Video Screencast Help
Security Response
Showing posts in English
Eric Chien | 15 Jun 2007 07:00:00 GMT | 0 comments

Just hours after Apple released Safari for Windows and I wrote about the potential for associated exploits, multiple exploits have been released. This currently includes:

Apple Safari for Windows Protocol Handler Command Injection Vulnerability (BID 24434)
Apple Safari for Windows Unspecified Denial of Service Vulnerability (BID 24431)
Apple Safari for Windows Unspecified Remote Code Execution and Denial of Service Vulnerabilities (BID 24433)

Details on the first one have already been released publicly and theother two have been reportedly disclosed to Apple. We have not...

Elia Florio | 15 Jun 2007 07:00:00 GMT | 0 comments

We verified a report of a large-scale web attack on going in Italy at the moment. The attack is similar to what we described in our previous blog; it just uses a new different final domain which runs the hostile exploits of Mpack 0.86 kit.



The gang behind the attack had successfully compromised the homepagesof hundreds of legitimate Italian websites. We checked many of them andwe verified that they include now a malicious IFRAME (detected asTrojan.Mpkit!html) which redirects to the same bad IP address. The listof compromised sites is huge and from Mpack statistics this attack isworking efficiently (the...

Ron Bowes | 14 Jun 2007 07:00:00 GMT | 0 comments

In my recent article about Spam in Multiplayer Online Games(smog), I talk about how spammers sell resources such as gold. Theseresources can be obtained with minimal user interaction, by using anautomated program to control characters and play the game. By doingthis, gold can be collected and either used or sold for real money.

As a massively multiplayer online game develops, an economydevelops. The value of rare items tends to emerge, and people will makefair trades or purchases from each other. People who play the game fora reasonable amount of time are able to purchase the same items asothers, by collecting gold (or whatever currency is used). Ideally, theeconomy will balance and end up at a fair point.

However, automated programs can be used to for this collection. Aprogram can run 24/7, doing nothing but harvesting gold. This gold...

Greg Ahmad | 13 Jun 2007 07:00:00 GMT | 0 comments

On April 27, 2007, various Internet resources from the Republic of Estonia came under a series of DDOS or distributed denial of service attacks.According to claims by Estonian government officials and media, theattacks originated in Russia and followed a dispute between thegovernment and ethnic Russians over the relocation of a Soviet warmemorial from the Estonian capital of Tallinn. The attacks targetedwebsites belonging to government ministries, banks, media, politicalparties and businesses.

Though DDOS attacks against various networks have taken place onnumerous occasions in the past, the particularly interesting aspect ofthese attacks was that they appear to be...

Ben Greenbaum | 12 Jun 2007 07:00:00 GMT | 0 comments

Hello again... this month's update contains 6 advisories with atotal of 15 patched vulnerabilities. Major apps for this month wereonce again IE and Outlook/Windows Mail, coming in with 6 and 4 patchedvulnerabilities respectively. This month we also see updates forfile-based attack vectors against Visio, remotely exploitablevulnerabilities in both a dev library and a security package patched,and a fairly low profile information disclosure vulnerability in Vistadealt with.
As usual details are given below in order of descending urgency. Happypatching, and we'll be back for another round next month...

MS07-034; KB929123
Cumulative Security Update for Outlook Express and Windows Mail

This release addresses four issues in Windows Mail (vista) andOutlook...

Ron Bowes | 12 Jun 2007 07:00:00 GMT | 0 comments

In today's computerized world, loss of confidential information is far too common. If you look at a good list of personal information data breaches , you will quickly see that a breach occurs almost every day, and that's just in the United States!

Almost everybody knows that databases get hacked and laptops getstolen, both of which can expose all kinds of information aboutcustomers and employees. Information is frequently lost due tomalicious intentions. So security is audited, laptops are encrypted,and a lot of companies take steps to ensure that this type of exposuredoesn't happen. Data is still exposed, but many companies actively tryto prevent it.

I'll start with a story. I know a company that sells acustomer-management solution that once had a demo site, with demo data,which potential customers could play with. After a software upgrade,the demo database was...

Eric Chien | 11 Jun 2007 07:00:00 GMT | 0 comments

Apple announced a variety of new technologies today at Apple'sWorldwide Developers Conference. A couple of interesting technologiesincluded the confirmation of third party applications on the iPhone andthe availability of the Safari web browser on Microsoft Windows.

In a previous blog article,we discussed how limiting third party applications on the iPhone wouldcurtail any malicious applications for the iPhone. Opening up theiPhone to third party applications now raises the risk of maliciousapplications for the mobile device. However, the ability to writemalicious applications for the iPhone still remains to be seen as thedevil is in the details.

According to the demonstration, applications will be written inJavaScript and executed within Safari. The applications will haveaccess to internal phone applications including the ability to...

Marc Fossi | 11 Jun 2007 07:00:00 GMT | 0 comments

There have been numerous proposals for ways to prevent phishing scams. Suggestions ranging from EV certificatesto new specialized top-level domains seem to imply that the end ofphishing would be brought about through their implementation.Unfortunately, this isn’t likely to be the case.

Let’s look at a phishing scam for what it really is – an onlineversion of the classic confidence scam. The reason it’s called aconfidence scam is that the perpetrator has to gain the confidence oftheir intended victim in order to reap the rewards. Some of these scamsare so thinly veiled that only the extremely gullible will fall victimwhile others are so elaborately played that even some of the mostcautious individuals are fooled. The same goes for the online version.

Some phishing attacks are so poorly crafted (I’m sure most companiesdon’t misspell their own names) that many...

Yazan Gable | 08 Jun 2007 07:00:00 GMT | 0 comments

A couple of extremely critical vulnerabilities were discovered anddisclosed in Yahoo! Messenger two days ago, on June 6th. Late lastnight and early this morning, exploits were released to take advantageof these issues. At the time of the release, Yahoo had not yet patchedthe issues, so Yahoo! Messenger users were at significant risk of beingattacked.

The two vulnerabilities are both buffer overflows in the ActiveXcontrol that handles Yahoo’s Webcam functionality [1][2]. Due to theexploits being released publicly, anyone can carry out an attack bypersuading a user into following a link to a malicious file.

Fortunately, Yahoo has released an update to their Yahoo! Messengerproduct to resolve this issue. The latest version of the software,version 8.1, is reportedly not vulnerable. Users should update as soonas possible to reduce their exposure to potential attacks.

[1] http://www....

Ollie Whitehouse | 08 Jun 2007 07:00:00 GMT | 0 comments

Time for the next installment in my enthralling series on ‘Watching Microsoft Patch Windows CE’ and remember kids:

There are currently no reported security vulnerabilities for Windows CE

In my previous entry on this subject [2] I covered up untilFebruary’s updates for Windows CE 5 (the base to Windows Mobile 5 and6) so I’ll start logically with March’s [3 Below is my commentary foreach of the fixes I feel has a security impact.

• 070310_KB934175 – Numerous bugs in the .NET 2.0 compactframework; some of the exceptions / access violation occur in nativecode.

• 070320_KB933434 – Remote denial of service condition in RNDIS

• 070320_KB933680 – This issue discusses how Internet Explorer willcrash when it receives a certain response for a web server. The updatepatches WININET.DLL – as we all know a crash is a pretty goodindication of something worth investigating which may yield arbitrarycode execution.

Moving on...