Ryan Naraine

Adobe today released a patch to fix several serious security flaws in its Shockwave Player software.
The update, which is rated “critical,” addresses a total of five
documented vulnerabilities.  The most serious flaw could allow remote
code execution attacks against Windows and Mac users.

Yesterday, a “Your iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your phone right now!” message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from appearing at startup.  Read the full story [Dancho Danchev/ZDNet]

Windows Vista is dramatically more secure than Windows XP, according Microsoft’s latest Security Intelligence Report. The infection rate of Windows Vista SP1 was 61.9 percent less than Windows XP SP3, the company said.The report covers the first half of 2009 and is the seventh such twice-yearly report the company has issued.  The study found that for all Microsoft operating systems that the most current service pack is always the least infected, based on infections per 1,000 computers running each OS. Windows 7 was not included in the report. Read the full report [Network World]

A new ransomware variant encrypts files on a computer but uses a novel twist on monetizing the extortion threat.

Instead of demanding money directly for decryption keys, as has been the case in other instances, it presumes that the owner of an infected computer will search for information to help unlock the files. The search typically leads to a fraudulent company offering a fix but requiring a payment to obtain it. Read the full story [SC Magazine]

Microsoft Corp. pours more money into software security than any other
major vendor both because it has to and because it can. Yet for all the
investments in security, the number of vulnerabilities discovered in
the company’s products has increased over the years, prompting
questions over whether the company has reached the limits of its
ability to debug software. 

There are reports of phony FDIC notification e-mails tricking computers users into installing the ZBot identity-theft Trojan. The e-mails
tell the recipients that their banks have filed for bankruptcy and that
the banks’ asserts are now under the control of the FDIC. The links
offered in the message lead to a page that offers users a chance to see
their “personal FDIC insurance file(s),” but which actually installs
the Zeus or ZBot Trojan on their PCs.  See the FDIC warning [fdic.gov]

Opachki is one of many software tools developed by criminals to hijack and monetize Windows users’ search traffic using affilate-based search engines that are ultimately advertiser-sponsored, sometimes by well-known and respected firms. Instead of only hijacking search result links, Opachki attempts to hijack as many links as it can on any web page, using the text enclosed by the HTML HREF tag as a faux search phrase when redirecting the user to an affiliate-based search engine.  Read the technical analysis [Joe Stewart/SecureWorks]