SECURITY WARNINGS & Notices - Please post them here

[Asyn]

New zero-day in Adobe Reader actively being abused: http://blog.fireeye.com/research/2013/02/in-turn-its-pdf-time.html (link article author FireEye's Yichong Lin )

Confirmed by Adobe: http://blogs.adobe.com/psirt/2013/02/adobe-reader-and-acrobat-vulnerability-report.html

-> http://www.adobe.com/support/security/advisories/apsa13-02.html

[polonus]

Hi Marc57,

Another nice one from Gibson: http://www.grc.com/dns/benchmark.htm

pol

[Asyn]

Lots of router vulnerabilities, not many patches
http://www.h-online.com/security/news/item/Lots-of-router-vulnerabilities-not-many-patches-1800471.html

More Wi-Fi devices with security holes
http://www.h-online.com/security/news/item/More-Wi-Fi-devices-with-security-holes-1805115.html

[polonus]

USB worm recognizes VM: http://blogs.mcafee.com/mcafee-labs/polymorphic-autorun-worm-evolves-and-obfuscates (link article author - McAfee's Sanchit Karve)

polonus

[polonus]

American SSL-certificate company DigiCert issued 70 digital certificates to malcreants: http://www.welivesecurity.com/2013/02/21/code-certificate-laissez-faire-banking-trojans/ (link article author = ESET's Stephen Cobb)

polonus

[Asyn]

NBC Website HACKED – Be Careful Surfing
http://blog.sucuri.net/2013/02/nbc-website-hacked-be-careful-surfing.html

[bob3160]

Beware! Identity thieves are targeting your tax refund

"Victims often don't find out their IDs have been stolen until their legitimate returns are rejected.
Straightening out those tax records can be a significant administrative hassle -- this is the IRS,
after all. Acting IRS Commissioner Steven T. Miller said last month that taxpayers whose IDs
have been stolen often must wait months to get their rightful refunds."

[Asyn]

Recent Cyberattacks [MS]
http://blogs.technet.com/b/msrc/archive/2013/02/22/recent-cyberattacks.aspx

[mister.marmot]

Recent Cyberattacks [MS]
http://blogs.technet.com/b/msrc/archive/2013/02/22/recent-cyberattacks.aspx

You see any description of the exact method and symptoms of these attacks?  Java code?

I had heard that some of the attacks were keystroke loggers planted through emails to unsuspecting employees.

[Rompin Raider]

Recent Cyberattacks [MS]
http://blogs.technet.com/b/msrc/archive/2013/02/22/recent-cyberattacks.aspx

You see any description of the exact method and symptoms of these attacks?  Java code?

I had heard that some of the attacks were keystroke loggers planted through emails to unsuspecting employees.

Here is some of the NBC info:
http://malwaretips.com/Thread-NBC-com-hacked-serving-up-Citadel-malware

[polonus]

Again new Java 7 holes found, issues 54 and 55 (should be combined for a functional exploit):
http://www.security-explorations.com/en/SE-2012-01-poc.html
credits go to Adam Gowdiak

polonus

[Asyn]

Again new Java 7 holes found, issues 54 and 55 (should be combined for a functional exploit):
http://www.security-explorations.com/en/SE-2012-01-poc.html
credits go to Adam Gowdiak

polonus

Also see: http://news.softpedia.com/news/Zero-Day-Vulnerability-Affecting-Java-7-Update-15-and-Earlier-Versions-Identified-332157.shtml

[polonus]

Update on the Bit9 security incident (SQL attack combined with a java exploit): https://blog.bit9.com/2013/02/25/bit9-security-incident-update/
(link article author = harry sverdlove)

polonus

[Pondus]

Iran Fights Off New Attack From Enemy Hackers
http://www.redorbit.com/news/technology/1112754098/iran-fights-off-enemy-hackers-122612/

[polonus]

Sneaky Joomla Web Malware alert: http://www.viruss.eu/web-malware/sneaky-joomla-web-malware-javascript-infections/ (link article author = antivirus robot)
Cleaning up info: http://sucuri.net/cleaning-up-an-infected-joomla-web-site.html

polonus