About
Dennis Fisher is a journalist with more than 13 years of experience covering information security.
From Zero in a Bit (Chris Eng)
Yesterday it was reported by various media outlets that a recent BlackBerry software update from Etisalat (a UAE-based carrier) contained spyware that would intercept emails and text messages and send copies to a central Etisalat server. We decided to take a look to find out more. Read the full story [Zero in a Bit].
Microsoft has expended a massive amount of time, energy and money in the last few years to improve both the quality of its software and the speed and efficiency of its security response process. It has succeeded in large part on both counts, especially on the security and reliability of its products. But, as the company’s response to the privately disclosed MsVidCtl ActiveX vulnerability in Internet Explorer shows, Microsoft still has some ground to cover on the issue of timely response.
From SearchSecurity (Robert Westervelt)
Microsoft issued an advisory Monday, warning of a new vulnerability in Office Web Components being actively targeted by attackers. The Office Web Components allow users to view spreadsheets, charts and databases on the Web. Microsoft said the vulnerability is in the Spreadsheet ActiveX Control, which is used by Internet Explorer (IE) to display the data in the browser. It is remotely exploitable when a person browses with IE and visits a malicious website. If successfully exploited, an attacker could gain the same user rights as the local user and gain complete control of a system, Microsoft said. Read the full story [SearchSecurity].
From Websense Security Labs
The recently publicized Zero-Day Vulnerability in Microsoft DirectShow is in the wild and spreads through infection of thousands of legitimate Web sites. The proof-of-concept of the vulnerability is out and exploitation is very easy to achieve. In our labs we have been tracking the spread of this new zero day—the first compromised domains mainly originating in China. Read the full story [Websense].
The ongoing DDoS attacks that have been targeting a series of U.S. government sites as well as some commercial sites is likely not the work of any government organization and is being executed by an old piece of malware that is designed to ruin files on infected PCs rather than steal data, experts say.
Microsoft’s July Patch Tuesday release will include a fix for the DirectShow vulnerability that was revealed in May, and the software giant said it likely will also have a patch available for a related flaw in the MsVidCtl ActiveX control that became public earlier this week and has been under active attack. The company said it has been working on a patch for the second vulnerability all week and believes that the fix should be ready for release July 15.
From Zero Day (Ryan Naraine)
Apple has released Safari 4.0.2 to fix a pair of security flaws that could lead to cross-site scripting or remote code execution attacks. The vulnerabilities affect Safari for Windows (XP and Vista) and Mac OS X. Read the full story [ZDNet].
From Network World (Michael Cooney)
Researchers at IBM have developed software that uses optical character recognition and screen scraping to identify and cover up confidential data.
According to IBM the driving idea behind the MAGEN (Masking Gateway for Enterprises) system is to prevent data leakage and allow the sharing of data while safeguarding sensitive business data. Read the full story [Network World].
Dennis Fisher talks with security researcher Dino Dai Zovi about his upcoming Black Hat talk on Mac OS X rootkits, exploiting the Mac and the value of hacking contests and internal code reviews.
From Zero Day (Dancho Danchev)
Researchers from NetQin Tech. are reporting on a newly discovered mobile malware variant (Transmitter.C) distributed through a modified version of legitimate mobile application. Upon execution, the malware attempts to automatically spread by SMS-ing hundreds of messages linking to a web site where a copy of it (sexySpace.sisx) can be found. Read the full story [ZDNet.com].
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
