Computer / Internet Security
- Movie files run in QuickTime Player trigger malware download30 July 2010, 4:02 pm
Specifically crafted .mov files trigger the download of malware masquerading as a codec update and an installation file for another player when run in the latest (7.6.6) version of QuickTime Player, T...... - How to clean up a firewall rulebase30 July 2010, 3:14 pm
Over time, firewall rule bases tend to become large and complicated. They often include rules that are either partially or completely unused, expired or shadowed. The problem gets worse if there have ...... - Security pros say serious mobile device and social network breaches are rare30 July 2010, 9:46 am
RSA Conference released the results of its recent survey of security professionals regarding issues like cloud computing, mobile devices and social networking. The final study includes responses from ...... - Free online SSL test for web sites30 July 2010, 8:42 am
Qualys announced a free online SSL test for web sites at Qualys SSL Labs, which examines a web site’s SSL certificate chain to ensure it is trusted and serves as a good security foundation for communi...... - Android wallpaper app stealing user data and sending it to China29 July 2010, 8:04 pm
The revelation that an application for Android that is being sold on Google's Android Market is sending out information regarding your phone (SIM card number, subscriber identification, voicemail pass...... - Black Hat USA 2010: A recession proof conference?29 July 2010, 7:35 pm
Black Hat, one of the world's premier information security events, opened its doors this week in sunny Las Vegas, Nevada. The conference features ten tracks covering a wide range of topics. It's be...... - Apple improves App Store security29 July 2010, 3:32 pm
Following the recent hacking of its App Store, Apple instituted a new security measure that should prevent hijackers of accounts from purchasing anything from the store. The Different District blo...... - ATMs hacked and spitting up money at Black Hat29 July 2010, 2:25 pm
Delivering on his promise, security researcher Barnaby Jack has managed to make two unpatched ATMs from two major vendors spit out cash during his demonstration at the Black Hat conference in Las Vega...... - Trojan masquerades as iPhone jailbreaking software29 July 2010, 12:52 pm
An email campaigned targeting iPhone users who might want to jailbreak their device has been detected by BitDefender. Only a couple of days after U.S. federal regulators decided and announced that...... - Authentication management platform for any and every authentication factor29 July 2010, 11:42 am
" border="0" align="left" vspace="5" hspace="5">Hitachi ID Systems has released Password Manager 7.0, an authentication management platform able to manage any and every authentication factor employed ......
- Social-engineering contest reveals secret BP info31 July 2010, 2:29 am
Hacking human gullibility at Defcon Defcon A hacker competition that challenges contestants to trick employees of large companies into divulging potentially sensitive information aims to show how human gullibility is the biggest security vulnerability of all. During its first day at the Defcon hacker contest in Las Vegas, it had clearly achieved its goal.…... - MS preps emergency patch for Windows shortcut peril30 July 2010, 7:27 pm
Attacks on rise Warning of an uptick in attacks, Microsoft plans to issue an emergency update to patch a critical Windows vulnerability that hackers are exploiting to seize control of PCs.…... - Futurologist defends 'malevolent dust' warning30 July 2010, 3:59 pm
Dust up over supposed evil particles A futurologist has defended his controversial warning that "smart dust" is liable to become a future information stealing threat.…... - Delegate hacks into Black Hat streaming video30 July 2010, 2:08 pm
What happens in Vegas... Security shortcomings in Black Hat's newly established streaming media service allowed a security consultant to hack into the system and see presentations for free.…... - Cyber Security Challenge winner announced30 July 2010, 1:07 pm
Quickest crypto off the mark The UK's Cyber Security Challenge has announced the winner of its prologue crypto puzzle, as well as the solution - for anyone still struggling to find an answer.… Free On-Demand Webcast - Virtualizing the Hard Stuff... - UK.gov sticks to IE 6 cos it's more 'cost effective', innit30 July 2010, 12:23 pm
Stunned web developers die a little inside Computers in Whitehall will largely continue to run Microsoft’s Internet Explorer 6, which will make web coders spit out their cheese‘n’pickle sarnies this lunchtime.…... - Fake Firefox update used to sling scareware30 July 2010, 10:23 am
Watch where you click Online con artists have developed a strain of scareware that poses as a Firefox update.…... - Beware the blizzard of torrents of Starcraft 230 July 2010, 9:36 am
Expense accounts Starcraft 2 was released this week and at the hefty RRP of £45. Many games sites are hopping mad at this, although typically retailers are selling Blizzard's strategy game at £10 less than RRP.…... - 'Suspicious' Android wallpaper app nabs user data29 July 2010, 11:32 pm
Up to 4 million downloads An Android wallpaper application that collected data from users' phones and uploaded it to a site in China was downloaded "millions of times", according to mobile security firm Lookout.…... - Data for 100m Facebook accounts published to BitTorrent29 July 2010, 10:59 pm
Forever is a mighty long time Underscoring the permanence of data published on the internet, a security researcher has compiled the names and URLs of more than 100 million Facebook users and made them available as a BitTorrent download.…...
