Monday, June 2nd, 2008
If you own or work at a small to mid-sized business, and are presented with an error message about data synchronization or site maintenance when trying to access your company's bank account online, you might want to give the bank a call: A criminal group that specializes in deploying malicious ...
Posted in Internet, Privacy, Security | No Comments
Monday, June 2nd, 2008
An OECD study into online crime says that increased activity by cyber criminals has left an estimated one-in-four US computers infected with malware.
The report, entitled Malicious Software (malware): a Security Threat to the Internet Economy, gives an impression of two worlds engaged in an uneven war of virus invasion and ...
Posted in Internet, Security | No Comments
Sunday, June 1st, 2008
Even though Patch Tuesday is still two weeks from now, crimeware authors are already sending out fake Microsoft “critical updates.” The TrendLabs Content Security Team recently found a hoax purporting to be from Microsoft that urges users to update their computers due to a “critical security issue”.
The email, which has ...
Posted in General BS, Privacy, Security | No Comments
Sunday, June 1st, 2008
XSS (Cross-Site Scripting) Very Much Alive and Kicking
We were about to investigate further on malicious activities related to banner82(dot)com/b.js but the URL was already inaccessible around Tuesday. Soon enough the malicious script in www(dot)adw95(dot)com caught our interest. A rough survey of the sites compromised by this script reveal that the ...
Posted in Coding, Internet, Security | No Comments
Sunday, June 1st, 2008
The videos from ShmooCon 2008 have hit the shelves. Go download them at:
http://www.shmoocon.org/2008/videos/
EDIT: As of the time of this post, some of the videos are incorrectly named. Here is the 1-> 1:
Correctly Named:
21st Century Shellcode for Solaris
Advanced Protocol Fuzzing - What We Learned when Bringing Layer2 Logic to SPIKE land
Backtrack ...
Posted in General BS, Security | No Comments
Sunday, June 1st, 2008
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of ...
Posted in Coding, Internet, Linux, Privacy, Security, Software | No Comments
Friday, May 30th, 2008
Microsoft on Friday said it is investigating reports of "a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple's Safari Web browser has been installed."An attacker could exploit the vulnerability by tricking a user into visiting a maliciously crafted Web ...
Posted in Internet, Security, Software, Windows | No Comments
Friday, May 30th, 2008
A wiry young man with his head shaved and wearing a tank top points a handgun straight at the camera in a disturbing YouTube video. The man wears what appears to be a wedding ring, and he gazes vacantly away from the viewer.
Though it's an odd image for an advertisement, ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, May 28th, 2008
To use an Internet-connected computer is to be insecure and place your privacy in danger. Spyware, viruses, Trojans and assorted malware are everywhere on the Net, trying to hop onto your PC and cause damage. Snoopers want to get at your personal information for nefarious purposes, such as identity theft.
Operating ...
Posted in Security, Windows | No Comments
Tuesday, May 27th, 2008
Last Thursday at the EUSecwest conference, security researcher Sebastian Muniz of Core Security Technologies demonstrated a proof-of-concept rootkit for Cisco's IOS router operating system.A root kit consists of one or several related applications designed to give the program user root or administrator privileges on a given computer, whether or not ...
Posted in Hardware, Networking, Security | No Comments
