Video Screencast Help
Search Video Help Close Back
to help

Website Security Solutions

Showing posts tagged with Malware
Showing posts in English
“Danger: Malware Ahead!- Please, Not My Site”
Leelin Thye | 17 Jan 2013 | 0 comments

In the article “Google Flags Ad Network Isocket for Alleged Malware; Chrome Blocks TechCrunch, Cult of Mac, others (Updated)”,[1] a large number of popular sites using a prominent advertising network was affected when  their sites were blocked by Google on suspicion of containing malware. Regardless whether the action was a result of false positive reading or not, the financial impact to advertising networks and their client sites is high when users are unable to access the websites and see a “Danger: Malware Ahead!” warning.  Business is disrupted and brand reputation compromised.

On the other hand...

Read more
Google app malware incident highlights need for publisher identity and accountability
Tim Callan | 18 Dec 2012 | 0 comments

Whole buncha headlines yesterday as Google pulled the plug on more than fifty Android apps for containing malware. Threatpost has a good writeup here, and Android Police has even more detail here and here. Existing writing on the subject has focused on the cleverness and skill of the trojan itself, along with debate about how soon...

Read more
Subdomain of TechCrunch blacklisted by Google for malware distribution
Tim Callan | 18 Dec 2012 | 1 comment

As of posting time, a Google search of the phrase techcrunch crunchies yields as its first result a blacklisted result for the 2009 Crunchies award page (crunchies2009.techcrunch.com). The details page shows that on September 28 (yesterday) Google found malware distributed on this subdomain of TechCrunch.

This result gives you an opportunity to see how a real, blacklisted site looks on Google. If you do click on the link for crunchies2009.techcrunch.com (it's safe; don't worry) you'll go to a Google roadblock page that reads,

Warning - visiting this web site may harm your computer!
Suggestions:
Return to the previous page and pick another result.
Try another search to find what you're looking for.
Or you can continue to http://crunchies2009.techcrunch.com/ at your own risk. For detailed information about the problems we found,...

Read more
Certificate revoked in Acrobat malware attack
Tim Callan | 18 Dec 2012 | 0 comments

A new malware attack made the press yesterday by exploiting vulnerability in the Adobe Acrobat platform to circumvent Windows defenses. Like other recent attacks, this malware was signed using a compromised certificate. Symantec found out about this attack on Wednesday afternoon. On Wednesday we contacted the customer to inform them of the compromised certificate and revoked the certificate.

The original blog entry that revealed the attack is here. The attack was covered in The Tech Herald here.

Read more
Network Solutions malcode widget first discovered by VeriSign Trust Seal web site malware scanning
Tim Callan | 18 Dec 2012 | 0 comments

There's a lot in the news right now about the malware distributed from what may be as many as 5,000,000 parked Network Solutions pages. In addition to the earlier article, here's a nice summary from Brian Krebs, and here's one from Elinor Mills of CNET.

The story originally broke from VeriSign Trust Services partner Armorize in a detailed two-part blog (part two here) with a subsequent, also detailed, follow up. In...

Read more
Web site malware scan and seal-in-search added to VeriSign SSL Certificates
Tim Callan | 18 Dec 2012 | 0 comments

We made a big announcement today. We've added significant functionality to VeriSign SSL Certificates. VeriSign SSL users will be able to take advantage of our web site malware scanning and Seal-in-Search capabilities, just as users of the standalone VeriSign Trust Seal can.

Read more
Making the Grade on the Annual OTA Online Safety Honor Roll
Tim Callan | 18 Dec 2012 | 0 comments

The Online Trust Alliance (OTA) just announced its Online Safety 2010 Honor Roll, on which only 8% of the 1200 analyzed companies made the list. The OTA evaluated these 1200 sites based on their usage of e-mail authentication standards, Extended Validation SSL Certificates, and the presence or absence of malware on their public-facing sites. OTA also reported that more than 26% of the Internet Retailer 500 and top 100 financial services companies have adopted EV SSL Certificates. Here's what the Wall Street Journal had to...

Read more
EV SSL and iFrame attacks
Tim Callan | 18 Dec 2012 | 9 comments

We're seeing active discussion online about the possibility of hijacking a single frame in a production site to steal logins or PII. The scenario is that a criminal gang would redirect this frame (through DNS poisoning, let's say) and populate it with its own content from servers under its control. Presumably this content would involve form fields asking for information the criminals want to receive and which you would be willing to share in this context (such as your bank account login or social security number).

Now, the recent dialog is around the scenario where this proposed attack happens on a site with an Extended Validation SSL Certificate. The certificate identifies the controller of the top-level frame and does not report on the sources of any internal frames in that page. That is in keeping with near-ubiquitous practices in consumer Web applications...

Read more
Political campaign spoofing already underway
Tim Callan | 18 Dec 2012 | 0 comments

Yesterday I discussed the possibility of Presidential campaigns being phished. This article in SC Magazine explains the criminal activity we already have seen in this arena.

The essence of the story is that anti-virus software vendor Webroot just in the past few days announced that is had detected malware attacks against major Presidential campaigns. Reports SC Magazine,

the campaign websites of Obama, a Democratic senator from Illinois, and Paul, a Republican representative from the 14th Congressional District of Texas, have been spoofed as part of online scams.

The article goes on to say,

"We initially saw these types of spoofs...

Read more
Can political donations be phished?
Tim Callan | 18 Dec 2012 | 0 comments

In light of Ron Paul's massive fundraising day yesterday ($3.8 million raised online in a single day) one security blogger has brought up the question of phishing attacks against Web-based political fundraising. In his Threat Chaos blog Richard Stiennon asks the question,

But how many of those 35,000 donors checked the URL carefully before providing their credit card information as well as the name of their employer? Was it a phishing site they were visiting?

Richard is exactly right to be asking this question. As I have pointed out in the past, phishing attacks a great deal more than simply banks. Why are they not attacking online political parties? They probably are. And if they aren't, it's only a matter of time until they do.

Read more