- The H Week - Linux 2.6.35 approaches, GNOME 3 delayed31 July 2010, 11:04 am
Leading up to the arrival of version 2.6.35 of the Linux kernel, The H published the final two parts of the Coming in 2.6.35 series, GNOME 3 was been delayed until March of 2011 and Oracle shut down PostgreSQL test servers. Anti-virus makers offered protection against LNK malware, 170 million Facebook data sets were collected and a hole in WPA2 was discovered...
- Microsoft to release LNK patch on Monday30 July 2010, 5:49 pm
Microsoft will be releasing an out of band update to Windows to address the LNK vulnerability which exploits malformed shortcut icons... - GNOME Census: Who writes GNOME?30 July 2010, 1:50 pm
Community relations and free software strategy specialist Nearly Consulting has published the results of its GNOME Census analysing developer participation in the GNOME project and looking for patterns within the project itself... - openSUSE 11.3 LiveCD with MeeGo desktop30 July 2010, 1:09 pm
Developer Andrew Wafaa has created a LiveCD of openSUSE with the MeeGo desktop at its current state of integration and made it available to download for interested users... - The H Community Calendar - August 201030 July 2010, 12:50 pm
The H Community Calendar presents the coming month's events in various open source, development, Linux, Unix and other communities, from multi-day conferences to user group get-togethers... - Dell release OpenManage Server Administrator for Ubuntu30 July 2010, 10:29 am
Canonical has donated engineering time to get the Dell server administration tool natively packaged for Ubuntu 9.10... - Vulnerability-Oscars awarded30 July 2010, 10:19 am
The Pwnie Awards 2010 have honoured the discoverers of distinguished vulnerabilities and given the "Most Epic FAIL" award to Microsoft... - Dell release Open Manage Server Administrator for Ubuntu30 July 2010, 10:00 am
Canonical has donated engineering time to get the Dell server administration tool natively packaged for Ubuntu 9.10... - Mozilla updates Firefox Home & Firefox Sync30 July 2010, 9:28 am
Mozilla has released maintenance updates for its Firefox Home iPhone application and the Firefox Sync add-on, addressing in each the top three problems reported by users... - Mobile apps phone home30 July 2010, 9:19 am
At the Black Hat Conference, security experts warn that numerous smartphone applications send more sensitive data to third parties than users realise. Millions of users have reportedly already fallen victim to a popular malware app...
- Banks and law enforcement discuss cyberrobbers’ attack methods30 July 2010, 4:22 pm
Banks are getting a bit more transparent about the scale and scope at which online banking accounts for consumers and small businesses are being deluged by cyberroberies. My page 1A story in today’s print editions of USA TODAY lays out why consumers are facing a risking risk of having their online banking account cleaned out by [...]... - Banks require your help to keep online banking safe30 July 2010, 6:13 am
By Byron Acohido Published July 30, 2010, USA TODAY print editions, P1A For generations, U.S. consumers have relied on banks to bear the primary responsibility for keeping their hard-earned cash deposits out of the hands of thieves. Now, banks want consumers to share the load. About 80% of U.S. households have come to do their banking over the [...]... - Cybercriminals having easy time breaching corporate networks28 July 2010, 6:19 pm
LAS VEGAS — Verizon today issued its annual Data Breach Investigation Report, timed for the opening day of the giant Black Hat cybersecurity convention here in the Nevada dessert. It’s not widely known that the telecom giant is home to a crack cybersecurity forensics team. Over the past half dozen or so years, Verizon’s cybersleuths have [...]... - Check fraudsters target job seekers with slick money mule cash checking offer28 July 2010, 5:05 pm
LAS VEGAS — A slick, new e-mail scam is putting well-intentioned job seekers at risk of losing $3,000 — and being arrested for check fraud, an investigator revealed at the Black Hat security conference Wednesday. A cybercriminal gang based in Russia is sending e-mail directly to thousands of job seekers who’ve posted resumes on popular job [...]... - Kill switch quandry: should president have power to turn off Internet26 July 2010, 9:29 pm
Last year Senators Jay Rockefeller and Olympia Snowe stirred up a bi-partisan ruckus by proposing to give the U.S. president the authority to shut down all or portions of the Internet in the event of an emergency. The so-called Internet “kill switch” may — or may not — be part of the currently proposed [...]... - Study shows corporations losing millions in each cyberattack26 July 2010, 6:58 pm
