Microsoft Corp. today warned Internet Explorer users that attackers are exploiting a previously unknown security hole in the browser to install malicious software. The company is urging users who haven’t already done so to upgrade to IE8, which it said includes technology that makes the vulnerability much more difficult to exploit.
“Evilgrade,” a toolkit that makes it simple for attackers to install malicious software by exploiting weaknesses in the auto-update feature of many popular software titles, recently received an upgrade of its own and is now capable of hijacking the update process of more than 60 legitimate programs.
Adobe Systems pushed out critical security update for its Shockwave Player that fixes nearly a dozen security vulnerabilities. The software maker also is warning that attackers are targeting a previously unidentified security hole in its Acrobat and PDF Reader products.
A new version of the infamous Koobface worm designed to attack Mac OS X computers is spreading through Facebook and other social networking sites, security experts warn.
Security software maker Intego says this Mac OS X version of the Koobface worm is being served as part of a multi-platform attack that uses a malicious Java applet to attack users. According to Intego, the apple includes a prompt to install the malicious software:
“Firesheep,” a new add-on for Firefox that makes it easier to hijack e-mail and social networking accounts of others who are on the same wired or wireless network, has been getting some rather breathless coverage by the news media, some… Read More »
The Web site for the Nobel Peace Prize has been serving up malicious software that takes advantage of a newly-discovered security hole in Mozilla Firefox, computer security experts warned today. Oslo-based Norman ASA warned that visitors who browsed the Nobel… Read More »
Microsoft Corp. today warned that it is seeing a huge uptick in attacks against security holes in Java, a software package that is installed on the majority of the world’s desktop computers. In a posting to the Microsoft Malware Protection… Read More »
Microsoft today issued 16 update bundles to fix a record-breaking 49 separate security vulnerabilities in computers powered by its Windows operating systems and other software.
A major new malware spam campaign mimicking invites sent via business networking site LinkedIn.com leverages user trust and a kitchen sink of browser exploits in a bid to install the password-stealing ZeuS Trojan.
Several new Internet worms are spreading quite rapidly via a newly-found vulnerability in Twitter.com. While the flaw that powers these attackers will most likely be sewn shut in a matter of hours, if you’re going to frequent Twitter today you’d be wise to use a Twitter client or at least block Javascript on the site, as these worms appear to be spreading with little to no interaction on the part of users.
