New Adobe Vulnerabilities Being Exploited in the Wild

Adobe posted a vulnerability report warning that vulnerabilities in Adobe Reader and Acrobat XI (11.0.1) and earlier versions are being exploited in the wild. Adobe is currently investigating this issue. According to the FireEye blog posted earlier today, the malicious file arrives as a PDF file. Upon successful exploitation of the vulnerabilities, two malicious DLL files are dropped. Symantec detects the malicious PDF file as Trojan.Pidief and the two dropped DLL files as Trojan Horse....

February 14, 2013 · 1 min · 176 words · Omid Farhang

Internet Explorer security hole: Use other browser

TheTelegraph: Internet Explorer users might want to consider upgrading or switching to another browser after a massive security hole was discovered in Windows’ native web browser. According to security forum, Rapid7 , Internet Explorer 7, 8 and 9 operating on Windows XP, Vista and Seven contains what is known as a “zero day exploit” which allows attackers to gain access to your personal data while you browse. The forum claimed the exploit would give cyber criminals “the same privileges as the current user”....

September 18, 2012 · 1 min · 174 words · Omid Farhang

Oracle rushes out patch for critical 0-day Java exploit

TheRegister: In an uncommon break with its thrice-annual security update schedule, Oracle has released a patch for three Java 7 security flaws that have recently been targeted by web-based exploits. “Due to the high severity of these vulnerabilities, Oracle recommends that customers apply this Security Alert as soon as possible,” Eric Maurice, the company’s director of software security assurance, said in a blog post published on Thursday. Maurice said that the vulnerabilities patched only affect Java running in browsers, and not standalone desktop Java applications or Java running on servers....

August 31, 2012 · 2 min · 370 words · Omid Farhang

Java zero day vulnerability actively used in targeted attacks

ZDNet: Security researchers from FireEye, AlienVault, and DeependResearch have intercepted targeted malware attacks utilizing the latest Java zero day exploit. The vulnerability affects Java 7 (1.7) Update 0 to 6. It does not affect Java 6 and below. Based on related reports, researchers were able to reproduce the exploit on Windows 7 SP1 with Java 7 Update 6. There’s also a Metasploit module available. Upon successful exploitation, the campaign drops MD5: 4a55bf1448262bf71707eef7fc168f7d – detected by 28 out of 42 antivirus scanners as Gen:Trojan....

August 27, 2012 · 1 min · 189 words · Omid Farhang

Bogus anti-hacking tool targets Syrian activists

h-online: Syrian activists, journalists and opposition group members are reportedly under attack by malware claiming to be a security tool that will help protect them against hackers. The fake “AntiHacker” tool is being spread through targeted phishing emails and via sites such as Facebook, and claims to provide “Auto-Protect & Auto-Detect & Security & Quick scan and analyzing” functionality. However, according to the Electronic Frontier Foundation (EFF), the fraudulent tool actually installs a program called DarkComet RAT (remote access tool)....

August 19, 2012 · 1 min · 179 words · Omid Farhang

Ladies with few clothes tend to cause a lot of trouble on PCs – and now on Android devices too

Cross-posted from Surelist The appearance of a new Android malware family is not that surprising at all today. Especially when we talk about SMS Trojans which are one of the most popular and oldest type of threats created for extracting money from users. A new family of SMS Trojans named Vidro appeared a few days ago but we’ve already collected a lot of APK files with very similar functionality. At the moment all the samples we have found target users only from Poland....

August 2, 2012 · 6 min · 1112 words · Omid Farhang

Android Forums hacked: 1 million user credentials stolen

ZDNet: Phandroid’s has been hacked. The database that powers the site was compromised and more than 1 million user account details were stolen. If you use the forum, make sure to change your password asap. Read the whole story at ZDNet:

July 13, 2012 · 1 min · 43 words · Omid Farhang

Yahoo! Voice reportedly compromised, over 453,000 credentials exposed

Übergizmo wrote: If you use Yahoo! Voice a lot – Yahoo’s VoIP service via its Yahoo! Messenger instant messaging application, then you will definitely need to hear this report. Earlier today, more than 453,000 user accounts from an unidentified service owned by Yahoo were posted on a hacker site. The hackers reportedly said that they infiltrated the subdomain by using a union-based SQL injection. But the group responsible for the security breach added that the data breach was intended to be a wake-up call for Yahoo....

July 12, 2012 · 1 min · 209 words · Omid Farhang

Important: Today is your last chance to keep your internet connection

Tomorrow, July 9th, the FBI will shutdown the DNS servers which allow the computers infected with this malware to use the Internet. If you want to make sure you will keep your internet working, act today and check your computer to see if it’s infected by DNS Changer or not, here is a very easy to use tool: Tool available for those affected by the DNS-Changer

July 8, 2012 · 1 min · 66 words · Omid Farhang

Password leaks bigger than first thought

The H-Online: There have still been no official statements on the causes and extent of the recent password leaks at LinkedIn, eHarmony and A credible source is now reporting that the published 2.5 million MD5 hashes, for example, are just the tip of a 17 million hash iceberg. That iceberg has reportedly been circulating since summer 2011.16.4 million of these – 95 per cent – have, the source claims, already been cracked, a claim which, for unsalted hashes, is entirely credible....

June 9, 2012 · 3 min · 433 words · Omid Farhang