Browsing Category: Web Security

Free Blocking Tool to Thwart Drive-By Downloads

[img_assist|nid=3380|title=|desc=|link=none|align=left|width=100|height=100]Researchers are preparing to release a free tool to stop
“drive-by” downloads: Internet attacks in which the mere act of
visiting a Web site results in the surreptitious installation of
malicious software. The new tool, called BLADE (Block All Drive-By
Download Exploits), stops downloads that are initiated without the
user’s consent. Read the full article. [Technology Review]

Read more...

Online Crime Easier, More Budget Friendly

[img_assist|nid=3370|title=|desc=|link=none|align=right|width=100|height=100]Mainstream attention to Operation Aurora and the Kneber (Zeus) botnet are welcome. It underscores how the Internet underground has advanced to the point where a plethora of
powerful hacking tools and services  is readily available to  novice
hackers and elite crime gangs alike –  with  prices  to fit every
budget. Read the full article. [The Last Watchdog]

Read more...

Man in the Browser: Inside the Zeus Trojan

By Atif Mushaq, FireEye
Man in the Browser a.k.a MITB is a new
breed of attacks whose primary objective is to spy on browser sessions
(mostly banking) and in that process intercept and modify the web page
contents transparently in the background. In a classic MITB attack, it’s very likely that what the user is seeing on his/her browser
window is not something which the actual server sent. Similarly, what
the server sees on the other end might not be what user was intending to
send.

Read more...

IEEE and Cloud Security Alliance Form Partnership

[img_assist|nid=3363|title=|desc=|link=none|align=right|width=100|height=100]The Cloud Security Alliance (CSA) and IEEE are joining forces to ensure
that best practices and standards are developed and available to
provide security assurance for cloud computing.
As a result of this collaboration, CSA and IEEE have been conducting a
survey to identify and define the most critical security concerns
surrounding enterprise cloud computing. Read the full article. [Help Net Security]

Read more...

Chuck Norris Botnet Discovered By Honeypot

[img_assist|nid=3364|title=|desc=|link=none|align=left|width=100|height=100]Czech security experts say they have uncovered
a global botnet that may be redirecting Web surfers to other sites for
the purpose of stealing their data.
The botnet’s creators have dubbed the network “Chuck Norris” after the famous Hollywood actor and martial arts expert. Read the full article. [Dark Reading]

Read more...