We wrote last year a couple of times about Facebook likejacking scams. A likejacking scam is an attempt to lure Facebook users to click on a post in order to see something very interesting. For example, “Dad walks in on Daughter… Embarrassing” , „This spider is brutal“, “Who visited your Facebook Profile”, “I Will NEVER TEXT Again After […]
Original: http://blog.isc2.org/isc2_blog/2013/01/vulnerability-disclosure-a-new-business-model.html We all see in the mass media every day that software is vulnerable and that this is bad. But, few know what is happening behind the scene, until the news get out. There are two ways to disclosure a vulnerability: the most common one is to make a “full disclosure”, but there is […]
The so called “BKA Trojan” (BKA stands for German Federal Criminal Police) malware which is also known as the Ransom trojan in other countries, has found a more convincing way to fool computer users to pay. Now, together with other eight possible misdeeds, the user is accused of hosting and distributing child pornography materials from his computer. […]
Apple has released a new version of iOS, the operating system that powers the iPhone, iPad, iPod. The new version fixes 20 security flaws related to the Safari browser. Some of the vulnerabilities were allowing bypassing of authentication, cross-site scripting attacks, privilege escalations, arbitrary code execution, memory corruptions. Last but not least, the compromised Türktrust certificates were revoked. […]
We wrote last week about Malware delivered with fake Craigslist fax-to-email notifications.This week’s malware delivery mechanism is a fake email notification from the well-known online hotel reservations portal booking.com. The malware is delivered when you click on “Print Booking Details” via an archive which should contain the form with the reservation details. In order […]
Cybercriminals are using a combination of social engineering tactics to trick users into opening malware-spreading emails. Avira experts have come across emails that appear to come from Craigslist, but sent via eFax Corporate. The messages, which have nothing to do with either Craigslist or eFax, inform recipients that they’ve received a 24-page fax. However, researchers […]
http://www.searchsecurity.de/specials/security_corner/articles/391962 This is my first article on SearchSecurity.de’s Security Corner, but definitely not the last one. I will publish soon the English version as well.
If you receive such a message containing an HTML page attached, don’t open it. The email pretends to come from “craigslist – automated message, do not reply <robot@craigslist.org>” and has the subject ”Efax Corporate”. What I find interesting is that the fraudsters didn’t even bother to write JS code to detect if the script runs in […]
http://www.searchsecurity.de/specials/security_corner/isc2/ My cooperation with SearchSecurity.de is finally showing something. I was addded on the (ISC)2 Security Corner: Sorin Mustaca, Avira Operations GmbH & Co. KG Sorin Mustaca, (ISC)²-zertifizierter CSSLP, CompTIA Security+,Project+, ist seit 2000 in der IT Sicherheitsindustrie und seit 2003 bei Avira tätig. […]
We and pretty much the rest of IT world, have written about the Java zero-day exploit, about the fast patch that Oracle release to remove some of the market pressure and also about the fact that such a quick move can only mean that even more bugs were probably introduced, which might lead to other […]
You must be logged in to post a comment.