Browsing Category: Malware

Categories: Malware, Vulnerabilities

[img_assist|nid=1724|title=|desc=|link=none|align=left|width=115|height=115]A new spam campaign is targeting a financial transfer system that
handles trillions of dollars in transactions annually and has proved to
be a fertile target of late for online fraudsters. The spam
messages pretend to come from the National Automated Clearing House
Association (NACHA), a U.S. nonprofit association that oversees the
Automated Clearing House system (ACH). Read the full article. [Computerworld]

Read more...

[img_assist|nid=1701|title=|desc=|link=none|align=right|width=115|height=115]Let’s try to separate the wheat from the chaff. Let’s start by looking at the vulnerability itself. It is a “man-in-the-middle” (MitM) attack in which an attacker can use an SSL feature called “negotiation” to inject bad stuff into an SSL session. Right, so that’s not good news. But the sky isn’t exactly falling yet, so we can all remain calm for now. Let’s put things into perspective here… In order to use an MitM attack to actually effect damage isn’t entirely
trivial. The attacker either needs to be on the same local network as
the client, or in the network path between the client and the server. By far, the most likely of these scenarios, at least in the near term,
is to attack systems on a local network. We have a little bit of
leverage there. Read the full article. [Computerworld]

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=1700|title=|desc=|link=none|align=left|width=115|height=115]Heads up to all Microsoft Windows users: If you’re running Windows
2000, Windows XP or Windows Server 2003, stop what you’re doing and immediately download and apply the MS09-065 update released earlier this week.

Security researchers say it’s only a matter of time — days not weeks
— before malicious hackers start exploiting one of the vulnerabilities
via booby-trapped Web pages or Office (Word or PowerPoint) documents.

Read more...

A researcher is working on tools for
penetration testers that’s a first step toward ultimately integrating
and correlating data among different types of penetration-testing
products. Josh Abraham, a.k.a. “Jabra,” will release some proof-of-concept tools at the OWASP AppSec Conference in Washington, D.C., that let pen testers integrate data they gather in their white-hat hacking projects. Read the full article. [Dark Reading]

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=1682|title=|desc=|link=none|align=left|width=140|height=104]Drive-by exploit writers have been spotted using a popular Twitter
command to send web surfers to malicious sites, a technique that helps
conceal the devious deed.  According to researcher Denis Sinegubko, it’s
being added to heavily obfuscated redirection scripts injected into
compromised websites. The scripts, which redirect victims to drive-by
sites that attempt to exploit unpatched vulnerabilities in programs
such as Apple’s QuickTime. Read the full article. [The Register]

Read more...

Categories: Malware, Web Security

[img_assist|nid=707|title=|desc=|link=none|align=left|width=115|height=115]By Vitaly KamlukWe’ve been looking at the infrastructure of the Gumblar malware and found some curious facts on how Gumblar operates which we would like to share to make hosting owners aware of the Gumblar threat.Analysis of some infected websites showed that the only way to inject the infection of Gumblar was by using FTP access, because those websites have no server-side scripting. Later this was proved by an analysis of FTP log files.

Read more...

[img_assist|nid=1669|title=|desc=|link=none|align=right|width=115|height=115]The security glitch, which is linked to a “cash back” system
operated by Bing, potentially leaves users and retailers exposed to
fake transactions. But despite an outcry online over the existence of
the loophole, the world’s largest company has responded to the issue by
threatening legal action against the man who discovered the problem. First launched last year, before Microsoft rebranded
its search website, the affiliate scheme offers users the chance to
earn money back for every product they buy through the service. Read the full article. [guardian.co.uk]

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=1665|title=|desc=|link=none|align=left|width=115|height=115]Hackers will quickly jump on one of the 15 vulnerabilities Microsoft patched Tuesday to build attack code that infects Internet Explorer users, security researchers agreed today. The bug, which Microsoft patched as part of a record-tying security update for the month of November, is in the Windows kernel, the heart of the operating system. Read the full article. [Computerworld]

Read more...

[img_assist|nid=1663|title=|desc=|link=none|align=right|width=115|height=115]A well known commercial provider of spyware applications for numerous mobile platforms, has recently ported its Mobile Spy app to the Android mobile OS. Just like previous releases of the application, the Android version
keeps a detailed log of GPS locations, calls, visited URLs, and
incoming/outgoing SMS messages, available at the disposal of the
attacker who installed it manually by obtaining physical access to the
targeted device. Read the full article. [ZDNet]

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=1655|title=|desc=|link=none|align=right|width=115|height=115]A
high-profile online advertising Web site has been hacked and rigged to
serve multiple exploits to Microsoft Windows users surfing the net with
unpatched third party desktop software.
According to a warning issued by Websense Security Labs, the malicious code was found on media-servers.net,
which is described as a high-profile advertiser on the Internet realm. 
The site has been firing an assortment of exploits for several months,
including exploits for vulnerabilities in Microsoft DirectShow and
Adobe PDF Reader.  Read the full advisory [websense.com]

Read more...