Gozi Trojan Antispam String

I posted to my work blog a little ditty about detecting the Gozi stuff circulating now, after noticing that only one variation of the PDF was hitting a more general detection mechanism, over and over again. This is further proof, at least to me, that the run-of-the-mill mass attacker still doesn't give a whit about evasion -- they're after people with no security mechanisms in place, so having merely okay security is usually enough to cut out the malicious background noise.

The hypothetical (and sometimes real) "dedicated" or "focused" attacker is another story entirely, of course. But the people behind Gozi aren't in that category, and they won't be until an overwhelming fraction of everyone has some kind of inspection (antispam, IPS, filtering proxy, network AV, etc) in place.

SpaMP3: The latest in cutesy buzzwords for spam

Information Week is running a story on MP3-based spam, which they're calling SpaMP3. Oldtime readers know I am completely ga-ga over new names for old problems, so I'm totally in love with this story.

What they fail to mention is how creepy it the low bitrate/low sample rate actually sounds. Click here to download and hear it yourself -- note AV scanners may block, though there doesn't look to be anything evil about the file format.

It reminds me of an old-timey hypnosis tape. So, there's probably subliminal messages in there trying to get you to buy Cialis and get a low mortgage rate, too.

Storm Bandwidth Resale

CNET is running a surprisingly insightful article about the current state of the global malware/spam delivery system known as the Storm Worm Botnet. I don't want to spoil the ending or anything, but the Storm network is really pretty advanced. If you haven't read Shockwave Rider by now, you probably ought to in order to appreciate what the global network is going to look like when Storm and its decedent applications control everything.

Reuters Runs Non-Story About Google

This story is the silliest fluff piece about the Internet I've seen since the breathless piece on Twitter.

It's a list of keywords sorted by country. Okay. The implication is that America is way more interested in burritos and Iraq than, oh, Sweden is.

Shrug.

I can only assume that they had this pretty cool picture of Google-colored glasses, but no actual story to go with it.

Okay, so Linkin, Myspace, and Facebook really aren't THAT bad...

...but they have the potential for badness, like a chainsaw or strong encryption.

See my interview about social networking on Dark Reading. It's not earth shattering 0days that make these sites a liability, but the casual trust that users invest in them. Oh, and the 0days -- which are sometimes there by design.