Ad: Manage updates with the Download App
ie8 fix

Vulnerabilities & attacks

Google, eBay up, but indexes down

Despite a down day for the broader markets Friday, a handful of tech stocks swam against the tide, posting modest single-digit gains.

Google, Symantec, and eBay were just some of the tech companies to finish the day in the black. The CNET Tech Index was down a modest 1.59 points to end the day at 1,185.55.

Google closed up 5.53 percent to $372.54 a share, which comes as little surprise considering the tech titan posted stronger-than-expected third-quarter earnings results on Thursday. And on Friday, a number of analysts released largely positive comments on the quarter, … Read more

Internet-scale 'man in the middle' attack disclosed

Correction at 3:15 p.m. PDT: This post initially misstated the meaning in this context of ASN. It stands for Autonomous System Notation.

In Black Hat's October Webinar on Thursday, Anton Kapela, datacenter manager at 5Nines Data, spoke about Internet-scale "man in the middle" attacks.

The talk reprised a last-minute substitution presentation he gave along with Alexander Pilosov at this year's Defcon conference in August. During the conference, the two researchers intercepted all conference Internet traffic at the Riviera Hotel in Las Vegas and ran it through their servers. According to Black Hat founder and … Read more

Microsoft Host Integration Server flaw exploited

On Thursday, new code was posted on the Internet that could exploit a flaw in unpatched Microsoft Host Integration Servers.

The exploit is part of Metasploit, a toolkit used by penetration testers and criminal hackers alike.

On Tuesday, Microsoft issued security bulletin MS08-059 to address the vulnerability detailed in CVE- 2008-3466. In its patch bulletin, ranked as critical, Microsoft said "this vulnerability could allow remote code execution if an attacker sent a specially crafted remote procedure call request to an affected system. Customers who follow best practices and configure the systems network architecture remote procedure call (SNA RPC) service … Read more

Twitter steps up its antispam moves

Twitter is stepping up its actions to fight spam, which has been plaguing the site since earlier this year and appears to be spiking this week.

The company is looking to hire a spam engineer, preferably one who has worked at a big search or e-mail company, according to a tweet by founder Evan Williams.

That person would likely work closely with the "spam marshal" that was hired in August.

The hiring move was praised by the Twitter community.

The latest job posting "is another sign that Twitter is maturing as a business and is using its … Read more

Adobe addresses Flash Player 'clickjacking' flaw

Adobe Systems has addressed a security flaw in its Flash Player products that could lead to 'clickjacking' attacks.

Flash Player 10, released on Wednesday, includes a fix for the clickjacking vulnerability published by researchers Jeremiah Grossman and Robert Hansen earlier this month.

Clickjacking attacks take advantage of vulnerabilities in Adobe Flash Player 9.0.124.0 and earlier, as well as vulnerabilities in browsers such as Internet Explorer, Opera, Firefox, and Safari. Exploitation of the flaws could allow an attacker to disguise Web site elements, such as dialog boxes and links, so that the user is fooled into visiting malicious … Read more

Microsoft Blue Hat starts on Thursday

Microsoft's eighth Blue Hat conference will take place on Thursday and Friday at the software giant's Redmond, Wash., campus. Entitled "C3P0wned," the invitation-only conference features two full days of sessions.

Day one features a select group of security researchers, with team members from Microsoft Security Development Lifecycle (SDL) presenting on the second day. It is an opportunity for Microsoft engineers to hear first hand from leading security researchers. The last Blue Hat conference was held in April.

Of interest on day one is a talk by Dan Kaminsky, director of penetration testing at IO Active, who … Read more

AVG flags ZoneAlarm as malware

This post was updated at 3:30 p.m. PDT with comment Check Point.

Grisoft, makers of AVG antivirus, on Wednesday released a new update addressing a false positive in another security product.

On Tuesday, AVG users reported desktops warnings that their desktop was infected with something called Trojan Agent r.CX. Some files within zlsSetup_70_483_000_en[1].exe, a compressed file containing dormant set-up files for Check Point's ZoneAlarm, apparently set off the alarm. The ZoneAlarm user forum soon filled with concerned users.

Grisoft did not respond to a request for comment.

Laura Yecies, vice president and general manager … Read more

Secunia exploits security suites flaws

A new report (PDF) from Secunia is raising awareness about the need to patch vulnerabilities and block malware from desktops.

The report found that "security vendors do not focus on vulnerabilities." And while Symantec Norton Internet Security 2009 bests the 11 other suites tested, Secunia found that Symantec "detected a mere 64 out of 300 exploits, or less than one-fourth, leaving 236 exploits undetected." Overall the dozen products all received an "F" on the report.

The Secunia test departed from the traditional testing done by organizations such as AV-test.org and AV-comparatives.org, which … Read more

Fake Microsoft e-mail contains Trojan virus

Along with the vulnerabilities that Microsoft patched Tuesday, the software giant's customers have a new problem to grapple with: a fake notification e-mail that looks remarkably legitimate.

Attackers are apparently taking advantage of Microsoft's Patch Tuesday to send legitimate-looking e-mails that include a Trojan virus. Trojan.Backdoor.Haxdoor allows attackers to execute files and steal information from compromised computers. The fake mailing includes a legitimate-looking PGP signature, as well as purporting to come from a real Microsoft employee.

Christopher Budd, a security program manager in the Microsoft Security Response Center, offers this perspective on the e-mails in a … Read more

Microsoft fixes 20 flaws with 11 patches

Microsoft on Tuesday released its October 2008 security bulletin. The four critical bulletins concern Windows, Internet Explorer, Microsoft Host Integration Server, and Microsoft Excel. The patch for Internet Explorer is cumulative.

Microsoft is now sharing the technical details of new vulnerabilities in advance of so-called Patch Tuesday to give software developers a chance to update affected products before the public announcement.

Microsoft is also including within each bulletin this month an "exploitability index" to help system administrators prioritize the patches--1 is for consistently functioning exploits (of most concern), 2 is for inconsistently functioning exploits (of moderate concern), and … Read more