By Dancho Danchev
Remember the ‘Your Amazon.com order confirmation’ client-side exploits and malware serving campaign which I profiled earlier this week?
It appears that the gang behind it is back with another campaign, this time impersonating PayPal. For the time being, another round consisting of millions of malicious emails is circulating in the wild, enticing end and corporate users into clicking on malicious links found in the emails.
More details:
By Dancho Danchev
In a coordinated effort Oracle and Apple recently issued a critical security update for Java.
Next to Adobe Flash, and Acrobat Reader, client-side vulnerabilities found in insecure versions of Java are among the most popular entry points for malicious attackers on the hosts of users with outdated third-party software and browser plugins.
More details:
By Dancho Danchev
In yesterday’s Firefox 13 release, Mozilla has fixed seven critical security vulnerabilities, four of which are critical. The majority of these vulnerabilities are also fixed in the latest Thunderbird 13 release.
More details on the vulnerabilities:
By Dancho Danchev
From DIY (do-it-yourself) exploit generating tools, to efficient platforms for exploitation of end and corporate users, today’s efficiency-oriented cybercriminals are constantly looking for ways to monetize hijacked web traffic. In order to do so, they periodically introduce new features in the exploit kits, initiate new partnerships with managed malware/script crypting services, and do their best to stay ahead of the security industry.
What are some of the latest developments in this field?
Meet Sweet Orange, one of the most recently released web malware exploitation kits, available for sale at selected invite-only cybercrime-friendly communities.
What’s so special about Sweet Orange? Does it come with customer support? What client-side exploits is it serving? How are the Russian cybercriminals behind it differentiating their underground market proposition in comparison with competing kits, such as the market leading Black Hole web malware exploitation kit?
Let’s find out.
By Dancho Danchev
On Tuesday, Adobe released a security bulletin, warning users of several vulnerabilities which could give a remote attacker access to the targeted PC.
The update affects Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for Linux, and Adobe Acrobat X (10.1.2).
More details:
By Dancho Danchev
On Tuesday, Microsoft issued 6 security bulletins, 4 of them critical, and 2 important updates. The bulletins fix a total of 11 vulnerabilities in Windows, Microsoft Office, and Internet Explorer.
According to Microsoft, the company has already observed targeted malware attacks taking advantage of the MS12-027 vulnerability. In order to mitigate the risks posed by these currently circulating targeted attacks, the company is advising users to disable the ActiveX controls via the Trust Center Settings > ActiveX Settings, option.
More details:
