, golang, kernel, libxml2, and perl-File-Find-Rule), SUSE (gstreamer-plugins-base, gstreamer-plugins-good, kernel, and protobuf), and Ubuntu (apport, glibc, gnutls28, and roundcube).
-
Scoop News Group ☛ AsyncRAT seeds family of more than 30 remote access trojans [Ed: They try to associate it with "open source"; as if someone having a kitchen knife makes the knife a murder tool]
ESET researchers observed tens of thousands of machines infected with AsyncRAT and its variants over the past year. The open-source malware is a popular tool among cybercriminals.
-
Windows TCO / Windows Bot Nets
-
SANS ☛ Keylogger Data Stored in an ADS, (Tue, Jul 15th)
If many malware samples try to be "filess" (read: they try to reduce their filesystem footprint to the bare minimum), another technique remains interesting: Alternate Data Streams or "ADS". This NTFS feature allows files to contain multiple data streams, enabling hidden or additional metadata to be stored alongside the main file content without being visible in standard file listings.
-