Posted 04/09/09 at 06:20:42 PM by Mark Edward Soper

If you've been worrying about computer security for awhile, you might remember when macro viruses in Microsoft Word and Excel files were at the top of the exploit list. These file formats, along with the omnipresent Adobe Reader PDF format, are once again among the biggest threat vectors being exploited by today's malware, according to a new report from the Microsoft Malware Protection Center. Fittingly, the full report and a condensed key findings version are available in either PDF or Microsoft's own XPS formats. These reports cover the July-December 2008 period.

Some key findings include:

• Scareware (which Microsoft calls "rogue security software") is on the rise, including the latest versions of our old friend  Antivirus XP.
• A slight reduction in unique vulnerability disclosures from 2007, but the High (most serious) category was larger in the second half of 2008 than in the first half of the year or the second half of 2007.
• Applications continue to be the biggest target (86.7%, with browsers at 8.8%, and operating systems at only 4.5%)

Join us after the jump for more highlights.

Read More

Posted 02/03/09 at 08:07:46 AM by Pulkit Chandna

After Obama’s website, black hats have now managed to sow the seeds of deceit in Google video search results. Security firm Trend Micro has discovered that that about 400,000 queries trigger Google Video search results that “have a single redirection point, and one that eventually leads to malware download and execution.” The black hats have been able to manipulate search results to their advantage using simple SEO techniques. For this purpose, they have reserved several domains and populated them with keywords.

According to Trend Micro, the malware executable, dubbed WORM_AQPLAY.A, proliferates using removable and network drives. The malware executable is disguised as an Adobe Flash installer. The malware only prompts the user to download the malicious Flash installer when he reaches one of the malefic video websites being run by the black hats.

Read More

Posted 01/27/09 at 08:53:23 AM by Pulkit Chandna

Online scammers have contrived an ingenuous way to ride Obama’s rampant wave of popularity. According to Websense Security Labs, certain unscrupulous elements have registered several accounts on my.barackobama.com, the social network on Obama’s website that affords all standard social networking features to users, including personal profiles, groups and blogs.

The charlatans created various accounts on the website and planted a hideous Youtube image with the message, “click here to see movie.” Users who click on the image mistaking it for a Youtube video are redirected instead to a website, which resembles Youtube, but appears to be fraught with pornographic content.

However, when a user proceeds to view one of the videos the website asks the user to download a missing video codec. In its stead is downloaded a Trojan. Further proof of Obama's widespread popularity.

Read More

Posted 01/27/09 at 08:40:36 AM by Pulkit Chandna

Leading jobs portal Monster.com has warned its users against a fresh instance of private information theft, which happens to be the second such case in the past 18 months. The security breach has not only tarnished its security record further but also dealt a heavy blow to the trust that users have posited in it.

It issued the warning on its website, in what appears to be a less-frequented section, and opted against directly contacting the users. The company began its statement by downplaying the security breach: “as is the case with many companies that maintain large databases of information, Monster is the target of illegal attempts to access and extract information from its database.”

It claims to have taken the necessary “corrective steps” immediately after discovering the security breach. It has asked users to reset their passwords on their own, though they will eventually be forced to make the change. The company says that the exposed data includes user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data. Resumes and sensitive data is said to be safe.

Monster.com has also advised users that they need to be more vigilant and watch out for specious emails claiming to be from the company.

Read More

Posted 01/09/09 at 06:12:25 PM by Pulkit Chandna

Internet shenanigans are keeping abreast with the latest developments around the world and using it to their advantage. An email doing the rounds around the internet hoodwinks the recipient into believing that it is from CNN. The clandestine email ostensibly contains a link to a “graphic” video of the ongoing Israel-Hamas conflict. However, it leads to a fake website that contains a Trojan that betrays the user’s sensitive data, according to the RSA.

The author of the phishing attack has tried to make the website as plausible as possible. Upon visiting the link, the user is greeted with a message asking him to update his Adobe Flash Player. If the user lends his countenance to the download, a Trojan is downloaded instead of the latest version of Flash

Read More

Posted 12/31/08 at 07:24:45 AM by Pulkit Chandna

Microsoft has gone on record to rebuff an alleged vulnerability in Windows Media Player that could facilitate remote code execution. The company said that it found all such reports regarding a WMP vulnerability to be false.

The reports of the vulnerability first surfaced after researcher Laurent Gaffie detailed the alleged threat and furnished the proof-of-concept code to make his case. Gaffie’s decision to go public with his findings without informing Microsoft hasn’t gone down well with the company.

After investigating the claims Microsoft acknowledged, in a blog post, that the proof-of-concept code does force WMP to crash but it can not be used for remote code execution.

Read More

Posted 12/30/08 at 08:08:15 AM by Pulkit Chandna

It is common knowledge that smartphones are fast emerging as a dainty prey for malware proliferators. But a recent press release by IT security firm ESET, which spelled out some of the potential threats in 2009, might have iPhone and Android users worried in particular.

ESET warned in the press release that it expects both the iPhone and Android to become more vulnerable to malware. The company also expects both the smartphone platforms to fall prey to mobile browser exploits that might target their WebKit-based browsers.

The security firm has prognosticated an increase in fake antivirus extortion in 2009. “Some of the major antivirus companies have seen their websites spoofed over the last couple of months,” according to David Harley, Director of Malware Intelligence at ESET. The real threat lies in the fact that internet charlatans are leaving no stone turned in their bid to appear as credible as possible.

Read More

Posted 12/29/08 at 02:26:42 PM by Pulkit Chandna

An anonymous blackhat hacker is unabashedly exploiting an unattended vulnerability in URL redirect notifications to redirect internet users to malicious websites. As most websites, including the major ones, merely issue a notification to users that they are being redirected to another URL without scrutinizing that particular website, users remain sitting ducks to such attacks.

The nefarious attacker has gone a step further by employing SEO techniques to increase the standing of his spyware-bearing websites with search engines. Security analyst Gary Warner says that the threat can be rooted out, if redirects are tempered to only accept referrals from verified websites. However, he expects the threat to persist due to regulatory inaction.

Read More