Spyware Sucks

"There is no magic fairy dust protecting Macs" - Dai Zovi, security researcher and co-author of The Mac Hacker's Handbook.

"The Biblical wisdom “pride comes before a fall” needs to be foremost in the minds of security professionals. There are several aspects to this truth, but it starts with believing it is true. For one, the bad guys are always getting better and trying to get in. They are working harder than ever to defeat whatever you are doing to protect your enterprise. This knowledge alone will change your perspective on your job and when you are “done". What worked today may not work tomorrow. In this light, be careful about the promises you make to others regarding security and the protections you are deploying." - Dan Lohrmann

Malvertizements - cyberipod and mediaman

IMPORTANT: THE TWO ADVERTISEMENTS FEATURED BELOW WERE SHUT DOWN IN JUNE 2007. My mistake. I'll be more careful in future to ensure that reports I see are for current malvertisements. My apologies to Doubleclick.

Lesson learned: previously identified malicious content should be moved out of public view.

'm on the road at the moment, so only have screenshots for now.

Preliminary analysis at adopstools indicates malicious content:
http://www.adopstools.com/index.asp?page=quicklink&id=z45zlyl4R7sJ5L6I
http://www.adopstools.com/index.asp?page=quicklink&id=2nk99FyQ6qot025u

Mediaman:
m1.2mdn.net/1612895/NHL_MediaMan_728x90_flash.swf

Campaign.
adtraff.com/statsa.php?u=23423424&campaign=pushmama

-----

cyberipod:
m1.2mdn.net/1487544/160x600_Cyberipod.swf

Campaign.
workhomecenter.com/crossdomain.xml
workhomecenter.com/stats.php?campaign=5pentt00&u=1206974120161