Thought-provoking results of a first-of-its kind study released today by the Ponemon Institute, sponsored by cyberrisk management firm ArcSight, quantifies how much cybercrime is costing companies. The giant Black Hat cybersecurity and always-edgy Def Con hackers’ conference take place in Las Vegas this week. Good timing for these results. Ponemon surveyed security pros in 45 U.S. organizations [...]... - Advocacy group calls for Congressional hearings on Google spying20 July 2010, 7:25 pm
The Washington Post’s Top Secret America investigation about the vast scale and scope of U.S. government top-secret work, published this week, has shed light on some troubling government alliances with giant corporations to potentially spy on individual citizens. The Post identified 1,931 companies engaged in top-secret work for the government, including search giant Google. Citing revelations [...]... - Larcenous, careless, curious employees are major source of data breaches17 July 2010, 12:45 am
Identity management firm Cyber-Ark Software recently released results of its fourth annual “Trust, Security and Passwords” global survey of more than 400 senior IT professionals in the United States and the United Kingdom, mainly from large corporations. In this LastWatchdog guest blog post, Adam Bosnian, Executive Vice President Americas and Corporate Development, expounds [...]... - New cybersecurity bachelor’s, master’s degrees designed to fill workforce need16 July 2010, 10:19 pm
The University of Maryland University College is reporting robust response to a first-of-its kind cybersecurity bachelor’s and master’s academic degree program, set to commence this fall. “The workforce shortages in this field are at a critical stage,” says Dr. Susan Aldridge, UMUC president. “We have a unique opportunity to provide an [...]... - AV vendor ESET lauded for fostering cybersecurity partnerships16 July 2010, 5:42 pm
President Obama this week praised San Diego-based antivirus vendor ESET for its Securing Our eCity program, citing it as an example of how local-level partnerships between the private and public sectors can boost cybersecurity. ESET was awarded “Best Local/Community Plan” as part of the Department of Homeland Security’s National Cybersecurity Awareness Challenge. Speaking at the [...]...
- Google tops comparative review of malicious search results30 July 2010, 6:35 pm
A two-month study by Barracuda Labs, reviewing more than 25,000 trending topics and 5.5 million search results, names Google as the most popular search engine used by malicious attackers relying on poisoned keywords.... - Hacker breaks into ATMs, dispenses cash remotely29 July 2010, 12:18 am
Using home-brewed software tools and exploiting a gaping security hole in the authentication mechanism used to update the firmware on automated teller machines (ATMs), a security researcher hacked into ATMs made by Triton and Tranax and planted a rootkit that dispensed cash on demand.... - Apple patches Safari Auto-Fill security hole28 July 2010, 7:30 pm
Apple has shipped a major Safari browser update to fix 15 documented security holes, including a known flaw in the browser’s AutoFill Web Forms feature that can be hacked to steal data from the computerâs address book.... - Microsoft ships anti-exploit tool for IT admins28 July 2010, 7:07 pm
The tool, called Enhanced Mitigation Experience Toolkit (EMET) works by applying security mitigation technologies to arbitrary applications to block against exploitation through common attack vectors.... - Middle East countries: the BlackBerry is a national security threat28 July 2010, 6:29 pm
The United Arab Emirates (UAE) has described RIM’s device as a threat posing “serious social, judicial and national security repercussions” due to the country’s inability to successfully eavesdrop on users, and the fact that transmitted data is stored offshore. Does the BlackBerry really pose a threat to national security?... - Adobe joins Microsoft's vulnerability-sharing club28 July 2010, 6:18 pm
Adobe will give anti-virus, intrusion prevention/detection and corporate network security vendors a headstart to add signatures and filters to protect against security flaws in its widely deployed product suites.... - Microsoft at Black Hat: Community-based defense in force28 July 2010, 3:30 pm
Microsoft’s Matt Thomlinson argues that community-based defense is important to fight cybercrime and stay ahead of malicious hacker attacks.... - Google plugs 'high risk' Chrome security holes27 July 2010, 9:19 pm
Google has shipped a new version of its Chrome browser to fix three high-risk security holes that expose web surfers to malicious hacker attacks.... - Indefinite vulnerability secrecy hurts us all27 July 2010, 5:17 pm
Michal Zalewski: Indefinite vulnerability secrecy hurts us all by removing all real incentives for improvement, and giving very little real security in return.... - Microsoft: No plans to pay for security vulnerabilities23 July 2010, 3:47 pm
A Microsoft security official dismissed any suggestion that the company would start buying rights to security flaws, arguing that its current system of crediting hackers in security bulletins is working very well....
