Comprolive Newsletter

Binary Planting Attacks

News - Internet Explorer

Last Updated on Thursday, 30 September 2010 09:31 Thursday, 30 September 2010 09:19

binaryplanting.com  is the official web site for the extensive Binary Planting/DLL load hijacking research conducted by ACROS Security. The research was focused on various types of vulnerabilities where an attacker can place a malicious file through a malicious website on a users computer and then execute it by some vulnerable application.

Their research has revealed that Internet Explorer users are more vulnerable to binary planting/ DLL load hijacking attacks than other browsers such as FIrefox or Google Chrome , see report 

 The site offers to test your computer and your network for exposure to Internet-based binary planting/ DLL load hijacking attacks

Rent a DDOS Attack!

News - Security

Last Updated on Wednesday, 29 September 2010 06:41 Wednesday, 29 September 2010 06:33

Damballa a security research company has published a document on it ,  which is available in PDF form on thier website. Some excerpts from the article. 

 On March 20, 2010, a criminal organization registered a series of malicious domains signaling the birth of a new botnet; one designed to offer a commercial service for delivering Distributed Denial of Service (DDoS) attacks against any desired target. This publicly available service, hosted in China, is available for lease to anyone willing to establish an account on-line, input the domain(s) they wish to attack, and pay for the service.

 The website promoting this service is called “IM DDOS”, elsewhere referred to as “I’M DDOS”. A Denial of Service (DoS) attack is a technique used to overwhelm a website/domain in an effort to reduce its responsiveness, or completely eliminate its ability to respond to new connection attempts. DoS attacks have been used to ‘take down’ political sites, abuse sites, commercial business websites and even military command centers as part of a coordinated targeted campaign.

You can read the PDF document on this link.

 Damballa PDF on the IMDDOS Botnet

Fake LinkedIn Invitation Reminder

News - Spam Alerts

Last Updated on Wednesday, 29 September 2010 06:01 Wednesday, 29 September 2010 05:48

Spams are a part of our daily life. Fortunately they are filtered in time. But sometime they may make into your inbox. Therefore it is helpful to know about current spam campaigns. One such campaign that was detected at Cisco Security by Henry Stern.

It reads "Cyber criminals sent spam email messages targeting users of the LinkedIn social media community. This is the largest such attack known to date. In the attack, victims are emailed an alert that contains a link with a fictitious social media contact request. This morning, these messages accounted for as much as 24% of all spam sent within a 15-minute interval. Clicking the link takes victims to a web page that says, “PLEASE WAITING…. 4 SECONDS,” and redirects them to Google. During those four seconds, the victim’s PC is infected with the ZeuS data-theft malware via a drive-by download. ZeuS embeds itself in the victim’s web browser and captures personal information, such as online banking credentials, and is widely used by criminals to pilfer commercial bank accounts. "  You can read the article by Henry Stern on Cosco Blog on this link. 

      I will also post updates on this issue as and when they appear.