February 5th, 2010

Mozilla Firefox hit by malware add-ons

Posted by Ryan Naraine @ 8:20 am

Categories: Anti Virus, Browsers, Data theft, Exploit code, Firefox, Malware, Microsoft, Mozilla, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research

Tags: Mozilla Firefox, Trojan Horse, Malware, Mozilla Corp., Add-on, Spyware, Adware & Malware, Cyberthreats, Spyware, Viruses And Worms, Security

Mozilla says a pair of malicious Firefox add-ons slipped by its security checks and infected approximately 4,600 Windows computers over the last five months.

The browser add-ons, described my Mozilla as “experimental,”  contained a Trojan horse that executed when Firefox started and infected the host computer.

Read the rest of this entry »

January 27th, 2010

Report: 48% of 22 million scanned computers infected with malware

Posted by Dancho Danchev @ 2:42 pm

Categories: Anti Virus, Botnets, Browsers, Data theft, Hackers, Malware, Passwords, Rootkits, Spyware and Adware, Viruses and Worms

Tags: Bank, Fraudster, Malware, Authentication, Spyware, Adware & Malware, Cyberthreats, Security, Dancho Danchev

The recently released APWG Phishing Activity Trends Report for Q3 of 2009, details record highs in multiple phishing vectors, but also offers an interesting observation on desktop crimeware infections.

According to the report, the overall number of infected computers (page 10) used in the sample decreased compared to previous quarters, however, 48.35% of the 22,754,847 scanned computers remain infected with malware.

And despite that the crimeware/banking trojans infections slightly decreased from Q2, over a million and a half computers were infected.

More details:

Read the rest of this entry »

January 22nd, 2010

RealPlayer haunted by 11 critical vulnerabilities

Posted by Ryan Naraine @ 10:41 am

Categories: Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Digital rights management, Exploit code, Hackers, Malware, Patch Watch, Spyware and Adware, Viruses and Worms

Tags: Critical Vulnerability, Code, Buffer-overflow, RealNetworks RealPlayer, Error, Interactive Voice Response (IVR), Digital Music, Digital Media, Viruses And Worms, Security

A quick heads-up to any computer users out with RealPlayer installed:  There are at least 11 critical vulnerabilities that expose Windows, Mac and Linux users to malicious hacker attacks.

RealNetworks released an advisory to warn of the vulnerabilities, which could be exploited via rigged image and media files to launch remote code execution attacks.

Read the rest of this entry »

January 19th, 2010

Microsoft readies emergency IE patch to counter public exploits

Posted by Ryan Naraine @ 5:26 am

Categories: Adobe, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Google, Governments, Hackers, Malware, Microsoft, Patch Watch, People's Republic of China, Responsible disclosure, Spyware and Adware, Vulnerability research, Windows Vista, Zero-day attacks

Tags: Vulnerability, Microsoft Internet Explorer 6, Exploit Code, Microsoft Internet Explorer, Microsoft Corp., Exploit, Data Execution Prevention, Attack, Web Browsers, Security

UPDATE: Here is the official confirmation from Microsoft that an out-of-band patch is coming.  No official date yet.

Microsoft has started dropping broad hints that an emergency patch for Internet Explorer will be released very soon to counter targeted attacks and the publication of exploit code for a “browse and you’re owned” vulnerability in its flagship Web browser.

The out-of-band update will be released once the company is satisfied that it has been properly tested against all affected versions of Windows.  This could happen as early as this weekend. Read the rest of this entry »

January 6th, 2010

Researcher exposes Google spyware connections

Posted by Ryan Naraine @ 11:06 am

Categories: Browsers, Malware, Passwords, Phishing, Spam and Phishing, Spyware and Adware

Tags: Google Inc., Advertisement, Continental Airlines Inc., Ben Edelman, Spyware, WhenU, Advertiser, Advertising & Promotion, Travel, Marketing

A prominent anti-spyware researcher is calling on Google to sever its ties with an advertising partner that covers popular sites with pop-up PPC advertisements promoting those same sites.

According to Ben Edelman, an assistant professor at the Harvard Business School and a staunch anti-spyware advocate, Google is charging advertisers for what he described as “conversion-inflation” traffic from the WhenU spyware program.

