Web Security


ExxonMobil, Others Attacked Via Email

At least three US oil companies were victims of highly targeted,
email-borne attacks designed to siphon valuable data from their
corporate networks and send it abroad, according to a published report
citing unnamed people and government documents. Read the full article. [The Register]

Using Spammers’ Techniques to Beat Spam

Spammers’ own trickery has been used to develop an “effectively perfect” method for blocking the most common kind of spam, a team of computer scientists claims. Read the full article. [New Scientist]

IE Feature Issues Can Be Exploited, Attacked

Microsoft’s Internet Explorer (IE) could inadvertently allow a hacker
to read files on a person’s computer, another problem for the company
just days after a serious vulnerability received an emergency patch. Read the full article. [Computerworld]


The Internet Systems Consortium (ISC), the company behind the open source DNS BIND, software, has released security updates to resolve a DNSSEC-related vulnerability that could lead to Denial-of-Service (DoS) attacks. Read the full article. [The H Security]

Zimuse-A and its variant, Zimuse-B, overwrite MBR (Master Boot Record)
files on infected drives with their own data, either 40 days or 20 days
respectively after infection. This malicious behavior corrupts records
and makes data recovery difficult if not impossible, researchers report. Read the full article. [The Register]

Mozilla
has released the latest iteration of its flagship Firefox browser with
a few significant security goodies to keep malicious hacker at bay. The update, which is being shipped via the browser’s automatic
update mechanism, includes new features to patch third-party Firefox
plug-ins and lock out rogue add-ons.

Analysis of the 32 million passwords recently exposed in the breach of
social media application developer RockYou last month provides further
proof that consumers routinely use easy to guess login credentials. Read the full article. [The Register]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.