Last week it was reported that the Pushdo botnet, used to send spam using the Cutwail spamming module, was taken down, thanks to the efforts of several security researchers. Thirty command-and-control (C&C) servers of the Pushdo/Cutwail botnet were identified, almost 20 of which were taken down after their Internet hosting providers were notified. So far, [...]
Post from: TrendLabs | Malware Blog – by Trend Micro
Pushdo Takedown Damages Botnet
When you ask IT professionals if they use cloud computing or software-as-a-service, most start by saying “no”. But if you ask some follow up questions, you will quickly find out about “that one application” that is a SaaS application.
An independent group of security researchers has announced that they will be releasing zero-day vulnerabilities, web application vulnerabilities, and proof-of-concept exploits for patched vulnerabilities throughout the month of September. Many high-profile vendors such as Adobe, Apple, Microsoft, and Mozilla are among those whose products will apparently have vulnerabilities revealed in the month. According to Trend [...]
Post from: TrendLabs | Malware Blog – by Trend Micro
New Zero-Day Vulnerabilities Imminent
Over the weekend, Microsoft issued a new security advisory which covered a vulnerability in how Windows handles DLL files. The attack scenario would go this way: a vulnerable application would be used to open a file. The opened file can be a perfectly legitimate file; however the malicious file must be located in the same [...]
Post from: TrendLabs | Malware Blog – by Trend Micro
New DLL Vulnerability Exploited in the Wild
Metasploit’s HD Moore was in the midst of researching the recently patched LNK (Windows shortcut) vulnerability when he stumbled upon a serious problem that exposes more than 40 different Windows software programs to remote code execution attacks.
