September 22nd, 2008
The Portable Document Format (PDF) is one of the file formats of choice commonly used in today’s enterprises, since it’s widely deployed across different operating systems. But on a down-side this format has also known vulnerabilites which are exploited in the wild. Secure Computing’s Anti-Malware Research Labs spotted a new and yet unknown exploit toolkit [...]
More
September 15th, 2008
The global email and spam volumes on September 11 last week climbed to the record levels that we have not seen since late March of this year. Volumes have been decreasing during spring and summer after the March records, but began rising again in August and September. The increase on September 11, however, was so [...]
More
September 15th, 2008The Financial Times reported last week that a major sell-off of United Airlines was triggered by an old link on the front page of the Chicago Tribune. The link was pointed to an article about United going bankrupt; there was just one problem - the article was from 2002. Google News picked up the link [...]
More
September 11st, 2008
One of today’s popular Web 2.0 sites is without doubt digg.com, where people can share and discover content on the Internet … the so called “user-generated content”. The community decides what’s popular by “digg” or “bury” it and then brings content to the front page where an even bigger audience can be reached. But since everyone [...]
More
September 9th, 2008
One of the awkward “free giveaways” of additional payloads in today’s malware is the rise of Rogue Anti-Spyware products. These misleading applications scare the user with fake messages, telling that the system is infected with malware. In order to be able to remove the fake threats it has to be paid for - that’s where [...]
More
August 22nd, 2008
Poor Angelina Jolie has been the spammer’s darling for the last weeks. Her name was misused in campaigns by Rustock, Srizbi, Grum, Pushdo and others - just to name a few. Now we’ve discovered new mass-mailings from the infamous Grum botnet, this time featuring popstar Madonna. The messages with subjects like ‘Video Madonna XXX !!!‘ [...]
More
August 22nd, 2008
Recently, there was a lot of media buzz and attention on the latest spam tactic used to get users to download a fake flash player onto their system. This attack was in the form of email that varied in its complexity from a simple “CNN Top 10″ subject to emails that mimicked the actual CNN [...]
More
August 20th, 2008
What has been hot this summer, and what not? How are things evolving compared to summer of last year? We’ve taken a look into recent malware incidents, new vulnerabilities being exploited in-the-wild, and compared the evolution of malware types and the usage of malicious techniques in “mainstream” malware families nowadays.The amount of password-stealing malware, for example, [...]
More
August 19th, 2008
There is a new twist with Malvertising (malicious advertising), as first reported here. These latest banner ads contain malicious ActionScript code which has access to your system’s clipboard - and it’s not a bug, it’s a feature. Since ActionScript 1.0, there is a method which puts a specified text string onto the clipboard (replacing other text [...]
More
August 18th, 2008
Automated SQL injection attacks against Websites have truely changed the Web threat-landscape this year. Attack toolkits misuse search engines to query for vulnerable Web pages. One reason why such attacks remain so successful is that it’s not based on a common Web server vulnerability that could simply be patched. Rather, the attacks work due to [...]
More
August 14th, 2008CNBC recently sought out Secure Computing’s own Jonathan Zdziarski to explain his recent discovery of a kill switch mechanism embedded in the latest iPhone Software. Zdziarski helped to clear up the conspiracy theories and explained that the kill switch was a last-ditch security mechanism “designed to make up for lack of a secure operating system” [...]
More
August 10th, 2008A new SQL injection attack started circulating last week, and appears to have infected several thousand web servers as of late Friday evening. The attacks look similar to the one below, and attempt to query random valid files on the web server. The sysobjects and syscolumns tables queried are the give away: the attack is targeting [...]
More
August 7th, 2008
Bargain shoppers should watch out. A popular e-commerce web site in the United Kingdom is infected with malicious content. We have blogged about infected web pages several times before and wanted to warn users about this as well. A normal web surfer would not recognize anything suspicious, but a closer look at the actual HTML source [...]
More
August 5th, 2008
There is a new worm in the wild which targets users of the social networking sites MySpace and Facebook. The worm misuses the functions of these popular networking sites; by posting comments and sending messages like “Paris Hilton Tosses Dwarf On The Street“, “OMG!!! This is you on hidden cam“, “You must see it!!! Funny video clip” or “Funny [...]
More
August 4th, 2008
A new variant of the “Vundo” desktop hijacker trojan (a.k.a. “Virtumonde”) has been sighted. It is capable of phoning home and sending sensitive information about an infected system back to its servers in the Netherlands that belong to the Trojan’s authors. Once the malware is executed, it drops a DLL using a random name into Windows’ [...]
More
