March 11, 2010 - Yesterday, Microsoft issued a security advisory for an unpatched and actively exploited invalid reference pointer vulnerability in the Internet Explorer 6 and 7 web browsers. In the attack we observed, the exploit code will load the TDSS.CQ trojan, which is ... Read more
March 11, 2010 - Swiss security blog Abuse.ch has reported that the worst Zeus botnet hosting ISP was taken off line yesterday, cutting the botnet’s number of servers from 249 to 181 – including the six worse ones.Abuse.ch wrote: “As ... Read more
March 11, 2010 - Hollywood celebrity Corey Haim has died in typical tabloid fashion: “under investigation.” And we all know that celebrity death equals Internet scams by the boatload.There are a number of spam runs currently circulating on video sharing sites such ... Read more
March 11, 2010 - Well, it looks like rogues are going to be in style this season.Our good friends at McAfee AV have predicted that the 400 percent increase in rogues (also called “scareware”) they saw in 2009 will continue ... Read more
March 11, 2010 - In February, spammers continued to use the news of the earthquake in Haiti and the recent earthquake in Chile as another vector to utilize. Scam and phishing messages accounted for 19 percent of all spam in February, which is 2 ... Read more
March 11, 2010 - As we were working through URLs identified as suspicious due to our GTI technology, one of the URLs that presented itself was an average “.com” site that loaded a php. As we processed this – it was interesting to see ... Read more
March 11, 2010 - Following our blog, Zero-Day Attack on IE6 – JS.Sykipot Doesn’t Spare Retired Software, covering the recent IE Zero-day, we thought it might be interesting to look at an attack in the wild using this vulnerability and the resulting ... Read more
March 11, 2010 - There are innumerable benefits to digitized record-keeping. I can’t say enough about the benefits of correlation and collation of information that could be gained from taking information off of paper and moving it into computers. For health information, the potential ... Read more
March 11, 2010 - We've been seeing a gradual shift in malicious PDF file coding (no surprise there, we know malware authors can and do adapt their techniques).For a long time, we saw malicious PDF files that were simple enough ... Read more
March 11, 2010 - Moscone Center, San Francisco, USA is the site of this week's RSA Conference 2010. It's the world's largest information security industry conference with well over 10,000 attendees. For some perspective on just how big it is: there ... Read more
March 11, 2010 - Charlie Miller, the Pwn2Own contest winner for two years in a row, gives his take on Internet security. Guess what — your Mac OS is no less vulnerable than its Microsoft Windows counterpart.Windows 7 or ... Read more
March 11, 2010 - Criminals like to attack the biggest target because BIGGER generally provides a better Return On Investment (ROI). Windows is a good example. Mac is indeed safer than Windows but it isn't necessarily because Mac is more secure. Windows ... Read more
March 11, 2010 - Remember Microsoft's action against 277 Waledac domains last week? Well, that's one way of going after a botnet…Another way of shutting down a botnet? Arrest the botmasters!Three Spanish citizens have been arrested for ... Read more
March 11, 2010 - Another day, another news, and well… another SEO poisoning stint.Using PDF files in SEO poisoning is recent, but not exactly fresh news. So we were thinking of ... Read more
March 11, 2010 - Just when we thought SEO using Flash was as interesting as SEO poisoning can get, it seems it's getting even sneakier…Imagine a PDF file posted by someone evil online. Of course, Google being Google, the ... Read more
March 11, 2010 - Somebody is trying to pose as us. If you see an email like the one below, please ignore it: From: security@f-secure.com Reply-To: securitysupport@hotxf.com Subject: Security Maintenance.F-Secure HTK4S Date: Fri, 5 Mar 2010 18:11:05 -0000 To: undisclosed-recipients:;... Read more
March 11, 2010 - As "JiLsi" — one of the online criminals from Darkmarket — was sentenced last week to almost five years in prison, we have received some media queries on the case.In particular, one journalist wanted ... Read more
March 11, 2010 - Microsoft schedules its security updates on the second Tuesday of the month. Adobe recently began following this schedule as well, and while there are no Adobe updates today, there was an out-of-cycle security update two weeks ... Read more
March 11, 2010 - F-Secure has an additional blog that launched today. It's called Safe and Savvy.You'll notice that the name is pink. That's part of our new brand ... Read more
March 11, 2010 - I wasn't sure I'd see this Browser Choice update:I set my computer's Regional Options for the United States even though it's physically located in Finland (I'm an ... Read more
