Security firm Imperva of Redwood Shores, Calif., found a unique way to gage the quality of the passwords that Web users select: they analyzed the 32 million passwords in the unencrypted file of passwords that miscreants stole from the servers of RockYou.com in December and posted on the Internet. RockYou creates and distributes entertainment widgets…
Now here’s an interesting turn of events. In the middle of all the attention to the “Operation Aurora” attacks, we’re now seeing new targeted attacks that are using this very event as the lure to get the targets to open a malicious attachment! Here’s the email we saw: The attachment Chinese cyberattack.pdf (md5: 238ecf8c0aee8bfd216cf3cad5d82448) is…
We just blogged about a highly targeted attack against military contractors. Now we saw one against the intelligence sector. This attack was done with a PDF file. Again. It was targetting the CVE-2009-4324 vulnerability. Again. When opened, the PDF file (md5: c3079303562d4672d6c3810f91235d9b) looked like this: What really happens in the background? Just like last time,…
Microsoft is releasing an out-of-band update for their IE vulnerability. Internet Explorer 6 is affected and is being actively exploited in the wild. The patch will be released on the 21st, today, see Microsoft’s Security Bulletin for additional details. Also in Microsoft news, Security Advisory (979682). There’s a vulnerability in Windows kernel privilege escalation. The…
Microsoft has said it will issue an out-of-band patch today for critical vulnerabilities in Internet Explorer that allow remote execution of code. The company said yesterday it would not wait until the February “Patch Tuesday” to fix the vulnerabilities. The much discussed “Aurora” vulnerabilities in IE have been held at least partially responsible for cyber…
Facebook recently rolled out new privacy settings that provides additional publishing controls. For example, Facebook users can now publish a photo to a selected list of friends. Clicking the “lock” icon opens the Custom Privacy settings. Once a photo is selected and the privacy options are set, the next step is to Share. As you…
A day after the disaster that struck the Caribbean nation of Haiti, Rogue perpetrators have once again been busy with their SEO poisoning schemes. Searching for terms related to this earthquake leads to a website that installs a Rogue into the system. It happens when an unsuspecting user searches for Haiti Earthquake details. Happily clicking…
GhostAntivirus is a new rogue anti-virus application. It is a clone of InternetAntivirusPro.
Notable highlights this month include the shift of the regions of message origin, and changes in the average size of spam messages. In recent months, APJ and South America have been taking the spam share away from the traditional leaders of North America and EMEA. However, North America and EMEA together sent 57 percent of…
Researchers at McAfee labs monitor Koobface activities 24/7 via custom honeypots and while reviewing one such update we noticed a variant that had debug/log features. Unlike the traditional captcha breaking technique to create new accounts, this variant of the worm converts the infected machine to a bot. When we analysed the malware trapped in our…