Vulnerabilities


Sophisticated Botnet Causing a Surge in Click Fraud

A new botnet has caused a sharp spike in click fraud because it is skirting the most sophisticated filters of search engines, Web publishers and ad networks, according to Click Forensics.
The company, which provides services to monitor ad campaigns for click fraud and reports on click fraud incidence every quarter, said on Thursday that the botnet’s architects have figured out a way to mask it particularly well as legitimate search ad traffic. Read the full story [computerworld.com]

Microsoft Issues XP, Vista Anti-Worm Updates

Four months after it modified Windows 7 to stop the Conficker worm from spreading through infected flash drives, Microsoft has ported the changes to older operating systems, including Windows XP and Vista.  Read the full story [computerworld.com]


Linux Botnet Discovered

From The H Security
A network of hijacked Linux servers is apparently being used to distribute malicious software to Windows PCs. According to an analysis by web developer Denis Sinegubko, the comprised systems all have one thing in common: the light weight web server nginx is running and serving content through port 8080. Otherwise, these systems are inconspicuous and appear to operate quite normally. This new tactic was discovered when links to malware posted in China were replaced by dynamic DNS names from DynDNS.com and No-IP.com. Read the full story [The H Security].

Throughout the last two years, scareware (fake security software), quickly emerged as the single most profitable monetization strategy for cybercriminals to take advantage of. Due to the aggressive advertising practices applied by the cybercrime gangs, thousands of users fall victim to the scam on a daily basis, with the gangs themselves earning hundreds of thousands of dollars in the process. 
This end user-friendly guide aims to educate the Internet user on what scareware is, the risks posed by installing it, how it looks like, its delivery channels, and most importantly, how to recognize, avoid and report it to the security community taking into consideration the fact that 99% of the current releases rely on social engineering tactics.  Read the full story [zdnet.com]

Apple today shipped another Mac OS X mega-update with fixes for at least 33 serious security problems affecting Mac OS X users.

The update includes patches for third party components like Adobe‚Äôs Flash Player plug-in, Clam AV, MySQL and PHP.  A separate update was released for Snow Leopard to fix the issue where a vulnerable version of Flash Player was included with the new operating system.  Read the full story [zdnet.com]

From The Washington Post (Brian Krebs)

Finding the notorious Clampi banking Trojan on a computer inside your network is a little like spotting a single termite crawling into a crack in the wall: Chances are, the unwelcome little intruder is part of a much larger infestation. At least, that’s the story told by two businesses which recently discovered Clampi infections, compromises that handed organized cyber gangs the access they needed to steal tens of thousands of dollars.Read the full story [Washington Post].

Apple has released security patches to cover serious security vulnerabilities in its iPhone, iPod Touch and QuickTime products.
The most serious of the vulnerabilities could lead to remote code execution attacks that give malicious hackers an easy way to hijack computers and mobile devices.  Read the full story for details on these vulnerabilities [zdnet.com]

Mozilla has released a new version of its flagship Firefox browser to fix 10 vulnerabilities that put Web surfers at risk of code execution attacks.
The Firefox 3.5.3 update — available for Windows, Mac and Linux users — patches security holes that could allow drive-by download attacks if a user simply surfs to a booby-trapped Web site.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.