Malware


WordPress Installations Under Brute-Force Attack

There is an ongoing attack against some WordPress implementations that is trying to brute-force the passwords for the administrator accounts on the installations. The attack is being driven by an automated PHP script that tries thousands of possible passwords.

WOW Gamers Targeted with Trojan Spam

Security experts are warning of a new malicious spam campaign with a Trojan Horse designed to harvest the log-in credentials of online gamers with sexually explicit images of Asian women. Read the full article. [SC Magazine]

The Root of the Botnet Epidemic

Over the course of a few days in February 2000, a lone hacker was able to bring some of the Web’s larger sites to their knees, using just a few dozen machines and some relatively primitive software to cripple Yahoo, eBay, E*trade, Amazon, ZDnet and others for hours at a time. No one knew it at the time, but these attacks would come to be seen in later years as some of the earlier outbreaks of what has become a massive online pandemic.Jose Nazario on Botnets and the History of DDoS AttacksDennis Fisher talks with Jose Nazario of Arbor Networks
about the Mafiaboy attacks, the history of DDoS attacks and the botnet
epidemic.


Using Internet Explorer and a virtual PDF generator to print a PDF file
from a HTML page causes the document’s entire storage path, for example
file://C:UsersdabDownloadsdocument.pdf, to be stored in the document itself. Read the full article. [The H Security]

Facebook administrators have blocked a clickjacking exploit that
displayed images of a scantily clad woman on profile pages without
first prompting the user for permission. Read the full article. [The Register]

Security researchers have identified a new worm spreading across
Facebook, luring people out to adult Web sites and automatically
replicating itself across people’s profile pages. Read the full article. [internetnews.com]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.