DfenseSolutions

“There’s nothing like social networking sites to keep people connected and worms propagating — such as the all new and improved Net-Worm:W32/Koobface.CZ. A little infection equals a little comment in someone’s little site somewhere.”  Read more…

Amazon and Samsumg have begun informing their consumers regarding the discovery of malware on the product’s installer disc (Samsung Frame Manager XP version 1.08). The infected installer disc is needed to use their product, the Samsung SPF-85H 8-Inch Digital Photo Frames w/ 1GB Internal Memory, as a USB monitor. Read more…

“A significant amount of e-card spam has flooded inboxes recently, taking advantage of the upcoming holiday season. Spam mails contain holiday greetings and a short message informing users that they have received an e-card from someone. Also in the email is an embedded URL link where the recipient can view or claim their e-card.”  Read more…

Microsoft has updated its advisory to include other version of Internet Explorer.  So far we have only seen exploits for version 7, but Microsoft has included versions 5 and 6.  To get more information please read the Microsoft advisory [click here].

We have created an instructional video presenting the exploit and what it could do.  This version of the exploit is safe and will if succesful start the windows calculator program.  Other versions of the exploit might include more malicious payloads.  Again we do not include the URL that is hosting the exploit code but rather present what could happen if you visit a site that is hosting the malware [which there are thousands]. You can watch the educational video below or in High Definition [click here].

Internet Explorer 7 Exploit from dfensesolutions.com on Vimeo.

“Microsoft’s recent security updates fail to provide protection against a recently discovered zero-day vulnerability, which could provide opportunities for cyber criminals to compromise PCs.

Several websites were found rigged with a malicious JavaScript detected by Trend Micro as JS_DLOAD.MD. This script exploits this zero-day vulnerability in Internet Explorer, through a Heap Spray on SDHTML. It also checks for the IE version installed on the affected system, since this exploit targets IE7.”  Read more…

“AV-Comparatives, the Austrian team of experts dedicated to antivirus tests acknowledged as a reference point in the field, has published the second part of the mid-year comparative, an ideal addendum to the one already released in the past September. This time the aim is to evaluate the antimalware tools effectiveness against unknown threats, in a test scenario meant to prove the heuristic part and the generic markers of the on-demand scanning engines.”  Read more…

“The Mac community this week has been debating an updated Knowledge Base article on Apple’s Web site that raised questions about the company’s stance on security. The recent update, which was pulled down on Tuesday, originally recommended that users install at least one antivirus software app. It was an odd statement given that Apple has often bashed rival Windows for being less secure than Mac OS X.” Read more…

“Yes, Linux is running on the iPhone. Yes, it’s only the first early port, but it’s the iPhone running the Linux OS, controlled with a USB keyboard running off the iPhone multi-purpose port thanks to the reverser engineering of Apple’s hardware drivers by iPhone Dev Team members.” Read more…