No Image

2010 CWE/SANS Top 25 Most Dangerous Programming Errors

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all. Read more here: mitre.org: http://cwe.mitre.org/top25/ PDF: http://cwe.mitre.org/top25/archive/2010/2010_cwe_sans_top25.pdf The 1st place: Failure to Preserve Web Page Structure (‘Cross-site Scripting’) The 2nd place: Sanitization of Special Elements used in an SQL Command (‘SQL Injection’) The 3rd place: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) My personal opinion: I am astonished that is ONLY on place 3. I would set it on place 1.

No Image

Stock spam reloaded: XLS format this time

Remember the stock spams send in PDF format ? You thought they are new ? Think again ! Now it is time for Excel format ! The mails come in a ~24Kb XLS file called “detailed invoice.xls”, “stock information.xls”, “investor_news2323.xls” and probably many others. See the picture below for a screen shot. What is interesting is the fact that we speak again of a stock sold at Frankfurt Stock Exchange, in Germany. But, this time, they go big: The subject is “Turn € 5,000 into € 25,000” and the document is created by a user called “mobile”. The username comes from the name of the company advertised in spam: Exchange Mobile They advertise in the spam: Company Name: Exchange Mobile Ticker Symbol: Frankfurt: EM1 WKN: 884090 ISIN: US3013051087 Friday Close: € 0,20 3-Day Target: € 0,35 5-Day Target: € 0,50 10-Day Target: € 1,00 Reality (source: www.cortalconsors.de) Friday close: € 0,231 Lowest course: € 0,20 Total amount of shares: 31.090 Value of the stock : € 6.953,3 So, they want us to buy stocks in value of €5000 🙂 This means 80% of the total… they’re too good, or too stupid :)))) Click on the image to view full size

No Image

New type of Stock Spam : PDF Stock Spam

Last evening I analyzed a new type of spam, together with Oliver Auerbach. It has been published immediately on the avira.com website, thanks to Oliver. Source: http://www.avira.com/en/security_news/new_type_of_stock_spam.html Content: Tettnang, Wed, 20 June 2007 – Avira warns about a new type of spam which is currently sent to users within Germany. The spam claims to be a magazine like edition of “German Stock Insider” and is sent in PDF format. Today Avira captured a new type of stock spam in their trap system which our antispam analysts haven’t seen until now. Stock spam has become more and more popular and made use of various techniques such as: plain text, text inside an image, images with various variations of techniques to prevent OCR (Optical Character Recognition) scanners to identify dubious mails as spam. The latest trend in this type of spam is now to send PDF documents instead of an image. The fraudsters are counting on the fact that no filter in the world is expecting a PDF document to be a spam. In this case the PDF document comes attached to an email with a body containing only junk text which is used to trick spam filters. Stock spam is spam…

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies and to its Privacy Policy more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.