PDF Malware Using New Attack Technique | threatpost

Even PDF attachments aren’t safe. If you receive an email from an unknown sender with a PDF attachment, be aware that trying to open it might launch an executable that can inject malware into your system.

The attack produces a warning dialogue box, but users are accustomed to seeing, and ignoring, those in many situations. In this particular new malware campaign, the attackers have used that tactic, along with adding some extra white space to the dialogue box to make it look less suspicious.

Read more at PDF Malware Using New Attack Technique | threatpost.

Posted in opinion, security, tech. Tags: , , , . No Comments »

Christmas, Amazon and Zbot – it’s that time of year again – Sophos

Malware/Trojans spreading via emails linking to fake Holiday E-Cards purportedly from “your friend” or your “Online Banking Team”.

Christmas, Amazon and Zbot – it’s that time of year again – Sophos.

Potent malware link infects almost 300,000 webpages • The Register

Make sure your IE has the up-to-date patches (or switch to Firefox) and update to the latest Adobe Flash

Potent malware link infects almost 300,000 webpages • The Register.

A security researcher has identified a new attack that has infected almost 300,000 webpages with links that direct visitors to a potent cocktail of malicious exploits.

People who visit infected pages receive an invisible link that pulls code from a series of sites tied to 318x .com. The code looks for insecure versions of Adobe Flash, Internet Explorer, and several other Microsoft applications, and when they are detected it exploits them to surreptitiously install malware known as Backdoor.Win3.Buzus.croo. The rootkit-enabled program logs banking credentials and may do other nefarious bidding, Landesman said.

Another program which can help determine if you have all the latest updates and patches for your installed applications is Secunia PSI.

Facebook Christmas Worm Spreads Holiday Infection — InformationWeek

Facebook Christmas Worm Spreads Holiday Infection — InformationWeek.

PandaLabs, the research arm of anti-malware company Panda Security, says that a variant of the Koobface worm, Koobface.GK, is being spread through the posting of malicious links of Facebook wall pages.

Attempting to play the video or to click on the links on the page leads to an infection attempt, which will compromise the victim’s computer if successful.

The links take Facebook users to a fake embedded video player that offers a Christmas greeting, in keeping with the tendency of cybercriminals to try to exploit current or seasonal events.