- Microsoft to Issue Emergency Patch for Critical Windows Flaw31 July 2010, 4:07 am
Microsoft will issue an out-of-band patch on Monday for a critical vulnerability in all of the current versions of Windows. The company didn't identify which flaw it will be patching, but the description of the vulnerability is a close match to the LNK flaw that attackers have been exploiting for several weeks now, most notably with the Stuxnet malware.Shorten URL: http://threatpost.com/en_us/crL. Click to copy to clipboard or post to Twitter... - RSA Survey Finds Mobile Device Breaches Rare30 July 2010, 3:49 pm
Most respondents in a recently released RSA study (93.2%) answered “Yes” when asked if allowing employees to connect their personal mobile devices to the corporate network poses a security threat to their organization, but only 1.8% reported a “serious incident” as a result of an employee’s mobile device use. Read the full article. [Help Net Security]Shorten URL: http://threatpost.com/en_us/crm. Click to copy to clipboard or post to Twitter... - Video Streaming Feed at Black Hat Hacked30 July 2010, 1:49 pm
A security expert found a way to catch the talks at Black Hat for free, thanks to bugs in the video streaming service used by the security conference. Read the full article. [IDG News Service]Shorten URL: http://threatpost.com/en_us/crR. Click to copy to clipboard or post to Twitter... - Location-Based Encryption Is A Quantum Reality30 July 2010, 1:41 pm
A research group led by computer scientists at the UCLA Henry Samueli School of Engineering and Applied Science has proved that cryptography -- the practice and study of hiding information -- that is based solely on physical location is possible by using quantum mechanics. Such a method, the researchers say, allows one to encrypt and decrypt data at a secure location without pre-sharing any cryptographic keys that can be used to lock or unlock sensitive information. Read the full article. [... - Hackers Increasingly Look For Configuration Errors30 July 2010, 1:29 pm
Hackers appear to be increasingly counting on configuration problems and programming errors rather than software vulnerabilities in order to steal information from computer systems, according to a new study based on U.S. Secret Service investigations. Read the full article. [IDG News Service]Shorten URL: http://threatpost.com/en_us/crX. Click to copy to clipboard or post to Twitter... - Researcher Reveals Major SSL and Browser Flaws29 July 2010, 6:11 pm
LAS VEGAS--A security researcher has found a slew of fundamental problems with the way that modern browsers are designed and built, leading to serious questions about the security of these applications and the way that they handle SSL sessions. Shorten URL: http://threatpost.com/en_us/c1S. Click to copy to clipboard or post to Twitter... - It's Official: DNSSEC Fully Updated29 July 2010, 5:31 pm
Two years after a major flaw was exposed in the Internet's Domain Name System (DNS), a major upgrade to the infrastructure protocol that fixes that weakness is now up and running in all of the Internet root servers. Read the full article. [Dark Reading] Shorten URL: http://threatpost.com/en_us/c1t. Click to copy to clipboard or post to Twitter... - Hacker Demos Remote Attacks Against ATMs29 July 2010, 12:24 am
LAS VEGAS -- Using home-brewed software tools and exploiting a gaping security hole in the authentication mechanism used to update the firmware on automated teller machines (ATMs), a security researcher hacked into ATMs made by Triton and Tranax and planted a rootkit that dispensed cash on demand. Shorten URL: http://threatpost.com/en_us/c17. Click to copy to clipboard or post to Twitter... - Persistent, Covert Malware Causing Major Damage28 July 2010, 8:22 pm
LAS VEGAS--Security technology and practice have advanced quite a bit in the past few years, but one thing that has become clear is that whatever gains have been made are just not keeping pace with the innovation of attackers. The advances being made by malware authors and crimeware gangs are keeping them well ahead of the curve and will continue to do so for the foreseeable future, researchers say.Shorten URL: http://threatpost.com/en_us/c1y. Click to copy to clipboard or post to Twitter... - Major Check Counterfeiting Ring Uncovered28 July 2010, 7:01 pm
A researcher has uncovered a sophisticated check counterfeiting ring that uses compromised computers to steal and print millions of dollars worth of bogus invoices and then recruit money mules to cash them. Read the full article. [The Register]Shorten URL: http://threatpost.com/en_us/c1N. Click to copy to clipboard or post to Twitter...
