Yet again a new IE bug has been discovered. The Advisory for the new bug is already posted in Secunia.
“The vulnerability is caused due to an error in the processing of certain sequences of nested ‘object’ HTML tags.”
This can be exploited when visiting a malicious website and has been confirmed to work on Internet Explorer 6.0 Windows XP SP2.
The web attacker toolkit is just $15 dollars and is offered by a russian website according to an article by The Register. Today we received a list of site that uses this toolkit and according to this list, there are approximately 800 sites that uses the Web Attacker Toolkit. Unwary users that strays to these sites may find themselves exposed to Javascript codes, These codes then attempts to take advantage of known web browser and Windows vulnerabilities to be able to find new homes of malwares ranging from keyloggers to banking trojans or even backdoors.
The kit even has the ability to determine which browser the visiting user is using and depending on the version, will use one of seven different exploits based.
Because of the low price of this toolkit we may see even more increase in sites that make use of it. We are warning users to be very cautious. Links to these sites may be spammed or advertised or watever, we strongly recommend updating machines with the latest patch.
A cute powerpoint trojan (it even has a cartoon picture of a girl petting a cat is currently making the rounds on the net. The powerpoint sends a good message about loving your work. The catch? It has an embedded exe file in it which gets dropped *possibly* via the MS06-012 vulnerability (we’re still verifying the actual exploit used, but it *seems* to be MS06-012).
When running the powerpoint, nothing out of the ordinary actually happens, but at the time that a user is done reading the message and closes the powerpoint, a temp file is created and executed, leaving two dropped files in the process.
Well there is one sure way of defeating this trojan though…UPDATE your Windows Systems.
Yes, obviously a copy-pasted title, and this one is from PC Magazine.
To summarize, the author discusses how and what Security Vendors should do in order to keep Microsoft at bay (coming from an end-user, that is).
And oh, a quote:
“Trend Micro has all the right tools in the box, but its antispyware component is a major disappointment.”
But hey, our antispyware is still improving and will improve (of course!). And we have “all the right tools in the box”. Still, not a bad description and plus-points for us.
Read it here.
Vulnerabilities and exploits aside, most security attacks become successful because of the supposed weakest link in the system: The human users (Yes, that’s us).
Because of the social engineering, a worm variant masquerading as a harmless attachment to an email is most likely to be opened and executed not because it does so on its own but rather it tricks the user into doing so. Gullibility then becomes the key to security breaches.
So don’t be gullible. Read more about social engineering here.
Yeah you know what I mean. After Apple updated OS X 10.4.5 to OS X 10.4.6 which addressed critical security vulnerabilities, there are other possible vulnerabilities found in the updated OS X. A guy, by the name Tom Ferris, claims to have found the following vulnerabilities in the updated OS X.
The first vulnerability was patched in OS X 10.4.6 however the other vulnerabilities are claimed to be unpatched in Apple OS X 10.4.6 but are already reported to Apple.
All of these have been reported to product-security@apple.com around the beginning of this year. From what I have been told, they “will be fixed in the next security release”.
You may follow the following link for the original article.
By the way, users who haven’t patched their OS X machines are advised to update to Apple OS X 10.4.6. You may visit Apple’s update page here.
Yesterday was a busy day for TMIRT engineers; our email honeypot
is still being flooded by mails from these email propagated
malwares.
Rest assured, all 5 malwares have already been processed by our
service team and proper solutions for them will soon be
available.
Apparently it is … there are already 10 cases of MYTOB worms
starting from April 8, the latest of which is WORM_MYTOB.PZ
(currently making the rounds). But there really is no need to
worry, the sample has already been sent to our very capable service
team and all solutions for the latest WORM_MYTOB are currently
being made and will be available soon.
According to InformationWeek, that is.
No doubt that these are noteworthy events, but distilling “infamous moments” in security research to just 10 tends to miss out other significant infamous moments. As some security blogs (OSVDB) points out, “initial discovery/disclosure of vulnerability classes (Overflow, XSS, SQL Injection) seem like they would big moments.” Moreover, the “list seems to be very centered around the last couple of years.”
Personally, I would like to add these.
These ones are off the top of my head. Of course, there are a lot others that I’ve missed. But then again, adding more would make the length of the list greater than 10, which is the purpose of the original article.
Yes, it’s time for Oracle’s quarterly patch, and before I leave my post I just wanted to remind Oracle product users. You may need to patch up your software in order to avoid attacks on known vulnerabilities that may be patched by Oracle’s developers. Well, visit the following link for the updates:
You can also see if you need to update your Oracle software in the given link.
