Heartbleed Bug: What Can You Do?
In the wake of widespread media coverage of the Internet security debacle known as the Heartbleed bug, many readers are understandably anxious to know what they can do to protect themselves. Here’s a short primer.
Tag Archives: sans internet storm center
Blogs of War: Don’t Be Cannon Fodder
On Wednesday, KrebsOnSecurity was hit with a fairly large attack which leveraged a feature in more than 42,000 blogs running the popular WordPress content management system (this blog runs on WordPress). This post is an effort to spread the word to other WordPress users to ensure their blogs aren’t used in attacks going forward.
Adobe, Apple, Microsoft & Mozilla Issue Critical Patches
Adobe, Apple, Microsoft and Mozilla all released updates on Tuesday to fix critical security flaws in their products. Adobe issued a patch that corrects four vulnerabilities in Shockwave Player, while Redmond pushed out updates to address four Windows flaws. Apple slipped out an update for its version of Java that mends at least 17 security holes, and Mozilla issued yet another major Firefox release, Firefox 8.
Scammers Swap Google Images for Malware
A picture may be worth a thousand words, but a single tainted digital image may be worth thousands of dollars for computer crooks who are abusing weaknesses in Google’s Image Search service to foist malicious software.
For several weeks, a number of readers have complained that clicking on Google Images search results redirected them to Web pages that pushed rogue anti-virus or “scareware” through misleading security alerts and warnings. On Wednesday, the SANS Internet Storm Center posted a blog entry saying they, too, were receiving reports of Google Image searches leading to fake anti-virus. According to SANS, the attackers have compromised an unknown number of sites with malicious scripts that create garbage Web pages filled with the top search terms from Google Trends. The malicious scripts also fetch images from third-party sites and include them in the junk pages alongside the relevant search terms, so that the automatically generated Web page contains legitimate-looking content.
Exploit Packs Run on Java Juice
In October, I showed why Java vulnerabilities continue to be the top moneymaker for purveyors of “exploit kits,” commercial crimeware designed to be stitched into hacked or malicious sites and exploit a variety of Web-browser vulnerabilities. Today, I’ll highlight a few more recent examples of this with brand new exploit kits on the market, and explain why even fully-patched Java installations are fast becoming major enablers of browser-based malware attacks.
Spear Phishing Attacks Snag E-mail Marketers
Criminals have been conducting complex, targeted e-mail attacks against employees at more than 100 e-mail service providers (ESPs) over the past several months in a bid to hijack computers at companies that market directly to customers of some of the world’s largest corporations, anti-spam experts warn.
The attacks are a textbook example of how organized thieves can abuse trust relationships between companies to access important resources that are then recycled in future attacks.
Microsoft Plugs a Record 49 Security Holes
Microsoft today issued 16 update bundles to fix a record-breaking 49 separate security vulnerabilities in computers powered by its Windows operating systems and other software.
Tool Blunts Threat from Windows Shortcut Flaw
Microsoft has released a stopgap fix to help Windows users protect themselves against threats that may try to target a newly discovered, critical security hole that is present in every supported version of Windows.
McAfee False Detection Locks Up Windows XP
McAfee’s anti-virus software is erroneously detecting legitimate Windows system files as malicious, causing reboot loops and serious stability problems for many Windows XP users, according to multiple reports.
Unpatched Java Exploit Spotted In-the-Wild
Last week, a Google security researcher detailed a little-known feature built into Java that can be used to launch third-party applications. Today, security experts unearthed evidence that a popular song lyrics Web site was compromised and seeded with code that leverages this Java feature to install malicious software.