- Researcher Intercepts GSM Cell Phones During Defcon Demo31 July 2010, 10:36 pm
In the wake of pressure from the FCC, security expert demonstrates major GSM hack ... - Former NSA, CIA Director Says Intelligence-Gathering Isn't Cyberwar30 July 2010, 6:54 pm
Efforts to crack U.S. cyberdefenses are standard operating procedure in the intelligence game, Hayden tells Black Hat audience... - Most SSL Sites Poorly Configured30 July 2010, 5:43 pm
Half of all SSL servers run older, insecure version of SSL; attacks against HTTPS browser sessions detailed at Black Hat... - Black Hat USA 2010: Complete Coverage30 July 2010, 12:50 pm
A round-up of articles leading up to and live coverage from Black Hat USA 2010, July 24 to 29, Law Vegas... - Malware Authors Leave Their Fingerprints On Their Work, Black Hat Researcher Says29 July 2010, 2:08 pm
Careful study of malware can help experts recognize its source and protect against it, Black Hat researcher says... - Predicted Fallout Following WikiLeaks Video29 July 2010, 1:33 pm
Government agencies could become all the more secretive, says Gartner VP... - ATMs At Risk, Researcher Warns At Black Hat29 July 2010, 3:27 am
Researcher demonstrates remote and local exploits that could compromise popular bank machines... - Internet Infrastructure Reaches Long-Awaited Security Milestone29 July 2010, 2:44 am
The DNS root is now officially signed with security protocol DNSSEC, now comes development, penetration-testing of DNSSEC... - Researcher Exposes Massive Automated Check Counterfeiting Operation Out of Russia28 July 2010, 7:14 pm
'Big Boss' operation used VPN-tunneling botnet, Zeus Trojan, database-hacking, and money mules to help print and cash phony checks... - Breaches Down, Insider Attacks Up, Verizon Business/Secret Service Study Says28 July 2010, 12:06 pm
PCI compliance, saturation of black market may be driving decline in number of records compromised by hackers, forensic investigators say...
- Hacker snoops on GSM cell phones in demo31 July 2010, 9:49 pm
Despite concerns that federal authorities might fine or arrest him, hacker Chris Paget went ahead with a live demonstration of mobile phone interception at the Defcon hacking conference Saturday.... - How to steal corporate secrets in 20 minutes: Ask31 July 2010, 12:59 am
A few companies in the Fortune 500 need to upgrade their Web browsers. And while they're at it, a little in-house training on social engineering wouldn't be a bad idea, either.... - Terry Childs is denied motion for retrial31 July 2010, 12:15 am
The former San Francisco network administrator who refused to hand over passwords for one of the city's networks was denied a new trial on Friday and is expected to be sentenced Aug. 6, a spokeswoman for the district attorney's office said.... - Microsoft sets emergency Windows patch for Monday30 July 2010, 6:11 pm
Microsoft today said it will issue an emergency patch for the critical Windows shortcut bug on Monday, August 2.... - U.S. military launches review of IT security after Wikileaks breach30 July 2010, 5:50 pm
U.S. Defense Secretary Robert Gates said military officials are launching a review of IT security procedures following the leaking of tens of thousands of classified documents related to the war in Afghanistan.... - Free Android apps scrape personal data, send it to China30 July 2010, 5:36 pm
As many as four million users of Android phones have downloaded wallpaper apps that swipe personal data from the phone and transmit it to a Chinese-owned server, a mobile security firm said today.... - More Security News
View more Security news and analysis from Computerworld.com...
