Internet Defence » Security Threats

We’ve just seen a new trojan come up. The various virus databases failed to pick it up (well, the dozen or so that we tried it with), with the exception of BitDefender which picked it up via heuristic detection. The Social Engineering component is quite good - as shown below. Who would expect a virus from HMRC.
(more…)

Posted in E-Mail, Security Threats, Viruses | Comments Off

XSS 2.0 - The new threat

Monday, February 20th, 2006

Phishing, scamming and cross-site scripting (XSS) attacks were first used to steal passwords from web-based mail and banking resources.
And from the beginnings of small offences, a new generation of hackers have appeared to trick people to steal money. Launched on bigger scales each time, profits are gaining.
(more…)

Posted in Security Threats, XSS 2.0 | Comments Off

XSS another Full disclosure

Tuesday, January 31st, 2006

Yesterday, we came across the PHP/Apache XSS disclosure: blog.phpdoc.info
(more…)

Posted in Security Threats, XSS 2.0 | Comments Off

Brepibot Madness

Monday, January 30th, 2006

Phew. We’re currently seeing a relatively large number of new brepibot variants arriving - a new one about every hour. Somebody is being busy.
(more…)

Posted in E-Mail, Security Threats, Viruses | Comments Off

Categories

Articles

Pages

Archives

Search

Links

Archive for the 'Security Threats' Category

Handlers Diary

Handlers Diary

Handlers Diary

Handlers Diary

3 Banks Vulnerable to XSS

XSS 2.0 the revenge…

New spate of trojans

XSS 2.0 - The new threat

XSS another Full disclosure

Brepibot Madness



You are currently browsing the archives for the Security Threats category. Categories E-Mail 419 Scams Phishing Spam Viruses General Daily Review Services Top Tips Security Threats Vulnerabilities XSS 2.0 Articles 06/04 April Report 06/05 May Report 06/06 June Report Email activity in June 06/07 July Report Email Activity in July ECSC Ltd. FireHat Internet Defence The Phishery Pages 419 Scam Archives October 2007 September 2007 August 2007 May 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 August 2005 June 2005 March 2005 July 2004 June 2004 Search Links 06/04 April Report 06/05 May Report 06/06 June Report Email activity in June 06/07 July Report Email Activity in July ECSC Ltd. FireHat Internet Defence The Phishery	Archive for the 'Security Threats' Category « Previous Entries Next Entries » Handlers Diary Thursday, April 13th, 2006 Vulnerabilities Sun Solaris (more…) Posted in Daily Review, General, Vulnerabilities \| Comments Off Handlers Diary Tuesday, April 11th, 2006 Vulnerabilities php - tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2: details (more…) Posted in Daily Review, General, Vulnerabilities \| Comments Off Handlers Diary Monday, April 10th, 2006 Vulnerabilities XSS in “phpinfo()”: details (more…) Posted in Daily Review, General, Vulnerabilities \| Comments Off Handlers Diary Friday, April 7th, 2006 Vulnerabilities Linux Kernel: Update to 2.14.1/2.4.32-pre1; CVE-2005-3275 Posted in Daily Review, General, Vulnerabilities \| Comments Off 3 Banks Vulnerable to XSS Wednesday, March 29th, 2006 Two articles from Tallahassee[1] [2] and one from Netcraft, show that 3 different websites from online banks are vulnerable to XSS. (more…) Posted in Security Threats, XSS 2.0 \| Comments Off XSS 2.0 the revenge… Friday, March 17th, 2006 (more…) Posted in Security Threats, XSS 2.0 \| Comments Off New spate of trojans Monday, February 27th, 2006 We’ve just seen a new trojan come up. The various virus databases failed to pick it up (well, the dozen or so that we tried it with), with the exception of BitDefender which picked it up via heuristic detection. The Social Engineering component is quite good - as shown below. Who would expect a virus from HMRC. (more…) Posted in E-Mail, Security Threats, Viruses \| Comments Off XSS 2.0 - The new threat Monday, February 20th, 2006 Phishing, scamming and cross-site scripting (XSS) attacks were first used to steal passwords from web-based mail and banking resources. And from the beginnings of small offences, a new generation of hackers have appeared to trick people to steal money. Launched on bigger scales each time, profits are gaining. (more…) Posted in Security Threats, XSS 2.0 \| Comments Off XSS another Full disclosure Tuesday, January 31st, 2006 Yesterday, we came across the PHP/Apache XSS disclosure: blog.phpdoc.info (more…) Posted in Security Threats, XSS 2.0 \| Comments Off Brepibot Madness Monday, January 30th, 2006 Phew. We’re currently seeing a relatively large number of new brepibot variants arriving - a new one about every hour. Somebody is being busy. (more…) Posted in E-Mail, Security Threats, Viruses \| Comments Off « Previous Entries Next Entries »