Credit card giant Visa has taken Heartland Payment Systems and RBS WorldPay off its list of service providers that are compliant with the PCI Data Security Standard.
Browsing Category: Malware
Dave Kennedy and Kevin Long from Verizon’s security team are offering some of the best advice I’ve seen regarding the ongoing attacks against an unpatched Adobe Acrobat/PDF vulnerability.
I’ve complained bitterly about the lack of mitigation guidance from Adobe and I’m happy to see the Verizon researchers filling in the blanks and offering suggestions to reduce your exposure to these attacks.
On the Microsoft Secure Windows Iniative blog, software engineer Chengyun discusses the default behaviour of ActiveX controls embedded in Office documents. The software giant also provides information on how can an attacker abuse ActiveX and how Office users can change the behavior of ActiveX controls embedded in Office documents.
A new version of the Koobface worm is making the rounds of Facebook this week, this time in the guise of an invitation to view a fake YouTube video. The link takes users to a page asking them to install an updated version of the Flash player, which is instead a piece of malware.
The resilient Conficker worm has spent the last few months wreaking havoc on millions of infected PCs around the world, and it now looks like the worm is set to potentially cause some trouble for Southwest Airlines as well. Computerworld is reporting that the infected machines will attempt to contact a site owned by the airline on March 13 in attempt to download new instructions.
ZDNet’s Dancho Danchev is pointing to a new research paper (.pdf) that shows that 75.8% of the phishing sites analyzed (2486 sites) were hosted on compromised web servers to which the phishers obtained access through Google hacking techniques (search engine reconnaissance).