http://www.trustedsource.org The latest threats and security trends Copyright 2008 by Secure Computing Corporation en-us http://www.trustedsource.org/blog/163/McAfee-Family Wed, 19 Nov 2008 04:13:47 UT As of today, we are very excited to have completed our integration into the McAfee family. It is quite thrilling to be part of the largest pure-play security vendor in the world and the tremendous customer reach that comes with that position. But even more exciting for me is the incredible opportunity that [...] http://www.trustedsource.org/blog/161/The-end-of-domain-tasting Fri, 14 Nov 2008 04:08:11 UT Domain tasting is a practice of systematic abuse of ICANN’s 5 day “grace period” (Add Grace Period or AGP) policy, which allows a registrant to register a domain name and return it for a full refund within 5 days. For years, many online advertisers, some registrars and spammers have been taking advantage of this [...] http://www.trustedsource.org/blog/160/Krebs-Spam-Takedown-Service Fri, 14 Nov 2008 03:32:18 UT There are a number of companies in the security industry that specialize in quick and efficient takedown of malicious sites (primarily focusing on sites that are hosting phishing webpages that attack their customers). But this week, Brian Krebs, an investigative technology reporter from the Washington Post, singlehandedly accomplished something that had never been done before [...] http://www.trustedsource.org/blog/162/Web-Browsers-Emerging-Platform-Under-Attack Thu, 13 Nov 2008 08:50:14 UT Web browsers are the critical platform for both current and future business applications, and at the same time are the target of sophisticated Web-borne malware attacks.In our new publication, entitled “Web Browsers: Emerging Platform Under Attack,” we are taking a look into the security measures of today’s web browsers and the most popular browser plugins. http://www.trustedsource.org/blog/159/New-Adobe-Reader-vulnerability-exploited-in-the-wild Tue, 11 Nov 2008 15:10:18 UT Last week Adobe issued a security update which addressed several critical vulnerabilities in Adobe Reader and Acrobat versions. Three days later, malicious PDF documents appeared in the wild, exploiting an input validation issue in the util.printf JavaScript method (CVE-2008-2992) leading to remote code execution as reported by the fellow handlers at the Internet Storm Center. With [...] http://www.trustedsource.org/blog/158/Secure-Computings-Research-Team-Releases-Q3-Internet-Threat-Report Tue, 28 Oct 2008 21:40:12 UT Secure Computing has published the Q3 2008 Internet Threat Report containing data and analysis covering both email and web-based threats. The report was compiled by the Secure Computing research teams and based on the company’s TrustedSource Global Reputation System with its unique and unparalleled view of worldwide Internet traffic. Among the report’s findings, Q3 saw the [...] http://www.trustedsource.org/blog/157/Password-Stealing-Trojan-Spreads-Through-Zero-Day-Vulnerability Fri, 24 Oct 2008 18:40:15 UT A critical security hole fixed by Microsoft with Security Bulletin MS08-067 is actively exploited in the wild by a new password-stealing Trojan. Next to gathering and stealing Windows Live-, Protected Storage- and Microsoft Outlook-credentials which are phoned home to China, the Trojan downloads an additional exploit component from the Internet. It exploits the above mentioned [...] http://www.trustedsource.org/blog/156/The-Spammers-Vote---Update Fri, 24 Oct 2008 16:48:46 UT We continue to track the spammers’ presidential candidate preference in this election. Since our last post, we have seen dramatic swings with Obama’s lead being as low as 1% to as high as 99%. In the past week, the spam containing Obama’s name has seen a significant increase and has maintained a lead margin approaching 70%. The [...] http://www.trustedsource.org/blog/155/IWF-National-Awareness-Day---24-October-2008 Fri, 24 Oct 2008 03:58:57 UT Secure Computing Coproration is a member of the Internet Watch Foundation (IWF), the UK internet ‘Hotline’ for the public to report their inadvertent exposure to online child sexual abuse content hosted anywhere in the world and criminally obscene and incitement to racial hatred content hosted in the UK. The IWF works in partnership with the online [...] http://www.trustedsource.org/blog/154/The-Spammers-Vote Mon, 06 Oct 2008 19:32:36 UT Elections in United States are coming up, and spammers continue to leverage the public interest of election topics to lure users into opening spam and virus messages. Secure Computing’s TrustedSource Labs has