[{"Title":"Analysis of the Eleonore exploit pack shellcode","Blurb":"' Eleonore' is a malware package that contains a collection of exploits used to compromise

web pages. When the compromised web pages are viewed via vulnerable systems, the exp loit payload is run. Eleonore is purchased by an attacker from an underground we bsite. The attacker then gains access to Internet web servers and installs the e xploit by modifying webpages, which are then served to the public. The malware p ack also contains functionality for the tracking and management of compromised c omputers.","Published":"2012-04-20 00:00:00","URL":"http://blogs.technet.com/b/m mpc/archive/2012/04/20/analysis-of-the-eleonore-exploit-pack-shellcode.aspx"},{" Title":"Revenge of the Reveton","Blurb":"Computer users around the world are inc reasingly accustomed to managing their bank accounts, paying their bills and per forming other activities online. The use of technology to manage finances has lo ng been a target of attackers, and malware authors continue to create scams that try to persuade potential victims to provide access to their valuable personal information, including logon credentials for online accounts. Trojan:Win32/Revet on.A is a recent example of malware that attempts to phish these details from vi ctims using the great motivator - fear.","Published":"2012-04-18 00:00:00","URL" :"http://blogs.technet.com/b/mmpc/archive/2012/04/18/revenge-of-the-reveton.aspx "},{"Title":"MSRT April 2012: Win32/Claretore","Blurb":"The earliest reported va riant in this family can be traced back to November 2011. Claretore is a trojan that injects itself into running processes to intercept browser traffic and redi rect the browser to an attacker-defined URL. It also sends information about the affected computer to a remote server. The installation and preservation mechani sm employed by Claretore is not new but it is aggressive. Claretore drops copy o f itself to the user profile's folder and the temp folder, and removes the origi nal copy of the malware. The registry is modified to execute Claretore at every Windows start.","Published":"2012-04-10 00:00:00","URL":"http://blogs.technet.co m/b/mmpc/archive/2012/04/10/msrt-april-2012-win32-claretore.aspx"}]