Ryan Naraine

Phishing the phishers

Security researchers Billy BK Rios and Nitesh Dhanjani infiltrated the phishing ecosystem and learned a great deal about how they operate. In this video, they explain their findings:


Websense researcher Hermes Li has posted a blow-by-blow walkthrough (with screenshots) of the Adobe Acrobat/Reader vulnerability that’s currently under attack. 
Excerpt from the blog post:

Google is (indirectly) buying security vulnerabilities from the security research community.

Under the guise of a Native Client Security Contest, the search engine firm is offering big cash prizes to hackers who find bugs and other security flaws in the open-source research technology for running x86 native code in Web applications.

In the wake of the zero-day attacks against Adobe’s Acrobat and Reader product lines, the company is taking a lot of flack for its poor response to handling the issue — specifically around communicating the risks and providing migitation guidance for end users.

Over on the ZDNet Zero Day blog, I lament the absence of real workarounds:

Attention GMail and GTalk users:  There’s a major spam run underway with social engineering lures to steal your login cretentials.
This image shows a GMail message that purports to be an account termination warning from Google but, if a user is tricked into clicking on the link, he/she is redirected to a fake GMail page requesting the login credentials.

The HP Security Labs blog is pointing to a new database scanning tool called “Scrubbr” that can help check numerous database technologies for the presence of possible stored cross-site scripting attacks.