Monthly Archives: June 2010
A new old type of spam outbreak with some twists
It is not the first time that there are targeted attacks against the users and owners of certain domains. Emails like the one below were sent already with intent of Phishing or with intent of infecting the users of the … Continue reading
Adobe fixes vulnerabilities in Reader
Adobe has released Adobe Reader and Acrobat versions 9.3.3 and 8.2.3 for Windows, Mac and Unix, respectively; the new versions are fixing several security vulnerabilities which allow attackers to compromise PCs with manipulated PDF documents. Users of Adobe Reader and … Continue reading
Browser Updates
The Mozilla Foundation just released Firefox 3.6.4 which fixes overall 7 security vulnerabilities of which 4 are rated critical. This means that attackers may abuse the vulnerabilities to inject malware. An interesting new feature in this version is the plugin … Continue reading
Online pharmacy spam using Amazon as bait
After sending waves of spams looking like phishing emails in the name of Twitter and Facebook, now it is Amazon’s turn. In the last days there were waves of spams looking like the one below which on first sight look … Continue reading
Exploit Kits for the masses – Enter Fragus
The Fragus Exploit Kit is presented as a PHP web site featuring an administration/configuration module, the exploit module and a reporting module with MySQL as backend database. The “business” model is based on displaying fake ads and exploit the users … Continue reading
Phishing, Spam and Malware Statistics for May 2010
It’s time for the update on last month’s Phishing, Spam and Malware statistics again! Most phished brands In May 2010, phishing for Paypal account data significantly decreased – while Paypal still is the top target of the cyber criminals though. … Continue reading
Fix-it-Tool for Windows Zero-Day-vulnerability
Google’s security researcher Tavis Ormandy has disclosed a vulnerability in the Windows XP and 2003 hcp:-protocol handler a few days ago. Microsoft reports “limited, targeted attacks” now; the vulnerability allows for infecting a Windows PC via visiting manipulated web sites, … Continue reading
Adobe FlashPlayer Update available
Since the last weekend there was a vulnerability in Adobe’s FlashPlayer which gets already exploited in the wild. Now Adobe has released updated software which closes the security holes on all supported platforms. Affected are Adobe FlashPlayer versions 10.0.45.2 and … Continue reading
Plenty of Vulnerabilities fixed on Microsoft Patchday
10 Security Bulletins with according updates fixing more than 30 vulnerabilities in several Microsoft products – that is the summary of the June 2010 Microsoft Patchday. 3 Bulletins carry the “critical” flag, which means that the vulnerabilities are exploited easily … Continue reading
Zero-Day Acrobat Exploit – In The Wild
Adobe released a security advisory and announced a zero-day exploit found in specific Adobe Flash Player versions. The vulnerability (CVE-2010-1297) could be used to run arbitrary code. This means that the malicious files could be downloaded or dropped on the … Continue reading