Web threats

A friend had ‘sent’ me a strange-looking link via Facebook IM. A closer look revealed that it was a link being spread by a new and active Facebook worm.

Another live XSS vulnerability in Orkut affected more than 180,000 users in Brazil.

There have been several reports about malware hosted on Mozilla and Google code servers. Now we also found malware hosted on My Opera community servers.

We’re still monitoring Pegel, and we’ve come across something which piqued our interest: redirects to malicious websites hosting exploits weren’t only coming from infected legitimate sites, but also from flash ads on legitimate sites.

You may have noticed that we lowered our internet threat level to low risk. We have taken another look at Email-Worm.Win32.VBMania and its prevalence and came to the conclusion the increased threat level was not warranted.

A new Twitter XSS exploit was identified in the wild as it started to be used by cybercriminals overnight.

On Aug 21, we detected a new instant messenger worm that spreads through almost all well-known IM programs. The name of the threat is “IM-Worm.Win32.Zeroll.a”

From the dangers of EXIF to the publishing of vacation photos online in a safe manner.

Websites getting defaced, servers getting turned into nodes in botnets, shell accounts and backdoors being sold on the black market – this is what’s happening on the Internet every day

The vulnerability in the Windows Help and Support Center (CVE-2010-1885) has been a constant irritation to antivirus experts for the third week in succession. I will try to provide an analysis of the problem with the help of KSN

Iframes can have several attributes and we often encounter them when analysing malicious sites. They are often used in a hidden way to construct drive-by downloads of malware

The World Cup 2010 is the most popular event running right now. The cyber criminals didn’t want to lose such “good” opportunity for them and already took advantage in some ways.

Attacks of Brazilian cybercriminals on Twitter using Direct Messages and compromised accounts

Twitter for iPhone ™ and unexpected malicious results leading to Trojan Banker to steal on-line bank credentials of the victims!

Today i found a new tool which will allow anyone to create a malicious program with just a few simple mouse clicks. When the malicious program is executed the infected computer is connected to a botnet which communicates via Twitter and is used for various illegal purposes.