Calling Windows Help May Lead to Vulnerability

Asking for help in Windows could lead to more trouble. A newly discovered vulnerability in Internet Explorer (IE) leverages the ability of a Visual Basic script to invoke a .HLP (Windows Help file format) file, which could give a remote attacker the ability to run arbitrary code on an affected system. Visual Basic uses [...]

March 3rd, 2010 | Tags: | Category: Malware | Leave a comment

Patching human vulnerabilities

Today’s threat landscape is very complex. Cybercriminals use a wide range of threats to hijack people’s computers and to make money illegally. These threats include Trojans of many different kinds, worms, viruses and exploit code which is designed to enable malware to make use of vulnerabilities in the operating system or applications.

Read [...]

March 3rd, 2010 | Tags: , , , | Category: Viruses | Leave a comment

Web Reputation Checks Gone Awry

As the security industry evolves, underground cybercriminals are constantly looking for ways to counter the technology challenges presented to them. I recently found out that the bad guys have begun offering services to track the blacklisting of domain names through reputation checks. The number of “businesses” offering this type of service is growing and the service [...]

March 3rd, 2010 | Tags: , | Category: Malware | Leave a comment

New Exploit Bypasses DEP

Another Proof-of-Concept (POC) Revealed The changing threat landscape has brought about more sophisticated Web threats, and left the online population clamoring for better security features in the systems and applications that they use. This has pushed Microsoft to develop security mechanisms within its applications like Windows’ Data Execution Protection (DEP) and Address Space Layout Randomization [...]

March 3rd, 2010 | Tags: , , | Category: Malware | Leave a comment