Asyn
1521
Asyn
1522
Asyn
1523
Asyn
1524
Asyn
1525
bob3160
1527
"Google Chrome users were protected from this attack because Chrome was able to detect the fraudulent certificate. "
Thanks Asyn.
For Firefox users, take an action! Itās not just about reading!
system
1531
Fake Anti-Virus, Social Network Scams On The Rise
... researchers found that the rising tide of fake anti-virus during the first half of 2011 includes a new variant consisting of fake desktop utilities, propelled by SpyEye and Zeus Trojan spam.
ā¦ the report found that security threats from social media continue to rise as social networking sites such as Facebook and Twitter are increasingly used in the workplace.
ā¦ rogue apps that impersonate online games in order to distribute malware.
ā¦ mobile security threats for the Android platform experienced a big upward spike, proliferated with the growth of the Android Market.
http://www.crn.com/news/security/231600446/fake-anti-virus-social-network-scams-on-the-rise-report.htm;jsessionid=Im5cs88mTXd-5XWl+mtdZQ**.ecappj02?cid=nl_sec
system
1532
Apple Gives Internship To JailbreakMe Creator
Sometimes, if you canāt beat them, employ them. Nicholas Allegra, a 19-year-old hacker and creator of the Jailbreakme.com site, responsible for a series of jaibreaking iOS hacks, has officially been hired as an intern at Apple
http://www.crn.com/news/security/231600297/apple-gives-internship-to-jailbreakme-creator-comex.htm?cid=nl_sec
system
1533
Xpaj Botnet Intercepts 87 Million Web Searches In Click-Fraud Scheme
... researchers said Friday they recently uncovered the file-infector W32.Xpaj.B botnet, also known simply as Xpaj, by digging up command and control servers containing encrypted binary data, encryption keys, databases and Web applications used in conjunction with a widespread click-fraud scheme over the last several months.
http://www.crn.com/news/security/231600289/xpaj-botnet-intercepts-87-million-web-searches-in-click-fraud-scheme.htm?cid=nl_sec
system
1534
Skype Cross-Site Scripting Flaw Enables Phone Session Attacks
A gaping cross-site scripting flaw in the latest version of Skype enables attackers to inject malicious code into a userās phone sessions.
The cross-site scripting vulnerability occurs in Skype 5.5.1.113, affecting Windows XP, Vista and 7, and stems from a persistent code injection vulnerability due to a validation input error that prevents the VoIP client from properly inspecting phone numbers sourced from usersā home, office and mobile Skype accounts, according to researcher Levent Kayan.
http://www.crn.com/news/security/231600218/skype-cross-site-scripting-flaw-enables-phone-session-attacks.htm?cid=nl_sec
mchain
1536
Et al,
Just thought Iād post this for other users and viewers to peruse at their leisure.
See: http://news.cnet.com/8301-27080_3-20099421-245/google-users-in-iran-targeted-in-ssl-spoof/?tag=contentMain;contentBody
re: Spoofed and Invalid CA certificates.
I come here every week or so to see what is out there as far as malware trends are going. Looks like the latest and greatest (sadly) is the one currently known as āEnhanced Protection Virusā. I wish Essexboy all the best in finding a successful resolution for the two users whom currently have this rogue program on their machines.
If we have known spoofed CAās, then is this not a part of the problem with Google Re-direct, since we donāt really know for sure where the browser is ending up at? ??? ???
Note, too, the link provided for the program called āCovergenceā, at the bottom of the blog, which is said to analyze for certificate revocations, that does not work on my machine. When the add-on is run in FF 6.0, it says it is not compatible.
As always, I run my browser in a sandbox to test before installing anything like this. Could this affect proper operation? Why would it say āincompatibleā if it is supposed to run on FF?
Just a question, if anyone cares to explain possible reasons.
I sure some have seen this blog, but just want to make sure everyone here at this forum knows about it.
mchain
XP Home Edition SP 3 P4 2 GB RAM Avast! Free Edition v. 6.0.1203
bob3160
1539
@Asyn,
Clicking on the link in your last post brings up the following:
http://my.jetscreenshot.com/2701/m_20110902-g9jm-49kb.jpg
Strange, the only thing I had blocked in openDNS was Adult content and randomized ispās.
I donāt see any here and yet the site was blocked.
Iāve removed the filer.
Asyn
1540
Sorry Bob, canāt help you, I just tried it again and it still works hereā¦!
Do you use OpenDNSā¦?? The alert seems related to it.
