Vulnerabilities and exploits

Here’s our malware wallpaper for August, highlighting some notable malware-related events from the past.

Alexey Polyakov is a Head of the Global Emergency Response Team of Kaspersky Lab – a new security policy consultation service for current and new corporate customers. Over the last 12 months this new service has responded to numerous incidents in which corporate customers’ networks have been targeted.

It is very interesting to see how short the lifespan of an exploit kit is. Some kits that were once popular and infected thousands of users are no longer being used.

In this webcast, Eugene Kaspersky, CEO and co-founder of Kaspersky Lab, shares his extensive knowledge of the driving forces that power the modern cyber-criminal ecosystem and discuss the way that cybercrime operates.

Discussion of this month’s patch Tuesday is overshadowed by the current round of massive releases from targeted spearphishing, web and SQLi attacks reported in the media. Four bulletins are being released to address 22 CVE records, or sets of vulnerabilities.

“Weibo”, a micro blog in Chinese, is really hot and has become fashionable in China lately.

Yesterday, I blogged about the older version of Adobe Flash Player on my recently purchased Google Chromebook. On Tuesday, the day before, I’d sent out a note to Adobe’s PSIRT asking if they knew what was up with this earlier version.

This week my Samsung Chromebook finally arrived. My interest in this platform had been especially piqued after my colleague Costin Raiu’s excellent analysis following the Chromebook’s introduction.

Here’s the latest of our malware wallpaper calendars.

I found an interesting “bug” in the malicious .php script on the .cc domain. For example, instead of clicking on http://3cm.kz/example, just put at the end http://3cm.kz/example+ or http://3cm.kz/example* or any other and for each new special char you will get the binary. One special char per one new download. The second short URL service used by the criminals is http://shortn.me

Patches are up! This month’s patch Tuesday is a sizable one by any standards. Microsoft is patching a total of 34 vulnerabilities in 16 bulletins. At least eight different product lines are updated. Adobe is coordinating release of Reader, Acrobat, Shockwave and Flash updates as well today.

Here’s the latest of our malware wallpaper calendars.

The Democratic Party of Hong Kong’s website was compromised and serving malware nearly identical to the compromised UK Amnesty International servers at the beginning of this month. The server has been cleaned up.

We are currently investigating a new malicious campaign on Facebook mostly targeting French speaking users.

A host of events took place in the world of IT threats during the first quarter of 2011.