[img_assist|nid=1927|title=|desc=|link=none|align=right|width=85|height=85]VMware has advised of a total of 93 vulnerabilities in several of its products, including ESX Server, Server, VirtualCenter and vCenter. Read the full article. [The H Security]
Browsing Tag: malware
[img_assist|nid=1919|title=|desc=|link=none|align=left|width=100|height=100]Security researchers have identified a new worm spreading across
Facebook, luring people out to adult Web sites and automatically
replicating itself across people’s profile pages. Read the full article. [internetnews.com]
[img_assist|nid=1814|title=|desc=|link=none|align=right|width=115|height=115]Kaspersky Lab malware analyst Vyacheslav Zakorzhevsky has written an in-depth article describing the scareware (fake anti-virus) epidemic. The article touches on the common distribution techniques, the tricks used to scare users into paying fraudsters for a removal tool and the way code generators are being used to create these malicious programs. It also provides some infection statistics and some practical protection advice. Read the full article [viruslist.com]
[img_assist|nid=1765|title=|desc=|link=none|align=left|width=115|height=115]The same-origin policy vulnerability in Adobe Flash that was disclosed last week by a researcher at Foreground Security is more serious than just a simple software flaw, experts say. It illustrates a fundamental flaw in the way that Flash objects are handled by Web servers and Web browsers, alike, leading to a serious weakness on both ends of the Internet communication channel.
[img_assist|nid=1700|title=|desc=|link=none|align=left|width=115|height=115]Heads up to all Microsoft Windows users: If you’re running Windows
2000, Windows XP or Windows Server 2003, stop what you’re doing and immediately download and apply the MS09-065 update released earlier this week.
Security researchers say it’s only a matter of time — days not weeks
— before malicious hackers start exploiting one of the vulnerabilities
via booby-trapped Web pages or Office (Word or PowerPoint) documents.
[img_assist|nid=707|title=|desc=|link=none|align=left|width=115|height=115]By Vitaly KamlukWe’ve been looking at the infrastructure of the Gumblar malware and found some curious facts on how Gumblar operates which we would like to share to make hosting owners aware of the Gumblar threat.Analysis of some infected websites showed that the only way to inject the infection of Gumblar was by using FTP access, because those websites have no server-side scripting. Later this was proved by an analysis of FTP log files.
[img_assist|nid=1626|title=|desc=|link=none|align=left|width=115|height=115]U.S. and international prosecutors have taken down a criminal ring that they allege was responsible for an ATM scam last year that stole about $9 million from RBS WorldPay. The criminals were able to evade the company’s encryption system used on payroll debit cards and withdraw money from ATMs in 280 cities around the world.
[img_assist|nid=1622|title=|desc=|link=none|align=left|width=100|height=100]The attackers behind the insidious Koobface worm have taken to using Google Reader accounts that they control to spread the worm through shared Reader items. The infection method–which has been used before by Facebook worms–is another indication of the resilience and changing tactics the malware authors are employing.
The botnet problem has reached epidemic levels in recent months, with the continued growth of large-scale botnets, as well as the identification of smaller, more targeted networks around the world. But researchers have been taking steps to disrupt botnets of late, with some notable successes, as the recent takedown of the Mega-D botnet shows.
Could hackers get into the computer systems that run crucial elements of the world’s infrastructure, such as the power grids, water works or even a nation’s military arsenal? Watch the CBS News 60 Minutes segment.