Earlier today, we encountered a malware that exploits a recently (and publicly) disclosed vulnerability, the MIDI Remote Code Execution Vulnerability (CVE-2012-0003). The said vulnerability is triggered when Windows Multimedia Library in Windows Media Player (WMP) fails to handle a specially crafted MIDI file, consequently allowing remote attackers to execute arbitrary code. In the attack that we [...]
|
||||||
|
According to InsideFacebook, scammers are exploiting the negative sentiments surrounding Facebook’s Timeline, and are currently spamvertising bogus pages attempting to trick end users into removing their Timeline profile.More from InsideFaacebook.comWe have found 16 Timeline-related scam pages, which have collectively gained more than 71,000 likes. The largest, with nearly 19,000 likes, has been around [...] In recent years, we have seen client-side software heavily targeted by hackers in search of vulnerabilities. 2011 saw these threats become more complex and sophisticated. We saw attackers increasingly use zero-day vulnerabilities, some of which have been particularly critical. Examples of these include the vulnerability Duqu exploited (CVE-2011-3402); a Java vulnerability (CVE-2011-3544); or Adobe zero-day [...] Last week reports surfaced about a “zero-day” exploit for Adobe Reader (CVE-2011-2462) that had been actively used in targeted attacks beginning in November. The malicious PDFs were emailed to targets along with text encouraging the target to open the malicious attachment. If opened, the malware known as BKDR_SYKIPOT.B installs onto the target system. The reported [...] We were recently alerted to the reports of an attack leveraging a vulnerability in TimThumb — a PHP script for cropping, zooming, and resizing Web images (.JPG,.PNG, .GIF) and used as an add-on script on WordPress. The said vulnerability enables cybercriminals to perform local file insertion. When successfully exploited, it inserts a PHP script, which [...] |
||||||
|
Copyright © 2012 Spyware Security - All Rights Reserved |
||||||