Monthly Archives: April 2010

iPack Exploit Kit Bites Windows Users

April 16, 2010

Not long ago, there were only a handful of serious so-called “exploit packs,” crimeware packages that make it easy for hackers to booby-trap Web sites with code that installs malicious software. These days, however, it seems like we’re hearing about a new custom exploit kit every week. Part of the reason for this may be that more enterprising hackers are seeing the moneymaking potential of these offerings, which range from a few hundred dollars per kit to upwards of $10,000 per installation — depending on the features and plugins requested.

Java Patch Targets Latest Attacks

April 15, 2010

Oracle Corp. has shipped a new version of its Java software that nixes a feature in Java that hackers have been using to foist malicious software. Java 6 Update 20 was released sometime in the last 24 hours, and includes some security fixes, although Oracle’s documentation on that front is somewhat opaque. Most significantly, the update removes a feature that hackers have started using to install malware.

Unpatched Java Exploit Spotted In-the-Wild

April 14, 2010

Last week, a Google security researcher detailed a little-known feature built into Java that can be used to launch third-party applications. Today, security experts unearthed evidence that a popular song lyrics Web site was compromised and seeded with code that leverages this Java feature to install malicious software.

Immunet: A Second Opinion Worth a Second Look

April 14, 2010

Security experts have long maintained that running two different anti-virus products on the same Windows machine is asking for trouble, because the two programs will compete for resources, slow down or even crash the host PC.

But an upstart anti-virus company called Immunet Protect is hoping Windows users shrug off this conventional wisdom, and embrace the dual anti-virus approach. Indeed, the company’s free product works largely by sharing data about virus detections by other anti-virus products on the PCs of the Immunet user community.