Symantec verified a report of a large-scale web attack on going in Italy.
The attack is similar to what we described in our previous blog; it just uses a new different final domain which runs the hostile exploits of Mpack 0.86 kit.
The gang behind the attack had successfully compromised the homepages of hundreds of legitimate Italian websites. We checked many of them and we verified that they include now a malicious IFRAME (detected as Trojan.Mpkit!html) which redirects to the same bad IP address. The list of compromised sites is huge and from Mpack statistics this attack is working efficiently (the statistic page reports 65K unique visitors with almost 7K exploited browsers).
More at http://www.symantec.com/enterprise/security_response/weblog/2007/06/italy_under_attack_mpack_gang.html
Laptop theft embarrasses Eden Project
The Eden Project, one of the most esteemed environmental organisations in the UK, has turned out to be just as vulnerable to losing important data as any non-green enterprise.
It has emerged that the personal information of hundreds of workers at the famous Eden Project in Cornwall were on a laptop stolen from the car of an employee working for Moorepay, the company that looks after the Project's payroll. Data included names, addresses, bank details, and pay rates relating to 500 employees.