Monthly Archives:: April 2012


Upcoming Webroot briefing at InfoSec, 2012, London – “Current and Emerging Trends Within the Cybercrime Ecosystem”

by

Dear blog readers, are you going to this year’s InfoSec 2012, event in London? If so, don’t forget to stop by Webroot’s stand G90, where I’ll be briefing our visitors on “Current and Emerging Trends Within the Cybercrime Ecosystem” on the 24th of April to 26th of April. More details:

Continue Reading »

New DIY email harvester released in the wild

by

In order for cybercriminals to launch, spam, phishing and targeted attacks, they would first have to obtain access to a “touch point”, in this case, your valid email address, IM screen name, or social networking account. Throughout the years, they’ve been experimenting with multiple techniques to obtain usernames (YouTube user names, IM screen names, Hotmail email addresses) and valid email addresses from unsuspecting end and corporate users. In this post we’ll profile a recently released Russian DIY  email harvester, and emphasize on the difference between notice and experienced cybercriminals in the context of the tactics and techniques they use to obtain a […]

Continue Reading »

Hewlett-Packard shipping malware-infected compact flash cards

by

Earlier this week, HP’s Software Security Response Team issued a security bulletin, alerting users that certain HP ProCurve 5400 zl switches were shipped with malware installed on the associated compact flash cards. No details were given about the type of malware shipped to unaware customers. More details on the affected switches, including their serial numbers:

Continue Reading »

Adobe patches critical Reader and Acrobat security vulnerabilities

by

On Tuesday, Adobe released a security bulletin, warning users of several vulnerabilities which could give a remote attacker access to the targeted PC. The update affects Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for Linux, and Adobe Acrobat X (10.1.2). More details:

Continue Reading »

Microsoft issues 6 security bulletins on ‘Patch Tuesday’

by

On Tuesday, Microsoft issued 6 security bulletins, 4 of them critical, and 2 important updates. The bulletins fix a total of 11 vulnerabilities in Windows, Microsoft Office, and Internet Explorer. According to Microsoft, the company has already observed targeted malware attacks taking advantage of the MS12-027 vulnerability. In order to mitigate the risks posed by these currently circulating targeted attacks, the company is advising users to disable the ActiveX controls via the Trust Center Settings > ActiveX Settings, option. More details:

Continue Reading »

Adobe plans to issue Acrobat Reader ‘security update’ next week

by

According to the latest prenotification security advisory from Adobe, next week, the company plans to issue a ‘security update’ for Adobe Reader X (10.1.2) running on Windows, Linux and Macintosh. Adobe’s products are under permanent fire from malicious cybercriminals, exploiting known vulnerabilities in Adobe’s products, who succeed, primarily relying on the fact that end and corporate users are not patching in a timely manner. More details:

Continue Reading »

Google’s Chrome patches 12 ‘high risk’ security vulnerabilities

by

Yesterday, Google updated its Chrome browser to 18.0.1025.151 on Windows, Mac, Linux and Chrome Frame. Next to patching multiple usability bugs, the latest update has also patched numerous vulnerabilities reported through  Google’s security bugs bounty program. More details:

Continue Reading »

New underground service offers access to hundreds of hacked PCs

by

Want to buy anonymous access to hacked PCs, spam-free SMTP servers (Simple Mail Transfer Protocol), or compromised bank accounts? A newly launched underground Web service, is currently offering access to hundreds of hacked PCs, SMTP servers, and hacked bank accounts. Let’s take a deeper look:

Continue Reading »

Spamvertised ‘US Airways’ themed emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising yet another social-engineering driven malicious email campaign, this time impersonating U.S Airways. Upon clicking on the malicious links found in the emails, end and corporate users are exposed to client-side exploits courtesy of the BlackHole web malware exploitation kit. More details:

Continue Reading »

Email hacking for hire going mainstream – part two

by

Remember the email hacking for hire service which Webroot extensively profiled in this post “Email hacking for hire going mainstream“? Recently, I stumbled upon another such service, advertised at cybercrime-friendly web forums, offering potential customers the opportunity to hack a particular Mail.ru and Gmail.com email address, using a variety of techniques, such as brute-forcing, phishing, XSS vulnerabilities and social engineering. More details:

Continue Reading »