[img_assist|nid=5737|title=|desc=|link=none|align=left|width=90|height=90]Spammers and the botnet operators they’re allied with are continuing to adapt their techniques to evade security technologies, and now are using what amount to disposable domains for their activities. A new report shows that the spammers are buying dozens of domains at a time and moving from one to another as often as several times a day to prevent shutdowns.
[img_assist|nid=5722|title=|desc=|link=none|align=right|width=100|height=100]The Windows Help and Support Center vulnerability that was patched with yesterday’s MS10-042 bulletin was under active attack by malware miscreants, especially in Europe where Microsoft tracked about 25,000 attempts to exploit the vulnerability.
This is a recording of a live chat session with the technical support agent associated with a rogue AV program. The session was recorded by Nicolas Brulez, a security analyst at Kaspersky Lab.
[img_assist|nid=5717|title=|desc=|link=none|align=left|width=90|height=90]Cisco Industrial Ethernet 3000 (IE 3000) Series switches contain well-known,
hard-coded read and write SNMP community strings. An remote attacker
could take full control of a vulnerable device. Read the full statement. [US-CERT]
[img_assist|nid=2233|title=|desc=|link=none|align=right|width=100|height=100]Marc Maiffret, a security researcher known for his controversial opinions on software security and his efforts to get Microsoft specifically to improve the security of its products, is returning to eEye Digital Security, the vulnerability management company he helped found more than a decade ago. After several years away from the security game and a short stint with anti-malware vendor FireEye, Maiffret said that he was eager to get back into the research game, which has changed dramatically since his early days at eEye.
[img_assist|nid=5710|title=|desc=|link=none|align=left|width=100|height=100]Microsoft has released four new security bulletins in the July 2010 edition of patch Tuesday. These bulletins address five vulnerabilities.It is not uncommon, and has become expected, for a light patch Tuesday to follow a heavy patch Tuesday release from Microsoft. Last month, Microsoft released a hefty load of patches with 10 security bulletins addressing 34 vulnerabilities.
Thirty-eight defendants from across the United
States have been charged with participating in a multimillion-dollar
black market travel agent ring that used the stolen identities of
thousands of victims to purchase airline tickets for customers. Read the full article. [Dark Reading]
[img_assist|nid=5707|title=|desc=|link=none|align=right|width=100|height=100]Last month, when Google researcher Tavis Ormandy released details on a critical Help and Support Center vulnerability that exposed Windows XP and Windows Server 2003 users to malicious hacker attacks, Microsoft was publicly unhappy with the decision.
Oracle will release on Tuesday 59 patches to fix security weaknesses
affecting hundreds of products, according to a notice on its website. Read the full article. [Info World]
[img_assist|nid=5695|title=|desc=|link=none|align=right|width=90|height=90]Unless thousands of companies still using Windows XP SP2 computers
suddenly stop procrastinating, hackers are going to be in seventh heaven come July 13. Read the full article. [The Last Watchdog]