Archive for June, 2009
Exploitable IE6 Still Top Browser Used
in 2001, Microsoft released Internet Explorer version 6. 5 years later the released version 7 and just recently the released version 8. While there are now two newer FREE versions, as well as many other FREE products from other vendors, the majority of systems still use IE6. Some of the major milestones [...]
Scams using Social Networking Sites
There is a blog post that discusses a couple of scams using social networking sites Facebook and Twitter. Good to be aware.
Spear Phishing Scam
Kevin Prince of Perimeter eSecurity has an interesting post regarding the anatomy of a spear phishing or targeted phishing attack using the recent Aetna data breach as an illustration. You can see it here.
All of Kevin’s stuff is posted at security.perimeterusa.com
DDOS Attack Against a Domain Registers DNS Server
Botnets have grown in size and sophistication and as such we should gear up for some real attacks coming from them. I think we will begin to see more attacks like the one that happened a couple of weeks ago in China. A DDOS attack against a popular domain registrer in China. [...]
Malicious Insiders Causing Havoc at Financial Institutions
The SANS institute (www.sans.org) posted these two blurbs that caught my attention regarding threats from the inside.
–Bank Employee Draws 39-Month Sentence in Theft Scheme (May 25, 2009) A former bank employee has been sentenced to more than three years in jail for attempting to steal GBP 1.2 million (US $1.9 million) from his [...]
20,000 Legitimate Websites Compromised Through New Injection Attack
Websense recently made this announcement:
“Websense Security Labs(TM) Threatseeker(TM) Network has detected that a large compromise of legitimate Web sites is currently taking place around the globe. Thousands of legitimate Web sites have been discovered to be injected with malicious Javascript, obfuscated code that leads to an active exploit site. The active exploit site uses a [...]