Security News? Just a few clicks away

Monthly Archives: June 2010

A new old type of spam outbreak with some twists

It is not the first time that there are targeted attacks against the users and owners of certain domains. Emails like the one below were sent already with intent of Phishing or with intent of infecting the users of the … Continue reading

Adobe fixes vulnerabilities in Reader

Adobe has released Adobe Reader and Acrobat versions 9.3.3 and 8.2.3 for Windows, Mac and Unix, respectively; the new versions are fixing several security vulnerabilities which allow attackers to compromise PCs with manipulated PDF documents. Users of Adobe Reader and … Continue reading

Browser Updates

The Mozilla Foundation just released Firefox 3.6.4 which fixes overall 7 security vulnerabilities of which 4 are rated critical. This means that attackers may abuse the vulnerabilities to inject malware. An interesting new feature in this version is the plugin … Continue reading

Online pharmacy spam using Amazon as bait

After sending waves of spams looking like phishing emails in the name of Twitter and Facebook, now it is Amazon’s turn. In the last days there were waves of spams looking like the one below which on first sight look … Continue reading

Exploit Kits for the masses – Enter Fragus

The Fragus Exploit Kit is presented as a PHP web site featuring an administration/configuration module, the exploit module and a reporting module with MySQL as backend database. The “business” model is based on displaying fake ads and exploit the users … Continue reading

Phishing, Spam and Malware Statistics for May 2010

It’s time for the update on last month’s Phishing, Spam and Malware statistics again! Most phished brands In May 2010, phishing for Paypal account data significantly decreased – while Paypal still is the top target of the cyber criminals though. … Continue reading

Fix-it-Tool for Windows Zero-Day-vulnerability

Google’s security researcher Tavis Ormandy has disclosed a vulnerability in the Windows XP and 2003 hcp:-protocol handler a few days ago. Microsoft reports “limited, targeted attacks” now; the vulnerability allows for infecting a Windows PC via visiting manipulated web sites, … Continue reading

Adobe FlashPlayer Update available

Since the last weekend there was a vulnerability in Adobe’s FlashPlayer which gets already exploited in the wild. Now Adobe has released updated software which closes the security holes on all supported platforms. Affected are Adobe FlashPlayer versions and … Continue reading

Plenty of Vulnerabilities fixed on Microsoft Patchday

10 Security Bulletins with according updates fixing more than 30 vulnerabilities in several Microsoft products – that is the summary of the June 2010 Microsoft Patchday. 3 Bulletins carry the “critical” flag, which means that the vulnerabilities are exploited easily … Continue reading

Zero-Day Acrobat Exploit – In The Wild

Adobe released a security advisory and announced a zero-day exploit found in specific Adobe Flash Player versions. The vulnerability (CVE-2010-1297) could be used to run arbitrary code. This means that the malicious files could be downloaded or dropped on the … Continue reading