W.32Downadup.C, the third variant of the Conficker virus is more aggressive and trying to be stealth by disabling the security software installed on the machine. The new variant is focusing more on how to hide itself than on spreading to more computer. It uses and improved algorithm which generates more than 500,000 random domains per day to download the payload. The previous version generated only 250 per day which was successfully reversed engineered by the Microsoft.

Conficker will try every three hours to connect to specific domains over HTTP (‘phoning home’) however, unlike many other worms which use a static list of domains, Conficker’s domain list is dynamically generated by an algorithm to download the payload. It’s still a mystery that no payload has yet to be delivered by the worm even after having more than 16 million PCs infected world wide.

Explore More

critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net

PlanetCreator.Net’s Security Team member zai22 reported another critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net SQL injection is a code injection technique that exploits a security vulnerability occurring in the

Read More

Misconfigured security features or Incorrect use of security

Session cookie is not randomized enoughNumerous applications use a session cookie to maintain the state of a logged in user. The use of authentication to validate the user that has

Read More

How to Fix a Hacker Attack

After a computer has been hacked it can never be trusted again. So say the pros, and security expert Steve Gibson, of GRC.com, in particular. “There is no way to

Read More