An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft’s Virtual PC virtualization software to malicious hacker attacks.

The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations --  Data Execution Prevention (DEP), Safe Exception Handlers (SafeSEH) and Address Space Layout Randomization (ASLR) -- to exploit the Windows operating system.

In need of a fresh example that cybercriminals are actively looking for ways to monetize infected Mac OS X hosts? Early-stage discussions at several web forums, including a PoC (proof of concept, source code included) Mac OS X blocker as well as potential GUIs for the ransomware, offer an insight into the potential to monetize OS X infected hosts using SMS-based ransomware.

Criminals increasingly attempt to camouflage the traces of their malware on the internet to keep control of a hijacked server for as long as possible. However, their paths can be retraced using special tools to identify the vulnerability the malware intends to exploit to enter a system. Read the full article. [The H Security]

Through 2012, 60 percent of virtualized servers will be less secure than the physical servers they replace, according to Gartner. Although they expect this figure to fall to 30 percent by the end of 2015, analysts warned that many virtualization deployment projects are being undertaken without involving the information security team in the initial architecture and planning stages. Read the full article. [Help Net Security]

Most attention goes to keeping hackers out. But once they're inside, how do they extract data? Research of 200 data breaches in 24 countries examines the ways data is leaving. Read the full article. [CSO]

A bogus application that lures Facebook users by falsely offering to show who has been viewing their profile has been exposed as a scam. A researcher warns he has already identified 25 different copies of the same rogue app but using different monikers such as peeppeep-pro, profile-check-online and stalk-my-profile. Read the full article. [The Register]

The latest version of the Zeus do-it-yourself crimeware kit goes to great lengths to thwart would-be pirates by introducing a hardware-based product activation scheme similar to what's found in Microsoft Windows. Read the full article. [The Register]

Reported losses from online fraud more than doubled last year, from $265 million in 2008 to nearly $560 million in 2009, according to figures released Friday by the FBI. Read the full article. [KrebsonSecurity]

Microsoft has released a one-click "fix-it" workaround to help Internet Explorer users block malware attacks against an unpatched browser vulnerability.

The Fix-It workaround, available here, effectively disables peer factory in the iepeers.dll binary in affected versions of Internet Explorer.  

By Andrew Storms

Every month, like clockwork, Microsoft releases security bulletins and every month people ask me if it's small or a big release. While the exact details of the patches are generally treated as news, the expected workload each month really shouldn't be a guessing game because Microsoft's patch releases are predictably cyclical.