As we discussed last week , socially engineered threats are specially crafted threats designed to lure the eye and trick the mind - they look legitimate or benign, and in worst case, may take advantage of a trusted relationship, by utilizing a compromised account or familiar website. Social engineering...

Today, we’re releasing a Microsoft Malware Protection Center Threat Report on Qakbot as a follow-up to the recently-released Microsoft SIRv10 and our special report on Battling Botnets in late 2010.  This report focuses on one botnet in particular, Qakbot . Qakbot is a backdoor that includes user...

This month, the MSRT team added the Win32/Afcore family of trojans to its detections. This malware is also known as Coreflood . It has evolved over time, first breaking onto the scene in 2003. At the time, it was encountered when visiting a malicious web page containing obfuscated VBScript and detected...

Just over one year ago, Microsoft- with industry and academic partners- utilized a novel combination of legal and technical actions to take control of the Win32/Waledac botnet as the first action in Project MARS (Microsoft Active Response for Security).   Today, a similar action has had its legal...

Earlier this week (October 25), authorities in the Netherlands took action against one of the Win32/Bredolab botnets and person(s) who may be responsible for this threat as part of an investigation codenamed TOLLING- part of a larger project named TAURUS. This follows on the heels of similar efforts...

The latest Microsoft Security Intelligence Report (SIR) dedicates a whole section to botnets and the role they play in today's world of malware, and for good reason - the pathways of the malware world are quickly merging into a botnet superhighway, a new conduit used for many nefarious purposes. If you...

As those who follow our blog already know, we added Win32/Zbot to MSRT this month.  This is a complex threat with techniques employed to make removal by AV challenging and which necessitated advances in the technology we use.  The threat is aimed at theft of credentials (often financial) and...

Today, the 9th edition of the Microsoft Security Intelligence Report was released as Adrienne Hall, General Manager of Microsoft Trustworthy Computing Communications, gave her keynote at RSA Europe.   This time around, we've done a few things differently.  First off - we've dedicated this particular...