Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Vulnerabilities

Critical flaws found in MySpace, Facebook ActiveX controls

by Shanmuga

"Bugs in the ActiveX controls on popular social networking sites Facebook and MySpace can be used by hackers to snatch control of Windows PCs, security experts said today. Initially made public by researcher Elazar Broad on the Full Disclosure security mailing list, the vulnerabilities are in a pair of ActiveX controls that Facebook and MySpace […]

Read the full article →

Mozilla confirms Firefox proof of concept information leak vulnerability

by Shanmuga

"Mozilla’s security chief Window Snyder has confirmed a proof of concept information leak flaw in Firefox–even fully patched versions. Snyder confirmed the issue in a blog post. The proof of concept vulnerability was highlighted by researcher Gerry Eisenhaur on Jan. 19. In a nutshell, Firefox leaks information that can allow an attacker to load any […]

Read the full article →

Tips: How to Minimize Risk from Zero Day Attacks

by Shanmuga

"…Microsoft Excel files are being used to exploit a zero-day (previously unknown/unpatched) vulnerability and plant keystroke loggers on select (.gov?) networks…bugs in Microsoft Office applications emerged over the last year as standard weapons for criminals conducting corporate espionage and computer attacks against military targets. Last summer, Microsoft’s Office team struggled to keep pace with flaw […]

Read the full article →

Vulnerabilities: First QuickTime bug of 2008

by Shanmuga

"Luigi Auriemma, a 27-year-old Italian researcher who broke the news of the flaw on Thursday, said that the most recent version of QuickTime is prone to a buffer overflow that, if successfully exploited, gives the attacker free rein over a user’s computer. He posted information and proof-of-concept code on security site, milw0rm, his own website […]

Read the full article →

Vulnerabilities: Microsoft Flaw could lead to worm attack

by Shanmuga

"Microsoft has fixed a critical flaw in the Windows operating system that could be used by criminals to create a self-copying computer worm attack. The software vendor released its first set of patches for 2008 on Tuesday, fixing a pair of networking flaws in the Windows kernel. Microsoft also released a second update for a […]

Read the full article →

Vulnerabilities: RealPlayer flaw raises security flags

by Shanmuga

"Security experts are warning users to be vigilant after the disclosure of a new security vulnerability in RealPlayer. The flaw could allow an attacker to remotely execute code on a victim’s machine.

Read the full article →

Vulberabilities: ID Theft Vulnerability Haunts Firefox

by Shanmuga

"Israeli security researcher Aviv Raff has issued a warning for a fairly serious browser vulnerability that exposes Firefox users to identity theft attacks. Raff, a well-respected hacker who regularly reports security problems in software products, discovered a way to use a browser bug to lure Firefox users into entering login credentials into a maliciously rigged […]

Read the full article →

Security: Microsoft launches Security Vulnerability Research and Defense blog

by Shanmuga

"The Security Vulnerability Research and Defense blog, introduced Thursday, provides in-depth technical information and ways security professionals can protect an organization from vulnerabilities. The blog will be updated the second Tuesday of every month, called "Patch Tuesday," which is when Microsoft releases security updates for Windows and other software.

Read the full article →

Vulnerabilities: Serious Flash vulns menace at least 10,000 websites

by Shanmuga

"Researchers from Google and a well-known security firm have documented serious vulnerabilities in Adobe Flash content which leave tens of thousands of websites susceptible to attacks that steal the personal details of visitors.

Read the full article →

Vulnerabilities: Antivirus software as a malware gateway

by Shanmuga

"Critical vulnerabilities have been found this year in virtually all antivirus products. But the danger of protective software, of all things, mutating into a gateway for pests is still largely underestimated. Antivirus software is not only the most important protection against pests arriving from the Internet, it could also be one of the most dangerous […]

Read the full article →