Security Research | Page 66


The Koobface worm scouring Facebook since last July, and which made the headlines again this week, is certainly beginning to redesign the concept of "friend. " The "acquaintance from high school you've never talked to since you added her/him" might now be the "acquaintance from high school you've never talked to since you added her/him and who occasionally sends links to sites loaded with viruses." While Koobface has redefined this friendship concept, it's not the only thing: It's redefined the URL redirection policy of Facebook. Indeed, URLs... [Read More]
by RSS Guillaume Lovet  |  Mar 05, 2009  |  Filed in: Security Research
While malicious servers hosting "drive-by-install" scripts are continuously evolving, their goal remain the same: to silently drop and run malicious files on the victim's computer. The flaws exploited by those Web Attacks Toolkits have been quite the same for a while, so what's new in "malscripts" world? As we pointed in a previous post, malicious web-based exploits writers worked out some advanced obfuscation methods to hide their malicious scripts from detection. It seems that this trend is taming down and being replaced by a simpler yet effective... [Read More]
by RSS David Maciejak  |  Mar 04, 2009  |  Filed in: Security Research
Today was another big milestone in the history of the company I co-founded and I'm very happy to have this opportunity to tell you about it. Fortinet has released FortiOS 4.0, the firmware upgrade for our FortiGate security systems. This release is the result of a tremendous effort by our development teams over the better part of 12+ months. These highly skilled and talented teams worked hard to design and implement these technology innovations so that we could confidently put the product in front of our customers. Even in this time of economic... [Read More]
by RSS Michael Xie  |  Mar 03, 2009  |  Filed in: Security Research
With February's Threat Landscape Report out, it's time to highlight some of the most interesting movement happening from late January 2009 to now: New vulnerabilities (NVC) were up nearly three fold, with 117 posted in comparison to 43 from January's edition; 25.6% of these new vulnerabilities were detected to be actively exploited. Two new high-profile zero-day exploits (CVE-2009-0238 and CVE-2009-0658) affecting MS Excel (XLS) and Adobe Reader (PDF) have since been disclosed. Given these facts, and Conficker's success, there is no better time... [Read More]
by RSS Derek Manky  |  Feb 27, 2009  |  Filed in: Security Research
Legitimate -- and sometimes renowned -- web sites are more and more subject to code-injection attacks; and it's not rare today to find your every day site injected with malicious JavaScript code, which sole purpose is to silently redirect all visitors to malicious servers "behind the scenes." What happens on those servers is called a "drive-by-install" in the jargon, and results in malicious executable files being (again) silently pushed and run on the victim's computer. Details on the drive-by-install process, while interesting, are out of the... [Read More]
by RSS David Maciejak  |  Feb 25, 2009  |  Filed in: Security Research
Not so long ago, I arrived, all fresh and pumping, from a world full of cryptography -- you know, RSA, AES, SHA256 etc. -- very excited to discover a new face to computer security. It's always in such situations you notice the importance of vocabulary, context and shortcuts. All of a sudden, you understand nuts to conversations in your mother tongue. I'll share a couple of surprises I had. We have our AV (antivirus) engine scan a "signature" database. In cryptography, a signature consists in processing some input through an asymmetric algorithm... [Read More]
by RSS Axelle Apvrille  |  Feb 23, 2009  |  Filed in: Security Research
Strictly speaking, it’s a wagon, with a band on it, made popular in the circus entertainment business. I imagine going round a circus ring on a wagon was preferable to walking round during the days when performing animals were still the norm. Later the political circus ring took on the use of a band wagon to advertise a particular candidate, I’m sure well known Internet search engines could even be used to find out the name of the candidate. But it was this use of the bandwagon gave us the memorable phrase "Jumping on the Bandwagon" used when... [Read More]
by RSS Darren Turnbull  |  Feb 04, 2009  |  Filed in: Security Research
Tags: utm
If you have received an email that appears to be from UPS, please be careful. Do not rashly open the attachment of the email. Some spammers are disguising themselves as UPS to spread malware. Here’s a screenshot of the sample email: The attachment of this email is shown as a compression archive. It actually contains a malware which looks like a Microsoft Word or Excel file. If your system is set to hide the known file extension names, you can be easily cheated. The malware samples that we have collected have the names like: UPS_letter.doc.exe,... [Read More]
by RSS Tiejun Wang  |  Jan 28, 2009  |  Filed in: Security Research