Customers who use a number of the top online banking sites are at risk of falling prey to a new Web-based attack that snatches user IDs and passwords for these sites.
Among the sites targeted by the attack are some owned by Citibank, Deutsche Bank and Barclays Bank.
The attack is rather complex and appears to use a known flaw in Internet Explorer (IE) to drop a Trojan horse program on vulnerable machines. The Trojan is delivered through a malicious pop-up ad that loads a file called "img1big.gif" onto the machine. The file is in fact a compressed Win32 executable that contains the Trojan and a DLL.
The DLL is installed on the PC as a BHO (Browser Helper Object), a type of DLL that normally is used to let developers control IE in certain circumstances.
Another big Apache hole found
Linux and Unix vendors are releasing fixes for a critical bug in the popular Web server Apache that could allow attackers to crash the system or execute malicious code.
The bug affects Apache 1.3.x installations configured to act as proxy servers, which relay requests between a Web browser and the Internet. When a vulnerable server connects to a malicious site, a specially crafted packet can be used to exploit the vulnerability, according to security researcher Georgi Guninski, who has publicly released exploit code.