Cisco: About 90 pc of all email is spam

Armies of hijacked computers are flooding the world with spam as hackers devise slicker ways to take over unwitting people's machines, according to a Cisco report released Monday.

Virus-infected computers are woven into "botnets" used to attack more machines and to send specious sales pitches to email addresses in low-cost quests to bilk readers out of cash.

"Every year we see threats evolve as criminals discover new ways to exploit people, networks and the Internet," said Cisco chief security researcher Patrick Peterson.

Facebook hackers selling profile details to criminals

In the latest cyber crime, hackers are stealing account entry details for the social networking site from unsuspecting punters and using these infiltrated accounts to send spam messages to millions of other users.

These spam messages are usually disguised as links to video clips or photos from family and friends.

By clicking on the spam message, the victims' computers are infected with spyware that records all their keystrokes and copies details, including passwords, when they log into various sites.

Major security flaw in Internet Explorer

Microsoft has warned users of Internet Explorer (IE) 7 that hackers have been attacking a vulnerability in the current version of the web browser that, in a worst-case scenario, could potentially lead to remote takeover of their computer - and the threat is rising rapidly.

Basically, a vulnerability in the browser has left it, according to Microsoft, 'exploitable', while the older IE 6 and Beta 2 version of IE 8 are also potentially vulnerable.

Threatscape Report from Fortinet - November 2008 Edition

Top 10 exploitation attempts detected for this period, ranked by vulnerability traffic. Percentage indicates the portion of activity the vulnerability accounted for out of all attacks reported in this edition. Severity indicates the general risk factor involved with the exploitation of the vulnerability, rated from low to critical. Critical issues are outlined in bold:
RankVulnerabilityPercentageSeverity
1Trojan.Storm.Worm.Krackin.Detection36.9Highy
2Worm.Slammer23.2Highy
3IE.IFRAME.BufferOverflow.I0.5Highy
4MS.IIS.Web.Application.SourceCode.Disclosure0.4Mediumy
5MS.Exchange.Mail.Calender.Buffer.Overflow0.4Highy
6TCP.PORT00.3Lowy
7MS.IE.HTML.Attribute.Buffer.Overflow0.3Highy
8MS.GDIPlus.JPEG.Buffer.Overflow0.3Criticaly
9SSH.Client.Buffer.Overflow0.3Highy
10Mambo.Function.Path.Validation0.3Mediumy

Beware of These 3 Scams Online This Holiday Season

Better Business Bureau is warning consumers and businesses to keep their guard up and their wits about them in order to fend off a new string of phishing e-mails making the rounds this holiday season.

AdAware Developer Launches Anti-Virus Helix

Lavasoft unveiled Anti-Virus Helix, a stand-alone security tool designed to address the rapidly changing malware landscape. This new product delivers comprehensive protection and high performance with low impact on system resources.

Koobface virus spreads to Bebo

A virus that's attacking Facebook users is also infecting other social networking sites, says ScanSafe.

Koobface tricks social networkers into downloading malicious malware onto their PC. Users receive messages that look as if they're videos. Often they say something like "you look funny". When the user clicks to see the video, he is taken to a new website and asked to download special software in order to see the video.

IE7 No Longer Safe: ScanSafe Detects Vulnerability

An unpatched security vulnerability in Internet Explorer v7 is being actively exploited in-the-wild. Worryingly, the successful exploit of this vulnerability allows attackers to control the infected computer and access any personal information without the user being aware.

The vulnerability centers on Internet Explorer’s handling of specially crafted XML tags which can leave the browser susceptible to a heap spray attack. In the attacks observed by ScanSafe, successful exploit would result in the installation of a data theft Trojan with autorun worm capabilities.

Over 50% of malware spread via web

The security company revealed that 12 percent of malware is spread through malicious email attachments but just 5 percent comes from bugs that exploit software vulnerabilities.

Paul Ferguson, network architect at Trend Micro said: "This illustrates that social engineering seems to be playing a larger role than we thought. The problem isn't due to software vulnerabilities in, say, the browser".

BitDefender Uncovers New Password Stealing Application

BitDefender announced that a new type of password - stealing application disguised as a Mozilla Firefox Plugin has been detected in the wild. The e-threat, Trojan.PWS.ChromeInject.A, is downloaded to a Mozilla Firefox Plugin folder and is executed each time the user opens Firefox.
Syndicate content