Tag: Web

D.C. Media Sites Found Hacked, Serving Fake AV

Websites operated by media outlets in the Washington D.C. area were the targets of widespread hacks this week, with web sites for two major radio stations among those found serving up malicious links that installed fake antivirus software on victims’ machines. Researchers at two security firms, Invincea and zScaler, identified compromises on the web sites of the two stations – WTOP, the D.C. areas largest FM station, and a sister site, FedNewsRadio, 1500 AM, which caters to government employees. The compromises were part of a string of almost identical attacks that redirected visitors to the web sites that push malicious software to victims’ machines. Only visitors using versions of Microsoft’s Internet Explorer web browser were targeted with the attack, zScaler said. In a related post, researchers at Invincea said the attacks were similar to one they had investigated a breach at dvorak.org, a web site operated by technology blogger John […]

Continue Reading

Update: Hack Investigation At Dept. of Labor Turns Up Internet Explorer 8 Zero Day Hole

A hack of the U.S. Department of Labor web site that was revealed late last week is being described as a “watering hole” style attack aimed at compromising the systems of other government workers, in part using an exploit for a previously unknown (or “zero day”) security vulnerability in some versions of Microsoft’s Internet Explorer web browser.(*) Multiple reports last week indicated that a security breach of the Department of Labor web site had occurred. Accounts indicated that visitors to the site using versions of Internet Explorer were being attacked using exploits for a known vulnerability. Over the weekend, however, researchers analyzing the attacks say that it used an exploit for a zero day hole in IE8, and that details of the attack tie it to a China-based hacking group known as “DeepPanda.” In a blog post on Friday, researchers at the security firm Invincea said that they believed that the […]

Continue Reading

New Banking Trojan Hacks The FAQ To Fool Users

Cyber criminals are notoriously crafty and persistent, especially when it comes to defeating security measures created to thwart them. But a group behind a recent version of the Ramnit banking malware has raised their game to a new level: hacking the customer FAQ (frequently asked questions) document to make their malicious activity look like it was business-as-usual. A report on Tuesday by the security firm Trusteer finds that new variants of Ramnit targeting a UK bank  have added features to game a one-time-password (OTP) feature at the bank. Among other tricks, the Ramnit variant uses an HTML injection attack to alter the wording of the bank’s customer FAQ, making it seem as if prompts created by the malware were standard security features at the bank. The report, published on the Trusteer blog, described a complex ruse in which Ramnit lies dormant on infected machines, then springs to action once a […]

Continue Reading

Juiced: DDoS Attacks 700 Percent Stronger, Iran Joins Top Source Countries

Denial of Service attacks are experiencing a surge in power and duration in the first months of 2013, with Iran joining China and The United States as a top source of the crippling online attacks. The power of distributed denial of service (or DDos) attacks – measured in packets per second – jumped 718 percent in the first three months of 2013, compared to the final three months of 2012, the security firm Prolexic reported on Wednesday. The average bandwidth used in DD0S attacks reached 32.4 million packets per second, overwhelming Internet service providers (ISPs), carriers and content delivery networks designed to mitigate the effects of sudden Internet traffic surges. The data comes from Prolexic’s DD0S Report for the first quarter of 2013. That firm, based in Hollywood, Florida, has become a go-to firm for companies that find their web sites on the receiving end of DDoS attacks. The average attack bandwidth totaled […]

Continue Reading

Anti-Social: Popular WordPress Sharing Plugin Linked To Payday Loan Spam

A popular plug-in for sharing blog content on social networks was discovered to have hidden code that was injecting WordPress blogs with links to phony Pay Day Loan offers and other spam, according to the firm Sucuri. The plug-in, named Social-Media-Widget (SMW) was compromised with malicious code 12 days ago, in concert with an update of the widget. The new version of the plug-in contained a hidden call to a remote PHP script that inserted “Pay Day Loan” spam text and links into WordPress web sites running the plugin. The goal was to infect as many web sites as possible with text that would increase the web reputation and visibility of a web site run by the spammers, according to the post on Tuesday, by Daniel Cid, Sucuri’s CTO. SMW is among the most popular add-ons for Wordpess sites. It allows bloggers who use WordPress to configure sharing buttons that will […]

Continue Reading
1 17 18 19 20 21 26