Vulnerabilities & attacks

Report: As stock market drops malware rises

Here's more evidence of a connection between the economic crisis and cybercrime. PandaLabs reported on Wednesday about a direct correlation between the recent stock market declines and increases in targeted cyberattacks.

For instance, while the U.S. stock market saw declines between September 1 and October 9, the volume of malware threats grew, doubling to more than 24,000 per day between September 8 and September 10 alone and to more than 30,000 per day on September 16.

The recent malware spikes could be due to the fact that cybercriminals now have fewer possible targets with the consolidation … Read more

Study: Malware risks are growing exponentially

A new report from security services provider ScanSafe finds that companies are at increasing risk of having employees inadvertently download backdoors and password stealers onto corporate computers from Web sites that have malicious software hidden on them.

A company in ScanSafe's focus group faced a nearly 500 percent greater risk of exposure to those threats in September than was faced in January of this year, according to ScanSafe's Global Threat Report released on Tuesday.

Companies in the energy sector are at greater risk from Web-based malware than other industries, the report concludes. The energy sector, worldwide, faces a … Read more

Google, eBay up, but indexes down

Despite a down day for the broader markets Friday, a handful of tech stocks swam against the tide, posting modest single-digit gains.

Google, Symantec, and eBay were just some of the tech companies to finish the day in the black. The CNET Tech Index was down a modest 1.59 points to end the day at 1,185.55.

Google closed up 5.53 percent to $372.54 a share, which comes as little surprise considering the tech titan posted stronger-than-expected third-quarter earnings results on Thursday. And on Friday, a number of analysts released largely positive comments on the quarter, … Read more

Internet-scale 'man in the middle' attack disclosed

Correction at 3:15 p.m. PDT: This post initially misstated the meaning in this context of ASN. It stands for Autonomous System Notation.

In Black Hat's October Webinar on Thursday, Anton Kapela, datacenter manager at 5Nines Data, spoke about Internet-scale "man in the middle" attacks.

The talk reprised a last-minute substitution presentation he gave along with Alexander Pilosov at this year's Defcon conference in August. During the conference, the two researchers intercepted all conference Internet traffic at the Riviera Hotel in Las Vegas and ran it through their servers. According to Black Hat founder and … Read more

Microsoft Host Integration Server flaw exploited

On Thursday, new code was posted on the Internet that could exploit a flaw in unpatched Microsoft Host Integration Servers.

The exploit is part of Metasploit, a toolkit used by penetration testers and criminal hackers alike.

On Tuesday, Microsoft issued security bulletin MS08-059 to address the vulnerability detailed in CVE- 2008-3466. In its patch bulletin, ranked as critical, Microsoft said "this vulnerability could allow remote code execution if an attacker sent a specially crafted remote procedure call request to an affected system. Customers who follow best practices and configure the systems network architecture remote procedure call (SNA RPC) service … Read more

Twitter steps up its antispam moves

Twitter is stepping up its actions to fight spam, which has been plaguing the site since earlier this year and appears to be spiking this week.

The company is looking to hire a spam engineer, preferably one who has worked at a big search or e-mail company, according to a tweet by founder Evan Williams.

That person would likely work closely with the "spam marshal" that was hired in August.

The hiring move was praised by the Twitter community.

The latest job posting "is another sign that Twitter is maturing as a business and is using its … Read more

Adobe addresses Flash Player 'clickjacking' flaw

Adobe Systems has addressed a security flaw in its Flash Player products that could lead to 'clickjacking' attacks.

Flash Player 10, released on Wednesday, includes a fix for the clickjacking vulnerability published by researchers Jeremiah Grossman and Robert Hansen earlier this month.

Clickjacking attacks take advantage of vulnerabilities in Adobe Flash Player 9.0.124.0 and earlier, as well as vulnerabilities in browsers such as Internet Explorer, Opera, Firefox, and Safari. Exploitation of the flaws could allow an attacker to disguise Web site elements, such as dialog boxes and links, so that the user is fooled into visiting malicious … Read more

Microsoft Blue Hat starts on Thursday

Microsoft's eighth Blue Hat conference will take place on Thursday and Friday at the software giant's Redmond, Wash., campus. Entitled "C3P0wned," the invitation-only conference features two full days of sessions.

Day one features a select group of security researchers, with team members from Microsoft Security Development Lifecycle (SDL) presenting on the second day. It is an opportunity for Microsoft engineers to hear first hand from leading security researchers. The last Blue Hat conference was held in April.

Of interest on day one is a talk by Dan Kaminsky, director of penetration testing at IO Active, who … Read more

AVG flags ZoneAlarm as malware

This post was updated at 3:30 p.m. PDT with comment Check Point.

Grisoft, makers of AVG antivirus, on Wednesday released a new update addressing a false positive in another security product.

On Tuesday, AVG users reported desktops warnings that their desktop was infected with something called Trojan Agent r.CX. Some files within zlsSetup_70_483_000_en[1].exe, a compressed file containing dormant set-up files for Check Point's ZoneAlarm, apparently set off the alarm. The ZoneAlarm user forum soon filled with concerned users.

Grisoft did not respond to a request for comment.

Laura Yecies, vice president and general manager … Read more