Month: February 2010

SEO poisoning not in well, but it’s aiming for the water heater

People looking to take advantage of the savings from the government during these harder financial times are being hit with other financial burdens (Rogue AV software). Our (environmentally conscious) researcher Adam Thomas heard about a “green” hot water heater that might be a good addition to his Earth-friendly home. So he did a Web search …

SEO poisoning not in well, but it’s aiming for the water heater Read More »

Insight into fake AV SEO

In this post I want to highlight how SEO attacks are working: Pages using server side kits to fool search engine bots into ranking them high in results are uploaded to legitimate web sites. If all goes to plan, when a user searches for a popular term, high up in the search engine results are …

Insight into fake AV SEO Read More »

Troj/IFrame-DY: Old websites don’t die they just get infected

Earlier this week Sophos informed a UK Local Police Authority (Hertfordshire) that a website they owned was infected with Troj/IFrame-DY. It turns out that the Police Authority has a new site and the infected site is an old one that just leads the user to the new site: Unfortunately, the old site also contains a malicious script, appended …

Troj/IFrame-DY: Old websites don’t die they just get infected Read More »

Do I Know You?

Imagine that you’re sitting at home catching up on your email backlog. In comes an email from your ISP, FooBarBazCo (some creativity required here, I know). The email seems to be from Technical Support  – ‘From:    FooBarBazCo.com Team’ – and states that you need to update your email settings as a result of a recent …

Do I Know You? Read More »

Facebook’s news-feed patent could mean lawsuits

(CNN) (CNET) — Facebook this week was awarded a patent pertaining to streaming “feed” technology — more specifically, “dynamically providing a news feed about a user of a social network,” complementing another patent filing that has been published but not yet approved. The implications for this, as AllFacebook.com pointed out earlier on Thursday, are far-flung: Facebook …

Facebook’s news-feed patent could mean lawsuits Read More »

Zeus botnet continues: 2,500 victims estimated

Herndon, Va., forensics firm NetWitness has said that the Zeus botnet has breached the networks of nearly 2,500 organizations in nearly 200 countries, including 10 U.S. federal agencies. NetWitness researchers said many victims are Fortune 500 companies in energy, finance and high tech sectors. NetWitness based its conclusions on information from a 75-gigabyte collection of …

Zeus botnet continues: 2,500 victims estimated Read More »

Apple iPhone Warranty Scam

Symantec has recently observed phishing scams targeting Apple iPhones in order to gain serial numbers, IMEI, model, and capacity, etc. What is an IMEI? An IMEI (international mobile equipment identity) is a 15-digit unique number used by GSM networks to identify valid devices. Every GSM, WCDMA, or iDEN mobile phone (and even the odd satellite …

Apple iPhone Warranty Scam Read More »

30 percent of U.S. is totally safe from Internet threats

A survey of 54,000 households (129,000 people) commissioned by National Telecommunications and Information Administration (NTIA) last year found that 30 percent of U.S residents did not use the Internet at home or at work. The study, based on Census Bureau work, found that 64 percent of households had connections. In 2007, only 51 did. The …

30 percent of U.S. is totally safe from Internet threats Read More »

Exploit for zero-day vuln in Firefox is for sale

Evgeny Legerov, founder of Intevydis in Moscow, has created an exploit that hits a previously unknown heap-corruption vulnerability in the Firefox browser. The code isn’t readily available though, since he’s put it in a module to the automated exploitation system he sells (reportedly at a considerable price.) Legerov has not provided information on the vulnerability …

Exploit for zero-day vuln in Firefox is for sale Read More »