Simion and 8 Guests are viewing this topic.
Despite improvements in secure operating systems and security software, most users’ PCs contain on average around 12 different vulnerabilities, according to a Kaspersky Lab Q2 threat study. Adobe (NSDQ:ADBE) flaws comprised the vast majority of the 10 most common vulnerabilities, followed by Oracle (NSDQ:ORCL)-Sun-Java glitches. Seven of the top 10 vulnerabilities were found in Adobe Flash Player.
Solnik and Bailey have not made public the name of the specific software programs and platforms that they targeted with their text-message attack. The Black Hat demonstration was intended to show automakers that should they not take proper security precautions when developing their automotive software, then it is entirely possible that individuals with less than honorable intentions will gain access to more important systems and cause greater damage. For example, the potential for chaos is amplified should hackers sit in the street after hours in front of a dealership and remotely disable vehicle software on a large scale.
At least 40,000 Web sites recently were hacked and retrofitted with instructions that silently attempt to infest visitor PCs with malicious software, security experts warn.Each hacked site redirects to Web sites that bombard the visitor's PC with about 20 different Web browser vulnerabilities and browser plug-in attacks, targeting older, insecure versions of several third-party applications like QuickTime and Winzip.This latest mass Web site hack is thought to be separate from a similar recent incident referred to as "Gumblar," so named because an estimated 60,000 domains hijacked over several weeks redirected visitors to a malware-serving Web site named Gumblar.cn, among others. If you were to visit one of these sites hacked with the Beladen code, you probably wouldn't notice anything amiss. In the background, though, malicious code inserted into the site would force your browser to invisibly contact google-analyt1cs.net (please don't visit this site either), which checks the name of the referring Web site, records the date and time stamp of the visit, and then forwards the victim on to the Beladen site, which then silently attempts to exploit a series of browser vulnerabilities.
Fraudulent certificate triggers blocking from software companieshttps://www.eff.org/deeplinks/2011/08/iranian-man-middle-attack-against-googlehttp://www.microsoft.com/technet/security/advisory/2607712.mspxhttp://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-certhttp://googleonlinesecurity.blogspot.com/2011/08/update-on-attempted-man-in-middle.html
1. Thanks Asyn.2. For Firefox users, take an action! It's not just about reading!