Read the rest of this entry »

December 8th, 2009

Patch Tuesday: Microsoft plugs IE 'drive-by download' security holes

Posted by Ryan Naraine @ 12:50 pm

Categories: Arbitrary Code Execution, Browsers, Denial of Service (DoS), Exploit code, Microsoft, Patch Watch, Responsible disclosure, Spam and Phishing, Spyware and Adware, Vulnerability research, Windows Vista, Zero-day attacks

Tags: Attacker, Vulnerability, Microsoft Windows, Microsoft Internet Explorer, Microsoft Corp., Security, Ryan Naraine

Microsoft today shipped six bulletins with patches for a total of 12 documented security vulnerabilities in a wide range of widely deployed software products.  Three of the six bulletins are rated “critical,” Microsoft’s highest severity rating.

The most serious issues affect the company’s Internet Explorer browser, including the newest IE 8 on Windows 7. Read the rest of this entry »

November 12th, 2009

Microsoft bracing for malware attacks from embedded fonts

Posted by Ryan Naraine @ 11:16 am

Categories: Arbitrary Code Execution, Botnets, Browsers, Denial of Service (DoS), Exploit code, Metasploit, Microsoft, Passwords, Patch Watch, Responsible disclosure, Spam and Phishing, Spyware and Adware

Tags: Malware, Microsoft Internet Explorer, Microsoft Corp., Attack Vector, Font, Attack, Metasploit, Microsoft Windows, Security, Operating Systems

Heads up to all Microsoft Windows users: If you’re running Windows 2000, Windows XP or Windows Server 2003, stop what you’re doing and immediately download and apply the MS09-065 update released earlier this week.

Security researchers say it’s only a matter of time — days not weeks — before malicious hackers start exploiting one of the vulnerabilities via booby-trapped Web pages or Office (Word or PowerPoint) documents.

Read the rest of this entry »

November 11th, 2009

Apple Safari exposes Windows to drive-by download attacks

Posted by Ryan Naraine @ 1:37 pm

Categories: Apple, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Malware, Microsoft, Passwords, Patch Watch, Pen testing, Responsible disclosure, Spyware and Adware, Vulnerability research

Tags: Apple Macintosh, Apple Safari, Microsoft Windows XP, Microsoft Windows Vista, Apple Inc., Attack, WebKit, Microsoft Windows, Apple Mac OS X, Apple Mac OS

Apple today shipped Safari 4.0.4 to fix a total of seven security flaws that expose Windows and Mac users to a wide range of malicious hacker attacks.

The high-priority update patches vulnerabilities that allow remote code execution (drive-by downloads) if a user simply surfs to a maliciously rigged Web site.  Some of the issues affect Microsoft’s new Windows 7 operating system.
Read the rest of this entry »

November 10th, 2009

Commercial spying app for Android devices released

Posted by Dancho Danchev @ 2:07 pm

Categories: Anti Virus, Browsers, Hackers, Malware, Mobile (In)Security, Passwords, Privacy, Spyware and Adware

Tags: Mobile, Malware, Mobile Malware, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Dancho Danchev

A well known commercial provider of spyware applications for numerous mobile platforms, has recently ported its Mobile Spy app to the Android mobile OS.

Just like previous releases of the application, the Android version keeps a detailed log of GPS locations, calls, visited URLs, and incoming/outgoing SMS messages, available at the disposal of the attacker who installed it manually by obtaining physical access to the targeted device.

More details:

Read the rest of this entry »

November 10th, 2009

Major online ad site hacked, serving up exploit cocktail

Posted by Ryan Naraine @ 9:55 am

Categories: Adobe, Anti Virus, Arbitrary Code Execution, Browsers, Data theft, Exploit code, Flash, Patch Watch, Responsible disclosure, Spam and Phishing, Spyware and Adware

Tags: Websense Inc., Microsoft Corp., Exploit, Online Advertising, Security, Viruses And Worms, Databases, Enterprise Software, Software, Data Management

A high-profile online advertising Web site has been hacked and rigged to serve multiple exploits to Microsoft Windows users surfing the net with unpatched third party desktop software.

According to a warning issued by Websense Security Labs, the malicious code was found on media-servers.net, which is described as a high-profile advertiser on the Internet realm.  The site has been firing an assortment of exploits for several months, including exploits for vulnerabilities in Microsoft DirectShow and Adobe PDF Reader. Read the rest of this entry »