News about the death of Steve Jobs has been exploited by cyber-criminals by sending spam emails associated with this incident. The spam mail may have one of the following subjects: – “Steve Jobs: Not Dead Yet” – “Is Steve Jobs Really Dead?” – “Steve Jobs Alive!” – “Steve Jobs Not Dead” If you have received […]
Phishers are using spoofed email addresses from the US Computer Emergency Response Team (US-CERT) to trick recipients into downloading a malicious executable file. The emails are sent from the spoofed email address soc@us-cert.gov with the subject line: “Phishing incident report call number: PH0000003863970”. The fake warning claims US-CERT has opened the incident number PH0000007135030 and […]
A series of phishing attacks aimed at stealing Gmail and Yahoo user login information is on the rise. I believe that the attacks were part of a larger campaign aimed at stealing user data and compromising computer systems. If the users enter the login details on such phishing links, then the information gets transferred to […]
A critical vulnerability has been identified in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh and in Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to gain control of the affected system. These updates include fixes […]
We have received a new malicious Android malware which is using the names of popular games and applications published under the name “Stevens Creek Software” to get installed on the user’s mobile. And the interesting thing about this rogueware is that unlike other Android malware which ask for numerous permissions before getting installed, it asks […]
Microsoft has released seven bulletins covering a total of eight vulnerabilities. Only one issue is rated ‘Critical’ and it affects Windows Media. The remaining issues affect Windows, the kernel and Microsoft’s Anti-Cross Site Scripting library. The following vulnerabilities are rated “Critical”: MS12-004 – Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391) This security […]
Google Chrome has released a new version, 16.0.912.75, to fix three high severity security issues. The details about these issues can be found at: https://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html Most users will get automatically updated to the latest Chrome version. It is recommended to apply this update if you don’t have version 16.0.912.75.
It has been observed that cybercriminals are using the name of the North Korean leader Kim Jong-II after his death to target Internet users. Attackers are achieving this by spamming malicious emails containing specially crafted PDF files named “BriefintroductionofKim-Jong-il.pdf” This PDF file has been found to exploit CVE-2010-2883 and CVE-2010-3333 vulnerabilities in Adobe Acrobat reader. […]
Microsoft has released an out-of-band bulletin MS11-100 addressing four vulnerabilities. The bulletin is rated by Microsoft as critical and the vulnerabilities are listed as below: – Collisions in HashTable May Cause DoS Vulnerability (CVE-2011-3414) – Insecure Redirect in .NET Form Authentication Vulnerability (CVE-2011-3415) – ASP.Net Forms Authentication Bypass Vulnerability (CVE-2011-3416) – ASP.NET Forms Authentication Ticket […]
Today is the last day of the year and the right time to list out the top 10 Malwares of this year. The list below is based on our report which is generated from the automated feedback that we collect from Quick Heal installations across India. Top 10 Malware Families of 2011 • W32.Autorun.Gen: Autorun […]
