attack

Fri
11
Jun
Dennis Faas's picture

Widespread Web Attack Infects Thousands of Legitimate Sites

Thousands of legitimate websites have fallen victim to a widespread web attack. While the full extent of the attacks remain unknown, security analysts suspect that the hackers used what is called an "SQL injection attack" in an attempt to fool ... legitimate web sites into running malicious database commands. In short, the attack injects malicious HTML content into a web browser while users are viewing an otherwise legitimate site. If the malware is successfully installed, it opens a gateway which allows hackers to remotely control a PC. (Source: networkworld.com ) Up to 114,000 Sites ... (view more)

Wed
19
May
Dennis Faas's picture

Security Researchers Uncover Do-It-Yourself Twitter Botnet

More and more research is proving that those who know how to create viruses and malware are keen on reaching out to others, most likely to cash in on their deceptive knowledge. Such can be proven with TwitterNet Builder: a new tool designed to ... simplify botnet-based attacks over Twitter. Botnets: A Virtual Army of Zombie Computers For those unaware, a botnet is a technical term used to describe a network of computers under the control of a malicious software program. Once a computer has become compromised, the botnet program runs silently and autonomously until issued a command from a master ... (view more)

Wed
12
May
Dennis Faas's picture

New Malware Attack Renders All Antivirus Useless

A group of security researchers say they've found a workaround for just about every antivirus product on the market today, effectively making Windows-based security programs totally useless. Security research site Matousec.com recently issued an ... advisory for a process that allows malware to evade security detection. Note that this doesn't just apply to Microsoft's free Security Essentials software or other freeware antivirus products, but also targets full software packages from industry leaders like Norton, BitDefender and McAfee. Matousec's Morphing Malware According to reports, Matousec. ... (view more)

Wed
07
Apr
Dennis Faas's picture

PDF Document Exploit Prompts Fears of Worm-Like Malware Attack

Jeremy Conway, a security researcher with NitroSecurity, is claiming to have found a way to spread malicious code via PDF (Portable Document Format) documents. The secret is in the way PDF file format works. More specifically, a certain flaw exists ... in the PDF file format that adds malicious data to legitimate files. This means that anyone who opens compromised PDF files instantly becomes a victim of a worm-like attack. Attack Launched Without User Consent Conway spent a great deal of time developing a technique with which to inject malicious commands into PDFs. Until now, his attacks only ... (view more)

Thu
01
Apr
Dennis Faas's picture

Hackers Use Network Card Firmware to Deliver Payload

Cybercrime is often likened to a never-ending cycle: just when a security company believes they have found a way to combat one malware-installation method, hackers come along and find a new ways to attack a computer. Thus, it should come as little ... surprise that there is a new hack that attacks network card firmware: software specifically designed to control the network card. This innovative hacking technique (dubbed the "Jedi Packet Trick") works by sending infectious network packets to the network's firewall , which needs to be running a vulnerable network card. Once an infected packet is ... (view more)

Wed
20
Jan
Dennis Faas's picture

MS Warns: Internet Explorer Vulnerable; Offers Tips to Stay Safe

Microsoft announced yesterday that it was working on a special emergency patch to prevent the spread of an Internet Explorer zero-day flaw in its Internet Explorer browser that allowed hackers to breach the defenses of Google, Adobe, and about 32 ... other companies. The attack is said to be "the most sophisticated cyber attack... seen in years," according to tech security firm McAfee . Now, Microsoft is offering recommendations for home and business users trying to keep themselves protected until the Internet Explorer patch is widely available. Older Versions of IE, Windows Most ... (view more)

Mon
18
Jan
Dennis Faas's picture

McAfee: IE Zero-Day Exploit a 'Watershed Event'

Widely-known security firm McAfee has called last week's breaching of several major tech companies (including Google and Adobe) "the most sophisticated cyber attack... seen in years," even suggesting the operation could usher in a new age of cyber ... warfare. Attack a "Watershed Event," Says McAfee Discussing the attack on 34 tech companies in China last week, McAfee Chief Technology Officer George Kurtz was noted as saying, "I believe this is the largest and most sophisticated cyber attack we have seen in years targeted at specific corporations," adding, "What really makes this a ... (view more)

Fri
15
Jan
Dennis Faas's picture

IE Flaw used by Hackers to Attack Google, Adobe, says McAfee

An Internet Explorer (IE) vulnerability was used by hackers to get past the defenses of Adobe, Google, and about 32 other companies, says security firm McAfee. Until now, the IE flaw had been unknown to security researchers, while the attack had ... initially been blamed on an Adobe PDF (Portable Document Format) vulnerability. According to McAfee, hackers used a variety of tactics, including spear-phishing (email spoofing with a specific target in mind), to unleash an incredibly effective "cocktail of zero-day vulnerabilities," that exploited flaws in company systems and left backdoor loopholes ... (view more)

Tue
04
Aug
Dennis Faas's picture

Beware Man-In-The-Middle Hacker Attacks

In an effort to raise awareness, three professional hackers are attempting to prove that trusted web sites make you just as vulnerable to attack as known malicious web sites. At the recent Black Hat and Def Con security conventions, three presenters ... brought light to a new wave of Internet attacks that operate in a similar manner to that of a telephone tap in the shared communication between computers and trusted web sites. "Man-in-the-Middle" Attack This type of computer infiltration, known as "man-in-the-middle" attacks, occur when an online deviant steals the data that is intended to be ... (view more)

Mon
09
Mar
Dennis Faas's picture

eBay Hackers Exploit IE, Firefox Vulnerabilities

eBay buyers are being asked to take extra precautions when conducting their online shopping after security specialists warned that a string of hackers had infiltrated the popular auction site. The hackers exploited several unpatched vulnerabilities ... in Firefox and Internet Explorer browsers to create false listings and entice people to bid on fraudulent items. Details of the Stealth Attack Analysts believe that it was an XSS (cross-site scripting) attack that implemented unauthorized java script elements stored on third-party websites. This allowed eBay pages to contain outside email links and ... (view more)

Pages

Subscribe to RSS - attack