Vulnerabilities and exploits

After a long service black out Sony reported yesterday that their PSN gamer network has been compromised. Sony further admitted that all kinds of user data had become available to an unknown attacker.  Some of the personal details available to the attackers include your name, address, and email address, date of birth, PSN login name and password.  In fact even password security answers may have been obtained.  In addition to these items Sony stated “While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility.”  Sony does not speculate on when their network may come back online but states that they are rebuilding it, and undergoing external security audits.

Kaspersky Lab malware researcher Vicente Diaz joins the Lab Matters webcast to discuss the banking malware epidemic in Europe and offer suggestions for consumers doing business on the Web.

This month, Microsoft is releasing 17 bulletins to address 63 security vulnerabilities across a wide range of Windows products. Out of these vulnerabilities, 12 are rated critical and 51 important.

Almost exactly one month ago we warned about a zero-day in Flash which was being exploited in targeted attacks.

The .co.cc domains, littered with malicious sub domains hosting exploit pages and malicious java applets for the past several months, are now hosting FakeAv pages and “BestAntivirus2011.exe”.

Here’s the latest of our malware wallpaper calendars.

In this edition of the Lab Matters webcast, malware researcher Tillmann Werner and Ryan Naraine discuss the ongoing battle to control the Conficker botnet and the need for the computer security industry to consider newer approaches to mitigating the botnet epidemic.

Over the past couple months, some advertising networks have been distributing ads that redirect browsers to sites hosting exploits. Spotify’s ad networks are the most recently outed.

Kaspersky lab discovered a new variant today, in the form of an obfuscated executable. Please review the technical details for further information. The threat was detected automatically thanks to the Kaspersky Security Network as UDS:DangerousObject.Multi.Generic.

Kaspersky Lab is still monitoring malicious websites involved in the recent Japan spam campaigns.

Ever since Stuxnet hit the news last year, there has been an increased interest in the area of industrial control systems (ICS). This has been evidenced by the fact that we’ve seen a recent surge in public releases of zero-day (unpatched) vulnerabilities and exploits.

Me and Slammer (Helkern) go back a long way…to 25 January 2003 to be precise. It was a baptism of fire for me in my new role as a virus analyst at Kaspersky Lab. It was a weekend and I was alone, in charge of monitoring the incoming flow of suspicious files. I had barely been at the company a month

Adobe released its fix for CVE-2011-0609 this afternoon, making good on last week’s advisory dealing with the latest Flash zero-day. Kaspersky Lab products detected .a, .b and .c variants as “Trojan-Dropper.MSExcel.SWFDrop” this past week.

Last week, we published a blog post regarding the ongoing spam campaign using the recent earthquake in Japan to infect users. According to our analysis, it seems that the malicious links from the spam emails lead to websites hosting the Incognito Exploit Kit.

Kaspersky Lab has detected a malicious spam campaign using the recent earthquake in Japan to infect users.