Tuesday, June 3rd, 2008
Trend Micro Monday announced a line of desktop and server security products intended for small to midsize businesses.
Worry-Free Business Security 5.0 represents a re-branding of Trend's SMB client/server messaging security product line plus upgrades that integrate features such as behavior-based antimalware monitoring and an option for in-the-cloud Web security services ...
Posted in Internet, Security, Software | No Comments
Monday, June 2nd, 2008
If you own or work at a small to mid-sized business, and are presented with an error message about data synchronization or site maintenance when trying to access your company's bank account online, you might want to give the bank a call: A criminal group that specializes in deploying malicious ...
Posted in Internet, Privacy, Security | No Comments
Sunday, June 1st, 2008
XSS (Cross-Site Scripting) Very Much Alive and Kicking
We were about to investigate further on malicious activities related to banner82(dot)com/b.js but the URL was already inaccessible around Tuesday. Soon enough the malicious script in www(dot)adw95(dot)com caught our interest. A rough survey of the sites compromised by this script reveal that the ...
Posted in Coding, Internet, Security | No Comments
Friday, May 30th, 2008
Microsoft on Friday said it is investigating reports of "a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple's Safari Web browser has been installed."An attacker could exploit the vulnerability by tricking a user into visiting a maliciously crafted Web ...
Posted in Internet, Security, Software, Windows | No Comments
Friday, May 30th, 2008
Students at the Ruhr University of Bochum, Germany, say they have found a way to steal security tokens in Microsoft's new CardSpace authentication framework. Attackers can apparently get access to protected, encrypted user data – such as passwords, credit card numbers, and delivery addresses – when they are transmitted. ...
Posted in Security, Windows | No Comments
Friday, May 30th, 2008
The computer attackers who took down Comcast's homepage and webmail service for over five hours Thursday say they didn't know what they were getting themselves into.
In an hour-long telephone conference call with Threat Level, the hackers known as "Defiant" and "EBK" expressed astonishment over the attention their DNS hijacking has ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, May 28th, 2008
Mass SQL injection attack, take four: Yet another wave of SQL injection attacks is exploiting an Adobe Flash vulnerability that appears to be coming from the same series of attacks originating from China.
The intent, as in previous attacks, has been to steal online gamers’ password credentials. But given the persistence ...
Posted in Internet, Security | No Comments
Tuesday, May 27th, 2008
An unpatched bug in Adobe Systems' Flash Player software is being exploited by online criminals, Symantec reported Monday.
Few details on the bug are available, but the flaw lies in the latest version of the Adobe Flash Player browser plugin, which is widely used by Internet surfers to view animated Web ...
Posted in Coding, Internet, Security, Software | No Comments
Monday, May 26th, 2008
Pretty cool video doing a local physical attack against a Vista Box.
http://www.offensive-security.com/movies/vistahack/vistahack.html
McGrew Security Blog pointed me to it:
"he demonstrates a quick and easy way of obtaining SYSTEM privileges on a Vista system, given physical access to the machine. In the video, he uses BackTrack to replace Utilman.exe with a copy ...
Posted in Hardware, Security, Windows | No Comments
Friday, May 23rd, 2008
A researcher has spotted a security problem in Facebook that could lead to hackers taking control of user accounts.
The flaw allows a hacker to execute scripts on Facebook that could potentially be used to create a fake log-in page and capture people's passwords, according to the XSSED security blog. The ...
Posted in Coding, Internet, Privacy, Security | No Comments
