KrebsOnSecurity reports that a “major new malware spam campaign mimicking invites sent via business networking site LinkedIn.com leverages user trust and a kitchen sink of browser exploits in a bid to install the password-stealing ZeuS Trojan,” a well-known Trojan horse used in online bank thefts.
Krebs continues: “The spam campaign began Monday morning, according to security experts at networking giant Cisco Systems, and for a while the fake LinkedIn invitations accounted for as much as 24 percent of all spam. Recipients who click links in the message are taken to a Web page that reads, “Please Waiting, 4 seconds,” and then sent on to Google.com. … On the way to Google, however, the victim’s browser is silently passed through a site equipped with what appears to be the SEO Exploit Pack, a commercial crimeware kit that tries to exploit more than a dozen browser vulnerabilities in an attempt to install ZeuS.”
This spam campaign is another illustration of how cybercriminals use social engineering to get users to take action (in this case clicking a link in an email) that bypasses normal defenses. As a general rule, it’s a good idea to refuse to click on email links unless the sender is known to you. And even when you know the sender, you still must develop a new kind of “common sense” that recognizes the dangers associated with the Internet.
Adobe has released a security update to the Flash vulnerability we reported last week (Adobe Issues Security Advisory for Critical 0-Day Flash Player Vulnerability).
Adobe recommends all users of Adobe Flash Player 10.1.82.76 and earlier versions upgrade to the newest version 10.1.85.3 by downloading it from the Adobe Flash Player Download Center or by installing it via the auto-update mechanism within the product when prompted.
To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select “About Adobe (or Macromedia) Flash Player” from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.
Concerned with the growing threat from an estimated $105-billion-dollar illegal business, 300 top law enforcement officials from 56 countries met in Hong King for the first ever national police anti-cybercrime conference.
Ronald K. Noble, secretary general of the Interpol, told the assembled law enforcement officials that “considering the anonymity of cyberspace, it may in fact be one of the most dangerous criminal threats we will ever face.”
More on this story is available from Yahoo News.
Adobe has announced a critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability (CVE-2010-2884) could allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows.
As attacks exploiting this vulnerability are likely to get by anti-virus and anti-malware defenses, users should consider installing advanced intrusion-prevention technology capable of blocking 0-day attacks.
Adobe has announced that a critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX. The vulnerability is also present in Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh.
The vulnerability (CVE-2010-2883) could allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.
Users are advised to take extra precautions in opening Adobe PDF files. As attacks exploiting this vulnerability are likely to get by anti-virus and anti-malware defenses, users should consider installing advanced intrusion-prevention technology capable of blocking 0-day attacks.