Home

Microsoft working on a fix for Internet Explorer 8 flaw

  • Yashowardhan Rai / 16 years
  • 0
  • 1 min read

Microsoft is working on a fix to get rid of Internet Explorer 8 vulnerability that can enable serious security attacks against websites that are otherwise safe. Ironically, the flaw resides in XSS (Cross-site scripting) filter, a protection feature in Internet Explorer 8 that’s designed to prevent XSS attacks against sites. XSS exploits allow attackers to […]

Zeus malware uses the “/launch” command feature of Adobe Reader

  • Sanjay Katkar / 16 years
  • 0
  • 2 min read

Last week I had written a blog (see “Disguised PDF attack possible”) about possible attack using simple technique in Adobe Reader. It is being observed now that malware writers of Zeus malware are using the “/launch” command line parameter in Adobe Reader to launch a malicious code without exploiting an vulnerability in the software. The […]

SMS scams

  • Ranjeet Menon / 16 years
  • 0
  • 1 min read

Today I received a SMS message with following text: CONGRATS-YOU-WON-700,000-GBP- IN 2010-UK-TOYOTA WORLDWIDE- INT’L-MMOBILE-DRAWS-WINNING -#1,TO-CLAIM-YOUR PRIZE CONTACT MR.BEN VIA EMAIL:xxxxxxxx2010@hotmail.com Its not something new, malware writers/ cyber criminals are attempting to fool mobile phone users with such bogus text messages. Mobile user are increasing day by day so is the SMS (Short Message Service). The […]

Disguised PDF attack possible

  • Sanjay Katkar / 16 years
  • 0
  • 1 min read

A design flaw in Adobe’s popular PDF format which was published by Didier Stevens in first week of April can be used by hackers to install malwares on users’s computers. Its a policy flaw and not a security vulnerablity in Adobe Reader that could cause this. Researcher demonstrated this attack using the PDF specification’s “/Launch” […]

Microsoft Security Bulletin released for the month of April

  • Nandini Seth / 16 years
  • 0
  • 2 min read

Microsoft has released its security bulletin summary for April 2010. This month Microsoft has released 11 bulletins which comprises of 18 vulnerabilities that have been addressed. Out of the 11 bulletins five bulletins have been rated “Critical”, five bulletins have been rated “Important” and one bulletin has been rated “Moderate”. Eight bulletins are related to […]

India completely un-prepared for cyber crime and espionage shows report

  • Sanjay Katkar / 16 years
  • 0
  • 2 min read

Shadows in the Cloud report (link to PDF) which was recently published by researchers in Canada shows India most vulnerable and most infected nation amongst all. This report documents a complex ecosystem of cyber espionage that systematically compromised government, business, academic and other computer networks in India and other several nations. Detailed analysis of report […]

Facebook Antivirus and wall spams

  • Ranjeet Menon / 16 years
  • 0
  • 2 min read

Social networking sites are often targeted by Cyber criminals in the rising Web 2.0 Internet world. Recently with the completion of its 6th anniversary Facebook has reached mark of 400 million users. No doubt it is becoming soft target as it is easier to get huge online users community. Some Facebook applications use different innovative […]

New variant of Sality

  • Ranjeet Menon / 16 years
  • 0
  • 2 min read

Another new variant of Sality was reported on Saturday. As was the case with previous versions of Sality (like Sailty.R), this one is also a polymorphic EPO virus which replaces the entry point code of the original file. The main virus body is attached at the end of original file and the section header is […]

Windows 7 most praised security features got compromised at Pwn2Own

  • Sanjay Katkar / 16 years
  • 0
  • 1 min read

The most talked about hacking contest Pwn2Own ended with bad news for Microsoft. The hackers were finally able to make their way and disable the Windows 7 data execution prevention (DEP) and address space layout randomization (ASLR). These two were the most highly praised security features of Windows 7. Security researchers Peter Vreugdenhil from Netherlands […]

Infection campaign using Twitter profile

  • Sanjay Katkar / 16 years
  • 0
  • 2 min read

Recently I was going through the twitter web site for just checking on tweets on Ricky Martin news. Of course with a thought that it being a hot topic of yesterday there can be someone using this news as a means to attract a potential victim to their web site. I was right as I […]