I've already mentioned this on the AVIEN blog, as it was an AVIEN member who first drew it to my attention, but a fairly dramatic SQL Injection attack has been flagged by the Internet Storm Center: it appears to resemble the lizamoon attack which was reported as affecting around a million sites earlier in the year.
I've added some commentary and resources on the Japan earthquake/tsunami disasters to an independent blog I maintain that specializes in hoaxes, scams and so forth, but here are a few of the same resources that aren't already included in my recent blogs here on the topic: Analysis from Kimberley at stopmalvertising.com: http://stopmalvertising.com/blackhat-seo/recent-japanese-earthquake-search-results-lead-to-fakeav.html Guy Bruneau at Internet
Our colleagues in Bratislava have issued a press release which focuses on the clustering of reports from the US and Iran, and also quotes Randy Abrams, whose follow-up blog also discusses the SCADA-related malware issue at length. The Internet Storm Center has, unusually, raised its Infocon level to yellow in order to raise awareness of
SANS posted a story at the Internet Storm Center a couple of days ago that they were seeing fake email from the IRS. (Even I don't have time to read everything on the Internet relating to current information security issues.) The emails described try to kid the victim that they've under-reported or failed to report
There has been quite a lot of traffic in the last few weeks about the doc.media.newPlayer vulnerability referenced in the CVE database as CVE-2009-4324. The following Adobe articles refer: http://www.adobe.com/support/security/advisories/apsa09-07.html http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html http://blogs.adobe.com/psirt/2009/12/security_advisory_apsa09-07_up.html Today's article at the Internet Storm Center by Bojan Zdrnja (http://isc.sans.org/diary.html?storyid=7867) gives a lot of detail on a particularly inventive exploit of the
SC Magazine has reminded me today of a new report on the top current security risks, jointly published by SANS, TippingPoint, who provided the attack data, and Qualys, who provided vulnerability data. With impressive modesty and finely-tuned understatement, Alan Paller of SANS describes it as the "best risk report ever". Well, with added analysis and educational
Some traffic has crossed my radar concerning a 0-day exploit that apparently enables a remote attacker to crash a Vista or Windows 7 system with SMB enabled (and according to subsequent reports, Server 2008). The original post and exploit are claimed to demonstrate the possibility of a Blue Screen Of Death (BSOD) and (normally) an automatic reboot when