07-04-2008 20:17
Social Engineering Watch: Happy Fourth of July
Security analysts mark a secret social events calendar in their heads for good reason. Malware writers have been known to launch offensives using timely celebratory-themed email messages to get users to click on links or open files. Nifty social engineering tricks like these also effectively distract users from the real action: Trojans getting a foot in the door (of target PCs). Independence Day, which is a day of fireworks, floats, picnics and summery festivals for the United States, is no d >>
Kompletan tekst: trendmicro
07-09-2008 10:59
Fake Bebo Profiles Spam Early, Spam Often
Bebo (”Blog Early, Blog Often”), a social networking site widely used in the US and the UK, is being used by spammers as a new avenue to reach more users. Spammers create Bebo accounts and use their profile page for spam advertisement purposes, Websense first reported. Trend Micro Content Security confirms that this is the first time this particular social networking site was used in this manner in relation to spam.
Figure 1. Sample spam message containing Beb >>
Kompletan tekst: trendmicro
07-09-2008 20:04
Let the Games Begin
While China is bracing for the 2008 Summer Olympics that it will be hosting in the capital of Beijing from August 8 to August 24, 2008, malware authors are now also busy mounting attacks that play on this quadrennial sporting event.
Reports have surfaced about a zero-day MS Word vulnerability affecting Microsoft Word 2000, 2002, and 2003. It is said to affect even patched versions of the popular word-processing application on certain MS Office versions. When exploited, the unspecified >>
Kompletan tekst: trendmicro
07-09-2008 15:04
July Patch Tuesday Release
It’s Patch Tuesday once again and for this month, Microsoft released four important security bulletins to address nine vulnerabilities.
Microsoft Security Bulletin MS08-037
Vulnerabilities in DNS Could Allow Spoofing (953230)
Microsoft Security Bulletin MS08-038
Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
Microsoft Security Bulletin MS08-039
Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevatio >>
Kompletan tekst: trendmicro
07-11-2008 15:12
June Malware Roundup
May’s series of Web site compromises were replaced with spam and spoofed sites last June. Users were also served with a bigger serving of spam with a malware aftertaste, as many of the malware that emerged this month used were distributed through spam links.
Notable Malware
TROJ_PIDIEF.AC
This malware, which could be downloaded from a malicious URL, was revealed to have the capability to exploit an unknown vulnerability in Adobe Acrobat. When exploited >>
Kompletan tekst: trendmicro
07-09-2008 15:09
Hackers Recruit Jobseekers as Victims
The increase in attacks targeting job hunters calls for more security measures for both of job recruitment sites owners and job seekers alike, especially on the disclosure and access of information being posted by job seekers.
A service involving a tool that scours through popular US job recruitment sites to harvest jobseekers’ information right from their curriculum vitas (CV) is currently being offered by the Russian gang, Phreak, TheRegister reports.
The tool uses a >>
Kompletan tekst: trendmicro
07-14-2008 14:58
Roswell Victims Spill Beans on the Beijing Olympics?
Striking email subjects get the job done. Well, given another spamming operation that uses popular personalities and events, that seems to be the case. Using a variety of subject-body combinations (a lot of which are totally unrelated to each other!), these spammed messages again appeal to the curious mind, offering a link in the email body that would seem to provide more details.
TrendLabs’ Joey Costoya says these messages lead users to an r.html Web page that also poses as a Porntu >>
Kompletan tekst: trendmicro
|
[1] 2 3 4 5 ... | 
|
