The tragic death of Michael Jackson, the "King of Pop", has made bad guys to take advantage of the situation. The most recent attacks try to make news hungry users install irc bot with backdoor capability to their systems.
Michael Jackson Malware
Michael Jackson Video Leads to Malware Download
Monday, June 29, 2009
Wednesday, June 24, 2009
New Version of Shockwave Player Available
There has been released a new version of Adobe Shockwave Player. Version 11.5.0.600 fixes a critical vulnerability which could allow an attacker to take control of the affected system.
Adobe recommends Shockwave Player users on Windows uninstall Shockwave version 11.5.0.596 and earlier on their systems, restart, and install Shockwave version 11.5.0.600.
More information:
Adobe's security bulletin
Secunia advisory
Adobe recommends Shockwave Player users on Windows uninstall Shockwave version 11.5.0.596 and earlier on their systems, restart, and install Shockwave version 11.5.0.600.
More information:
Adobe's security bulletin
Secunia advisory
Vulnerability In Google Chrome
There has been found a vulnerability in Google Chrome -web browser:
The vulnerability is categorized as critical and affects users of Google Chrome versions below 2.0.172.33. Users of vulnerable versions can update browser to patched version with in-built automatic updater or alternatively install new version from Google Chrome homepage.
More info here.
CVE-2009-2121: Buffer overflow processing HTTP responses
Google Chrome is vulnerable to a buffer overflow in handling certain responses from HTTP servers. A specially crafted response from a server could crash the browser and possibly allow an attacker to run arbitrary code.
The vulnerability is categorized as critical and affects users of Google Chrome versions below 2.0.172.33. Users of vulnerable versions can update browser to patched version with in-built automatic updater or alternatively install new version from Google Chrome homepage.
More info here.
Saturday, June 20, 2009
Security Update For Foxit Reader Available
Foxit software has released an update to Foxit Reader 3.0 that fixes following two vulnerabilities:
Instructions for updating are provided here.
1. Fixed a problem related to negative stream offset (in malicious JPEG2000 stream) which caused reading data from an out-of-bound address. We have added guard codes to solve this issue.
2. Fixed a problem related to error handling when decoding JPEG2000 header, an uncaught fatal error resulted a subsequent invalid address access. We added error handling code to terminate the decoding process.
Instructions for updating are provided here.
Thursday, June 18, 2009
Nine-Ball Compromises more than 40,000 Legitimate Web Sites
Websense reports about a large mass injection attack that has so far compromised thousands of web sites. "We have been tracking the Nine-Ball mass compromise since 6/03/2009. To date, over 40,000 legitimate Web sites have been compromised with obfuscated code that leads to a multi-level redirection attack, ending in a series of drive-by exploits that if successful install a trojan downloader on the user's machine", writes Websense.
This is the third time within a short period when a big amount of web sites gets compromised. Earlier two mass injections were made by Gumblar and Beladen.
This is the third time within a short period when a big amount of web sites gets compromised. Earlier two mass injections were made by Gumblar and Beladen.
Friday, June 12, 2009
New Firefox Update Available
Mozilla has released a new version of its Firefox web browser. Version 3.0.11 contains fixes to nine vulnerabilities of which four are critical, one high, two moderate and two low.
Update can be obtained thru the browser's in-built updater or from Firefox download site.
Release Notes for Firefox 3.0.11
Update can be obtained thru the browser's in-built updater or from Firefox download site.
Release Notes for Firefox 3.0.11
Wednesday, June 10, 2009
Updates For Adobe Reader & Acrobat Available
Adobe has released updated versions of Adobe Reader and Acrobat. Versions 9.1.1 and older contain vulnerabilities that would cause the application to crash and could potentially allow an attacker to take control of the affected system.
Adobe has categorized the update as critical and recommends that users of Adobe Reader/Acrobat update their versions to 9.1.2, 8.1.6 or 7.1.3. At the moment, updated versions are available for Windows and Macintosh platforms. Security updates for Adobe Reader on the UNIX platform are expected to be available on June 16, 2009.