- ZeuS Crimeware Serving 123Greetings Ecard Themed Campaign in the Wild20 July 2010, 10:54 pm
Ubiquitous social engineering schemes, never fade away. ZeuS crimeware campaigners are currently using a 123greetings.com ecard-themed campaign, in an attempt to entice users to "enjoy their ecard". Subject: "You have received an Greeting eCard" Message: "Good day. You have received an eCard To pick up your eCard, choose from any of the following options: Click on the following link (or copy & ... - Dissecting the Xerox WorkCentre Pro Scanned Document Themed Campaign19 July 2010, 10:00 pm
Over the weekend, a "Scan from a Xerox WorkCentre Pro" themed malware campaign relying on zip archives, was actively spamvertised by cybecriminals seeking to infect gullible end/corporate users. What's particularly interesting about this campaign, is the cocktail of malware dropped on infected hosts, including Asprox sample (Money Mule Recruiters use ASProx's Fast Fluxing Services), and two ... - Spamvertised Amazon "Verify Your Email", "Your Amazon Order" Malicious Emails16 July 2010, 10:36 pm
And they're back (Gumblar or RUmblar due to the extensive use of .ru domains) for a decent start of the weekend - switching social engineering themes one more time, this time impersonating Amazon.com NOTE: A summary of the malicious payload served will be posted at a later stage. Meanwhile, in order to facilitate quicker response, a complete list of the domains participating will be featured/ ... - Sampling Malicious Activity Inside Cybercrime-Friendly Search Engines16 July 2010, 9:17 pm
UPDATED, Friday, July 16, 2010 - Directi has suspended the domains portfolio of the cybercrime-friendly search engines. Cybercrime-friendly search engines are bogus search engines, which in between visually social engineering their users, offer fake results leading to client-side exploits, bogus video players dropping more malware, scareware, next to the pharmaceutical scams, and domain farms ... - Exploits, Malware, and Scareware Courtesy of AS6851, BKCNET, Sagade Ltd.14 July 2010, 5:54 pm
Never trust an AS whose abuse-mailbox is using a Gmail account (piotrek89@gmail.com), and in particular one that you've come across to during several malware campaigns over the past couple of month. It's AS6851, BKCNET "SIA" IZZI I'm referring to, also known as Sagade Ltd. Let's dissect the currently ongoing malicious activity at that Latvian based AS, expose the exploit/malware/crimeware/ ... - Cybercriminals SQL Inject Cybercrime-friendly Proxies Service14 July 2010, 11:53 am
Cybercrime ecosystem irony, at its best. Why the irony? Because the cybercrime-friendly proxies service TOS explicitly states that its users cannot launch XSS/SQL injection attacks through it. A relatively low profile cybercriminal has managed to exploit a remote SQL injection within a popular proxies service, offering access to compromised hosts across the globe for any kind of malicious ... - Summarizing Zero Day's Posts for June5 July 2010, 7:35 pm
The following is a brief summary of all of my posts at ZDNet's Zero Day for June, 2010. You can also go through previous summaries, as well as subscribe to my personal RSS feed, Zero Day's main feed, or follow me on Twitter: Recommended reading: The security and privacy ramifications of AT&T's iLeak The EFF releases new HTTPS Everywhere Firefox extension Researchers find ... - Sampling 419 Advance Fee Scams Activity17 June 2010, 2:25 pm
Lottery Winning Notifications, Western Union payment notifications, dead relatives, advance fee schemes impersonating law enforcement agencies - their arsenal of themes is endless, their IPs, however, aren't, taking into consideration the fact that the majority of 419 scams are not sent using botnets, but manually, and in a targeted fashion. In fact, some of their spamming techniques (419 ... - Dissecting the Exploits/Scareware Serving Twitter Spam Campaign16 June 2010, 12:39 pm
Yesterday's exploits-serving campaign spreading across Twitter, using automatically registered accounts "pinging" random Twitter users with links to the campaign, is worth profiling due to its state of maliciousness - if the end user is exploitable, exploits are served ultimately leading to scareware, and if he isn't, the cybercriminals behind it attempt to monetize through the same network used ... - Facebook Photo Album Themed Malware Campaign, Mass SQL Injection Attacks Courtesy of AS4256015 June 2010, 7:49 pm
A spamvertised through Facebook personal messages, Photo Album themed campaign, with the domain IP responding to ZeuS C&Cs, combined with an indirect connection between this campaign and the "100,000+ Scareware Serving Fake YouTube Pages Campaign", followed by a domain portfolio used in a currently active mass SQL injection attack serving CVE-2007-5659 exploits, parked within the same AS as the ...
newsPage brought to you by newsPage Plugin