already taken a look at the candidates’ popularity among spammers in our October Spam Report. We found that mostly due to a spam [...] http://www.trustedsource.org/blog/153/Rise-Of-The-PDF-Exploits Mon, 22 Sep 2008 09:30:12 UT The Portable Document Format (PDF) is one of the file formats of choice commonly used in today’s enterprises, since it’s widely deployed across different operating systems. But on a down-side this format has also known vulnerabilites which are exploited in the wild. Secure Computing’s Anti-Malware Research Labs spotted a new and yet unknown exploit toolkit [...] http://www.trustedsource.org/blog/152/Gibberish-Spam Mon, 15 Sep 2008 19:37:39 UT The global email and spam volumes on September 11 last week climbed to the record levels that we have not seen since late March of this year. Volumes have been decreasing during spring and summer after the March records, but began rising again in August and September. The increase on September 11, however, was so  [...] http://www.trustedsource.org/blog/151/Web-Server-Security-How-a-Typo-Led-to-a-Massive-Sell-Off Mon, 15 Sep 2008 19:42:54 UT The Financial Times reported last week that a major sell-off of United Airlines was triggered by an old link on the front page of the Chicago Tribune. The link was pointed to an article about United going bankrupt; there was just one problem - the article was from 2002. Google News picked up the link [...] http://www.trustedsource.org/blog/150/Digging-for-Worms Thu, 11 Sep 2008 13:30:12 UT One of today’s popular Web 2.0 sites is without doubt digg.com, where people can share and discover content on the Internet … the so called “user-generated content”. The community decides what’s popular by “digg” or “bury” it and then brings content to the front page where an even bigger audience can be reached. But since everyone [...] http://www.trustedsource.org/blog/149/Tell-me-your-User-Agent-and-we-may-not-infect-you Tue, 09 Sep 2008 10:10:12 UT One of the awkward “free giveaways” of additional payloads in today’s malware is the rise of Rogue Anti-Spyware products. These misleading applications scare the user with fake messages, telling that the system is infected with malware. In order to be able to remove the fake threats it has to be paid for - that’s where [...] http://www.trustedsource.org/blog/148/Fake-Madonna-video-turns-the-blue-screen-on Fri, 22 Aug 2008 12:50:12 UT Poor Angelina Jolie has been the spammer’s darling for the last weeks. Her name was misused in campaigns by Rustock, Srizbi, Grum, Pushdo and others - just to name a few. Now we’ve discovered new mass-mailings from the infamous Grum botnet, this time featuring popstar Madonna. The messages with subjects like ‘Video Madonna XXX !!!‘ [...] http://www.trustedsource.org/blog/147/Breaking-News-The-Evolution-of-this-Blended-Threat-Attack Fri, 22 Aug 2008 22:40:39 UT Recently, there was a lot of media buzz and attention on the latest spam tactic used to get users to download a fake flash player onto their system.  This attack was in the form of email that varied in its complexity from a simple “CNN Top 10″ subject to emails that mimicked the actual CNN [...] http://www.trustedsource.org/blog/146/The-State-Of-Malware---Summer-2008 Wed, 20 Aug 2008 12:10:13 UT What has been hot this summer, and what not? How are things evolving compared to summer of last year? We’ve taken a look into recent malware incidents, new vulnerabilities being exploited in-the-wild, and compared the evolution of malware types and the usage of malicious techniques in “mainstream” malware families nowadays.The amount of password-stealing malware, for example, [...] http://www.trustedsource.org/blog/145/Rogue-Flash-ads-hijack-your-clipboard Tue, 19 Aug 2008 14:50:12 UT There is a new twist with Malvertising (malicious advertising), as first reported here. These latest banner ads contain malicious ActionScript code which has access to your system’s clipboard - and it’s not a bug, it’s a feature. Since ActionScript 1.0, there is a method which puts a specified text string onto the clipboard (replacing other text [...] http://www.trustedsource.org/blog/144/Web-Application-Vulnerabilities-Can-Make-The-Difference---How-To-Tackle-The-Threat Mon, 18 Aug 2008 09:40:11 UT Automated SQL injection attacks against Websites have truely changed the Web threat-landscape this year. Attack toolkits misuse search engines to query for vulnerable Web pages. One reason why such attacks remain so successful is that it’s not based on a common Web server vulnerability that could simply be patched. Rather, the attacks work due to [...]