More information about vulnerabilities and update instructions can be found from the correspondent security bulletin.
Adobe has categorized the update as critical and recommends that users of Adobe Reader/Acrobat update their versions to 9.1.2, 8.1.6 or 7.1.3. At the moment, updated versions are available for Windows and Macintosh platforms. Security updates for Adobe Reader on the UNIX platform are expected to be available on June 16, 2009.
More information about vulnerabilities and update instructions can be found from the correspondent security bulletin.
Updated Version Of Apple Safari Available
Apple has released an updated version of Apple Safari web browser that fixes multiple vulnerabilities. Part of those allow an attacker to run arbitrary code in target system.
Affected are: Apple Safari for Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.7, Mac OS X Server v10.5.7, Windows XP or Vista versions prior 4.0.
Users of affected version should update by getting updated version here.
More information can be read from the correspondent support documentary.
Affected are: Apple Safari for Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.7, Mac OS X Server v10.5.7, Windows XP or Vista versions prior 4.0.
Users of affected version should update by getting updated version here.
More information can be read from the correspondent support documentary.
Tuesday, June 9, 2009
Microsoft Security Update For June 2009
Microsoft has released security update packet for June. This time vulnerabilities have fixed with ten separate update packets. Of those six are critical, three important and one moderate.
New version of Microsoft Windows Malicious Software Removal Tool was released too.
More information of the update and its contents can be read from here.
For consumer the easist way to get the update is to use Microsoft automatic update service.
New version of Microsoft Windows Malicious Software Removal Tool was released too.
More information of the update and its contents can be read from here.
For consumer the easist way to get the update is to use Microsoft automatic update service.
Friday, June 5, 2009
FTC Shuts Down Web Hosting Firm
US Federal Trade Commission (FTC) has shut down web hosting provider Pricewert that operated at least under 3FN and APS Telecom names. FTC states that Pricewert was criminal ISP that sold services to other cyber criminals. Company hosted botnet servers and also helped in distributing spam, child pornography and rogue antivirus products.
It's not clear yet how the shutdown will affect. Similar shutdown happened in last November when net provider McColo was sent offline. That time spam amounts decreased a lot. Though 3FN was a major provider for Cutwail spam botnet it's possible that criminals have learnt their lessons and have programmed the botnet to use backup commands.
More on the subject:
Washington Post article
The Register article
Court documents
It's not clear yet how the shutdown will affect. Similar shutdown happened in last November when net provider McColo was sent offline. That time spam amounts decreased a lot. Though 3FN was a major provider for Cutwail spam botnet it's possible that criminals have learnt their lessons and have programmed the botnet to use backup commands.
More on the subject:
Washington Post article
The Register article
Court documents
Thursday, June 4, 2009
Rogue Software Campaigned In Twitter
PandaLabs write in their blog about rogue software campaigns that cyber-criminals are having in Twitter. In the attack, criminals are using zombie Twitter accounts to post messages with url links included. Clicking these links starts a series of redirections that finally ends up to malware serving websites.
Yesterday, all links were posted in messages under "PhishTube Broadcast" topic. However, new PandaLabs' blog entry states that over the past 24 hours the Twitter trends based attack has expanded to several thousand tweets targeting trendy topics on Twitter and the figures keep rising.
Yesterday, all links were posted in messages under "PhishTube Broadcast" topic. However, new PandaLabs' blog entry states that over the past 24 hours the Twitter trends based attack has expanded to several thousand tweets targeting trendy topics on Twitter and the figures keep rising.
Tuesday, June 2, 2009
Security Updates For Apple iTunes And QuickTime
Apple has released new versions of iTunes and QuickTime products. iTunes version 8.2 fixes a vulnerability that would cause an unexpected application termination or execution of arbitrary code if maliciously crafted website is visited. QuickTime 7.6.2 version itself fixes ten vulnerabilities that could all lead to an unexpected application termination or execution of arbitrary code.
New versions can be downloaded and installed from Apple Downloads.
New versions can be downloaded and installed from Apple Downloads.
Subscribe to:
Posts (Atom)
