Author Archive

The number of serious zero-day vulnerabilities and potential exploits discovered in recent days is higher than normal.

Link:
Multiple Vendors Affected By New Vulnerabilities

April 3 cannot come soon enough for those who are eager to get their hands on the iPad . If anything, Apple ’ s recent announcement that the gadget will soon be available in the United States only added to the excitement over the much-talked-about gadget.

Here is the original post:
iPad Giveaway Gives Users’ Identities Away

Hello and welcome to this month’s blog on the Microsoft patch releases. This is a fairly quiet month—the vendor is releasing two bulletins covering a total of eight vulnerabilities.

Here is the original post:
Microsoft Patch Tuesday - March 2010

The United States Computer Emergency Readiness Team (US-CERT) issued a new vulnerability note . However, this particular “vulnerability” concerns a rather unusual product—a USB charger for rechargeable batteries.

See the original post here:
USB Battery Chargers with Malware?

Spam about diet or weight loss plans have been around for ages now, mostly spreading through email. However, spammed messages recently made their rounds on Twitter, compromising unwitting users’ accounts and spreading via these infected accounts. Compromised Twitter accounts post Tweets that tell their followers to click the shortened link to try out a new diet/weight loss plan.

See the original post:
Diet Twitter Spam (on the) Run

We recently received a file (from CERT) for analysis. We found that the file was a Trojan that opens a back door on a compromised computer and listens for commands on port 7777. This by itself is not very unusual, but what surprised us was that this file was being distributed by a well known battery manufacturer as part of a USB charger-monitoring software package.

The rest is here:
Trojan Found in USB Battery Charger Software

Recently, Symantec received some malicious files which appeared to be signed by “Adobe Systems Incorporated”. On closer inspection, however, it was seen that the signature was just a ruse used by the malware author to give an air of legitimacy to the files.

Visit link:
Viruses and Digital Signatures

TrendLabs researchers have recently published its findings about ZeuS , a botnet making the headlines in today’s threat landscape. ZeuS: A Persistent Criminal Enterprise ZeuS has been entrenched in the cybercriminal business for a long time now and has continuously evolved and improved. Given the vast number of toolkit versions readily available in the underground, the features ZeuS possesses to thwart both antivirus and other security solutions, as well as efforts by the security industry, ZeuS will continue to be used by cybercriminals to steal personal information and even people’s identities.

Read the original post:
What’s the juice on ZeuS?

“Big Brother Brazil” is a Brazilian reality TV program adapted from the popular Big Brother television series. The show is about a group of people living together in a purpose-built Big Brother house, isolated from the outside world, while being monitored by cameras 24×7.

Continue reading here:
Big Brother in Social Networking Scam

Another Proof-of-Concept (POC) Revealed The changing threat landscape has brought about more sophisticated Web threats, and left the online population clamoring for better security features in the systems and applications that they use. This has pushed Microsoft to develop security mechanisms within its applications like Windows’ Data Execution Protection (DEP) and Address Space Layout Randomization (ASLR) . Both DEP and ASLR are security mechanisms that Microsoft included in its latest Windows releases starting with XP SP2 and Vista, respectively, which should ideally protect systems from being attacked by exploit codes.

Excerpt from:
New Exploit Bypasses DEP