Vulnerabilities and exploits

According to data collected by Kaspersky Lab, almost 700,000 infected users have been counted at the beginning of April and the number could be higher. Although Mac OS X can be a very secure operating systems, there are certain steps which you can take to avoid becoming a victim to this growing number of attacks. Here’s our recommendation on 10 simple tips to boost the security of your Mac.

Earlier this week, Dr. Web reported the discovery of a Mac OS X botnet Flashback (Flashfake). According to their information, the estimated size of this botnet is more than 500, 000 infected Mac machines.

On 20 March, we detected a spam campaign targeting passengers of US Airways. After clicking the link from an email a series of redirects eventually leads to a domain hosting BlackHole Exploit Kit.

The twitter infosec sphere last night and the blogosphere this morning is in a bit of a frenzy about the public leak of a DoS PoC targeting CVE-2012-0002, the RDP pre-auth remote. First off, patch now. Now. If you can’t, use the mitigation tool that Microsoft is offering – the tradeoff between requiring network authentication and the fairly high risk of RCE in the next couple of weeks is worth it. You can see the list of related links on the side of this page, one was included for MS12-020.

In early March, we received a report from an independent researcher on mass infections of computers on a corporate network after users had visited a number of well-known Russian online information resources

Patch Tuesday March 2012 fixes a set of vulnerabilities in Microsoft technologies.

The following statistics were compiled in February using data collected from computers running Kaspersky Lab products: 143,574,335 web-borne infections were prevented.

Today is the last day of CanSecWest – a security conference taking place in Vancouver, Canada.

Let’s just make a conservative guesstimate that there are more than 40 million infected victim hosts and malware serving “hosts” connected to the internet at any one time, including both traditional computing devices, network devices and smartphones.

This section of the report is based on data obtained and processed using the Kaspersky Security Network (KSN).

All statistical data used in this report were obtained using Kaspersky Lab’s botnet monitoring system and Kaspersky DDoS Prevention.

Microsoft is releasing 9 Security Bulletins this month (MS12-008 through MS12-016), patching a total 21 vulnerabilities.

Last week researchers found vulnerabilities in the Google Wallet payment system. The vulnerability was leveraged to display the current PIN number but required root access to the device. The very next day a new vulnerability was discovered in how application data is handled in the Wallet app requiring no root access. I expect these to be just the beginning of a scavenger hunt for Google Wallet vulnerabilities in the future.

Many of the apps we enjoy are free. Well, to call them free is a bit misleading. You pay for the apps by looking at advertisements. This is a platform we should all recognize from the sidebar of Facebook, or Google, or almost any service that doesn’t charge a premium to use it. Advertising has paved the way for many services to gather a huge audience audience and still profit.

The Adobe AIR and Adobe Flash Player Incubator program updated their Flash Platform runtime beta program to version 5, delivered as Flash Player version 11.2.300.130. It includes a “sandboxed” version of the 32-bit Flash Player they are calling “Protected Mode for Mozilla Firefox on Windows 7 and Windows Vista systems”. It has been over a year since Adobe discussed the Internet Explorer ActiveX Protected Mode version on their ASSET blog, and the version running on Google Chrome was sandboxed too.