May 18, 2012 - Earlier this week, I researched the top websites blacklisted by Google. I've looked at more of these websites over the last three days to better understand the most common attacks. The findings are quite disappointing. First, most (continue reading...) Read more
May 14, 2012 - Google Safe Browsing is the most popular security blacklist in use. It is leveraged by Firefox, (continue reading...) Read more
April 30, 2012 - Search Engine Security (SES), a browser extension designed to protect users against Blackhat SEO links in search engines, is now available for Internet Explorer. You can download it from our website. It is compatible (continue reading...) Read more
April 26, 2012 - Vulnerable websites are regularly hijacked to redirect users to malicious domains. The most popular type of of malicious page are Fake AV pages. Attackers commonly increase traffic to these hijacked websites using Blackhat SEO techniques. Blackhat SEO (continue reading...) Read more
April 18, 2012 - We've seen an increase in hijacked websites in recent months, redirecting users to Fake AV pages, Blackhole exploit kits and other malware. While most websites hacked are personal sites, or University websites, (continue reading...) Read more
April 16, 2012 - Google Chrome has recently added an API to modify HTTP headers. This in turns, made it possible to port Zscaler's Search Engine Security add-on from Firefox and Firefox Mobile to Google (continue reading...) Read more
April 13, 2012 - As I mentioned last week, more Fake AV pages are once again showing up in popular Google searches. Although these malicious pages look the same as they did 2 years ago, the source code is different. (continue reading...) Read more
April 9, 2012 - PDF exploits have been targeted by Blackhole exploit kits for some time now. The Blackhole exploit kit will deliver various malicious PDF files to a user if the victim is running (continue reading...) Read more
April 6, 2012 - In 2011, Blackhat SEO links were pretty much absent from the most popular searches in Google. Instead, Blackhat SEO was used to target more specific searches. The technique heavily used to poison the searches (continue reading...) Read more
April 6, 2012 - We, like most in the security community, have been following the latest developments with the Mac OS X Flashback Trojan and it's exploitation of the recently patched Java vulnerability (CVE-2012-0507). This story has a lot of (continue reading...) Read more
March 30, 2012 - Looking back on traffic from this week, I noticed a large spike in the number of companies accessing free TLD / Dynamic DNS related sites. Digging deeper it appears that a malware campaign tied to massive WordPress compromises was (continue reading...) Read more
March 28, 2012 - During the course of investigating an open incident ticket (continue reading...) Read more
March 27, 2012 - I've released my first add-on for Internet Explorer and I've almost finished a second one. Developing for Internet Explorer was a very different experience than developing for the other browsers I've worked with before - Firefox, (continue reading...) Read more
March 20, 2012 - 3/26 Update: I was approached and asked to run stats to do a bit of comparison and contrast with Sports traffic from last year - with the goal in mind to identify if there was a noticeable percentage increase (continue reading...) Read more
March 19, 2012 - Zscaler Safe Shopping, the browser extension that warns users when they visit a fake store or compromised store, was Firefox, Google Chrome, Safari and Opera. It is now available for Internet Explorer 6 to 9 (Windows (continue reading...) Read more
March 14, 2012 - I've stumbled upon hundreds of links targeting Opera Mobile users, to trick them into installing a malware on the device. The links are in the form of: hxxp://geqe.net/opera_mini/1965/opera_mini.auto#phpsessid=85cfe7f19a08b6387d0441a9d949bb95 Each has a different (continue reading...) Read more
March 13, 2012 - In the long history of free hosting and DNS providers abused (co.cc, pastehtml.com, etc.), x90x.net can now be added to the list, as it is being used to host many Facebook Phishing (continue reading...) Read more
March 7, 2012 - Vkontakte is the Russian equivalent of Facebook and has been criticized for being a direct "clone". Well, scammers are "cloning" (continue reading...) Read more
March 5, 2012 - Pinterest is a new social network that has been getting a lot of press lately. Basically, Pinterest is a virtual board, where users can pin things they like online. They can share the content with (continue reading...) Read more
February 28, 2012 - This past month, I've seen an increase in hijacked sites redirecting to a Fake AV page. These attacks typically involves three separate phases: The hijacked website redirects users coming from a Google search to an (continue reading...) Read more