the exclamake! blog

I suppose there’s two ways for a spammer to evolve their craft.  1) Create a better piece of malware (package) 2) Create a better invitation.
Although the packages have progressively been getting better, I’ve been of the opinion that the invitations have not improved at the same pace.
However, I did receive an interesting semi-targeted spam today [...]

Got back from vacation this morning to discover a fresh vulnerability for Symantec Antivirus.  This particular vulnerability allows for remote code execution, not good.
This is an interesting trend as several antivirus products have created they’re own share of problems.  There was the bad McAfee virus definition that deleted Microsoft Office files and the CLAM AV [...]

SANS is reporting a targeted attack to a particular company.  This attack begins with email from a domain that closely resembles the company’s own domain, so that it appears as an internal email.  The attached Word file uses an undisclosed exploit to extract and execute a Trojan.  Another interesting bit is that it overwrites the [...]

Nice post here surveying various security organizations and the wide disparity between them. One will issue a vulnerability as Low while another as Highly Critical. The lesson, to be serious about security, you have to be reading a lot to keep up with what’s really going on and cannot get comfortable with a [...]