Browse by Tags

All Tags » Vulnerabilities » viruses and exploits » Security (RSS)

10 years of Mac OS X Malware

Just sayin' ;o) http://www.welivesecurity.com/2014/03/21/10-years-of-mac-os-x-malware/

300,000 routers hijacked

"So far, the attacks have hijacked more than 300,000 servers in a wide range of countries, including Vietnam, India, Italy, Thailand, and Colombia. Each compromise has the potential to redirect virtually all connected end users to malicious websites...

Drive-by Download Attacks: Examining the Web Server Platforms Attackers Use Most Often

The top two - open source Apache and Nginx: http://blogs.technet.com/b/security/archive/2014/01/08/drive-by-download-attacks-examining-the-web-server-platforms-attackers-use-most-often.aspx

Hitman Pro writeup about the Yahoo malvertizing incident

It's an excellent write-up, and worth a read: http://hitmanpro.wordpress.com/2014/01/05/malware-served-via-yahoo-affected-millions/ Lessons for the layman: keep all software on your computer up to date and get rid of Java (you know, the stuff that...

Yep, malvertizing is still around

I don't write about it as much as I used to, but malvertizing is definitely still around; Yahoo being a recent target: http://blog.fox-it.com/2014/01/03/malicious-advertisements-served-via-yahoo/ Misleading Flash / Java / web browser update alerts...

ALERT: Two malvertizements seen at Spaces (not skydrive) and Hotmail...

Edit: BTW, it is Spaces and Hotmail - I haven't seen the malvert at Skydrive yet. Kimberley saw the first one, a malvertizement featuring perfectmatch.com: I have discovered another malvertizement featuring IMIN - we have seen this advert several...

Microsoft Security Intelligence Report: January through June 2008

The Microsoft Security Intelligence Report for the period covering January through June 2008 has been released. Executive Summary Full report Key findings summary The full report is a hefty 150 pages long. I have only had time to take the briefest of...

SWF for malware deployment

Mea culpa: Marian is apparently male, not female. Marian Radu of the Microsoft Malware Protection Center has written about SWF being used for malware . She He states: " What I found out is that, excluding flash exploits, SWFs are mainly used as redirectors...

Hold fire on Fuse Kit....

Moses Gunesch, the author of Fuse Kit, has posted a comment to my blog here: http://msmvps.com/blogs/spywaresucks/archive/2008/08/17/1644872.aspx#1644983 I may have to eat an awful lot of humble-pie if I have misunderstood the capabilities and features...

ALERT: Firefox with NoScript does NOT ALWAYS protect from SWF clipboard hijacks

Topic subjected edited to add the word "always". I stand by my statement that there are users out there who believe that "NoScript" will protect them from incidents like the clipboard hijack, even when they have disabled "Forbid...

ALERT: malvertizement at newsweek.com (hosted by washingtonpost.com)

Edit: Please review this article re Fuse: http://msmvps.com/blogs/spywaresucks/archive/2008/08/19/1644991.aspx Once again, it is a malvertizement created using Fuse Kit. Again, there are signs that the malvertizement came from the now defunct trackstarmedia...

ALERT: malvertizement featuring cardstore.com

Edited to fix typos - changing cardshop to cardstore - (it had been a *long* day) I finally got a sample of the malicious advertisement featuring cardstore.com: Interesting points to bear in mind about this incident are: The malvertizement was received...

ALERT: malvertizement from trackstarmedia.com (domain suspended)

I have just received word that a malvertizement featuring cardstore.com has been discovered. The distributor of the malvertizement is, according to my contact, trackstarmedia.com I'll post further information, and screenshots, as it comes to hand...

Microsoft Security Intelligence Report (July through December 2007) - Key Findings Summary (Australia, Canada, Germany, Japan, Netherlands and Norway)

Downloadable here: http://www.microsoft.com/downloads/details.aspx?familyid=671355c2-4002-4671-8619-95c96c8a897f&displaylang=en&tm The worldwide average was malware removal from 1 out of every 123 Windows-based computers in the second half of...

ALERT: Malvertizements at disney.fr

These criminals, whoever they are, have absolutely no shame. I thought that they were the scum of the earth when they impersonated Oxfam; now they are getting their malvertizements onto popular chidren's sites. As reported by Kimberley - the malvertizements...

ALERT: Adobe Flash Player SWF File Unspecified Remote Code Execution Vulnerability

Affected versions are 9.0.124.0 and 9.0.115.0. The best analysis that I've seen so far is at SecurityFocus: http://www.securityfocus.com/bid/29386/info The frightening thing about this alert is that the vulnerability is being actively exploited, with...

A new look dottunes malvertizement

A new style Dot Tunes advertisement: The adopstools results are here: http://www.adopstools.net/index.asp?page=quicklink&id=r60Siyiw02bZgpaa When the SWF is displayed on a system it hits the following URLs: traveltray.com/crossdomain.xml and traveltray...

I am NOT associated with bucksbill.com

Ok, there are a lot of people out there who are upset at being overcharged and defrauded by bucksbill.com. Just check out the comments here and here . Unfortunately, people are also emailing me directly because they (mistakenly) believe that I and/or...
More Posts Next page »