The Saturday night boxing match between Manny Pacquiao and Joshua Clottey was one of the most awaited sports events of 2010. It should not be a surprise then that cybercriminals took advantage of it to spread malware. Another blackhat search engine optimization (SEO) attack led users who wanted to watch the fight online via live video streams (using the search phrase “manny pacquiao vs joshua clottey live streaming”) to malicious sites.

Here is the original post:
Pacquiao-Clottey Live Streams Lead to FAKEAV

Hot on the heels of this month’s security bulletin , a new vulnerability exploit surfaces with a malware in tow. The new zero-day vulnerability, as described in a previous post, prompted Microsoft to release Security Advisory (981374) while investigations are still underway

See the original post:
New IE Zero-Day Exploit (CVE-2010-0806)

Within days of Adobe’s release of out-of-band security updates for both Acrobat and Reader, word now comes from security researcher Aviv Raff, of another new vulnerability in an Adobe product. The flaw was found in Adobe Download Manager (DLM), an application Adobe uses to deliver common applications (e.g., Flash and Reader ) to users’ systems.

View original post here:
New Adobe Download Manager Bug

As previously announced in the Microsoft Security Bulletin Advance Notification released last week, this month’s patch cycle includes 13 bulletins intended to patch 26 vulnerabilities in several versions of Windows OS and Office . The record release is a far cry from last month’s lone patch . The long list includes five bulletins rated “critical,” which specifically patch nine vulnerabilities that could lead to remote code execution

Originally posted here:
February Patch Tuesday—13 Security Bulletins for 26 Vulnerabilities Plus a FAKEAV

As the rescue efforts continue in Haiti , the world waits with bated breath for more good news about survivors.

Read the original post:
Haiti Spam Leads to New Malware

Even before the first user could buy the latest and upcoming Apple technology, the iPad , cybercriminals are already making their profits from it by taking advantage of its popularity. Trend Micro Threat Engineers found today some malicious search results when searching for news or information related to the announcement of the Apple Tablet

Excerpt from:
FAKEAV Gets First Dibs in Profits from Apple iPad

News involving celebrity deaths (real or hoax) have a habit of spreading across the Internet like wildfire, sensationalizing bits of information to entice readers.

Continue reading here:
Hackers Exploit Actor Johnny Depp’s Death Hoax

It has been a year since WORM_DOWNAD.AD (aka “Conficker” ) began a trail of system infections around the world. Since then, Trend Micro has detected new variants, including WORM_DOWNAD.KK , which proved to be an upgraded version that enabled the worm to increase the number of domains it generated from 250 to 50,000. In recent months, things have been relatively quiet in the DOWNAD /Conficker front.

More:
Where in the World Is DOWNAD/Conficker?

The recent attacks on Google and other large organizations (currently being referred to by others as Aurora, Google Attacks, Hydraq) were a set of carefully orchestrated, sophisticated and highly complex attacks. They comprised malicious threats to all three communication vectors – email, web and files, plus most notably, a zero-day vulnerability in Internet Explorer.

Originally posted here:
Trend Micro To Help Proactively Protect Against Zero-Day Attacks like the recent IE Explorer Exploit

Trend Micro has identified new malware samples that exploit the still-unpatched Internet Explorer (IE) vulnerability .   These samples have been detected as JS_ELECOM.C and HTML_COMLE.CXC Further analysis by TrendLabs threat experts found that the new scripts are versions of JS_DLOADER.FIS (the only difference being the encryption techniques used), which was widely used in the recent and still ongoing attacks targeting major organizations like Google and Adobe. In line with this, Microsoft announced that it will release an out-of-band security update to fix the issue.

More here:
New IE Zero-Day Exploit Attacks Continue