tag
Internet Storm Center

Support Scam Poll

Internet Storm Center is running a poll on Fake Tech Support Calls, also the topic of a paper for VB 2012.

SQL Injection Attack Alert

I've already mentioned this on the AVIEN blog, as it was an AVIEN member who first drew it to my attention, but a fairly dramatic SQL Injection attack has been flagged by the Internet Storm Center: it appears to resemble the lizamoon attack which was reported as affecting around a million sites earlier in the year.

Shady Business

We (AVIEN) devoted quite a lot of space to one Chinese operation, the NCPH group, in the “AVIEN Malware Defense Guide for the Enterprise”

Disaster Scams and Resources

I've added some commentary and resources on the Japan earthquake/tsunami disasters to an independent blog I maintain that specializes in hoaxes, scams and so forth, but here are a few of the same resources that aren't already included in my recent blogs here on the topic: Analysis from Kimberley at stopmalvertising.com: http://stopmalvertising.com/blackhat-seo/recent-japanese-earthquake-search-results-lead-to-fakeav.html Guy Bruneau at Internet

Yet more on Win32/Stuxnet

Our colleagues in Bratislava have issued a press release which focuses on the clustering of reports from the US and Iran, and also quotes Randy Abrams, whose follow-up blog also discusses the SCADA-related malware issue at length. The Internet Storm Center has, unusually, raised its Infocon level to yellow in order to raise awareness of

Phishing and Scamming: it’s a Taxing Occupation

SANS posted a story at the Internet Storm Center a couple of days ago that they were seeing fake email from the IRS. (Even I don't have time to read everything on the Internet relating to current information security issues.) The emails described try to kid the victim that they've under-reported or failed to report

Adobe, Javascript, and the CVE-2009-4324 Exploit

There has been quite a lot of traffic in the last few weeks about the doc.media.newPlayer vulnerability referenced in the CVE database as CVE-2009-4324. The following Adobe articles refer: http://www.adobe.com/support/security/advisories/apsa09-07.html http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html http://blogs.adobe.com/psirt/2009/12/security_advisory_apsa09-07_up.html Today's article at the Internet Storm Center by Bojan Zdrnja (http://isc.sans.org/diary.html?storyid=7867) gives a lot of detail on a particularly inventive exploit of the

Risk Report – Should Try Harder

SC Magazine has reminded me today of a new report on the top current security risks, jointly published by SANS, TippingPoint, who provided the attack data, and Qualys, who provided vulnerability data. With impressive modesty and finely-tuned understatement, Alan Paller of SANS describes it as the "best risk report ever". Well, with added analysis and educational

SMB2 zero-day

Some traffic has crossed my radar concerning a 0-day exploit that apparently enables a remote attacker to crash a Vista or Windows 7 system with SMB enabled (and according to subsequent reports, Server 2008). The original post and exploit are claimed to demonstrate the possibility of a Blue Screen Of Death (BSOD) and (normally) an automatic reboot when

Patchwork

I’ve been up to my ears in travelling and AMTSO and had limited connectivity over the last week, but even I noticed that a lot of patching issues have risen to the surface in the past few days. In case some of this has passed you by, here are a few of the more prominent

There’s a Trojan in my Fuse Box

Well, hopefully my power sockets are not leaking computer viruses and keyloggers, but who knows? Quite a few news outlets have picked up on a story in the Wall Street Journal claiming that spies from China and Russia have "penetrated the U.S. electrical grid". Scary… A little too scary and not enough detail to convince some

MS09-002 Exploits: Old Dogs, New Tricks?

A few days ago, I promised (threatened) to make some general points about biasing test results, but travel and other obligations have been getting in the way. I’ll get back to that very shortly, but in the meantime, I want to look at an issue with the latest round of Microsoft patches that I was

MD5/SSL: is the sky falling?

Lots of fuss about the paper presented at the Chaos Communication Congress in Berlin yesterday by Alexander Sotirov et al. The paper describes a proof-of-concept attack using a weakness in the MD5 cryptographic hash function to create a rogue Cerification Authority certificate using a hash collision (essentially, two messages with the same MD5 hash value).

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

1 article related to:
Hot Topic
01 May 2012
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.