Came across this great report on the state of Web Threats this year. One of the key lessons from this report shows how cybercriminals are now focused on compromising existing web servers rather than bringing their own online. In fact, they found 90% of malicious websites are compromised sites.
Key reason for this, as explained by Symantec analyst Dan Bleaken:
The attraction of knowing that legitimate sites often come fully furnished...
News Storm
09
Jul, 2010
Here's some key stories that unfolded this week in security:
YouTube Victim of XSS Attack
On Sunday YouTube fell victim to a XSS attack redirecting users to different sites from fake anti-virus pages to porn to Canadian pharmacy. Google patched up the problem relatively quickly but the backlash on Twitter was tremendous. Here's some great posts by SecTechno, The Register, and the SunBelt Blog.
Adobe Launch Function...
Global Spam Rate 89.3% According to Latest Symantec Report
08
Jul, 2010
Symantec recently released their Message Labs Intelligence report, highlighting some key stats in email and web based threats. According to the report the global spam rate is now 89.3%, with 80% of these being pharmaceutical spam. The report also goes into depth on the rash of World Cup threats that amassed in the months before the start of the World Cup.
Check out the full report below...
http://www.messagelabs.com/mlirepo...
Firefox 4 Beta 1 Released!
06
Jul, 2010
The long awaited Firefox 4 Beta 1 has been released. This includes tons of changes, including tab placement and other enhancements for CSS and HTML5. Download link and release notes are linked below...check it out!
http://www.mozilla.com/en-US/firefox/all-beta.html
http://www.mozilla.com/en-US/firefox/4.0b1/releasenot...
Launch Action Still Vulnerable
06
Jul, 2010
Adobe release a patch last week to finally patch to limit the vulnerable Launch action that could be used to run script from Adobe Reader. Turns out the patch is not really complete and the Bkis Blog has found ways around this.
It took Adobe 3 months to issue a patch for this to begin with, are we going to have to wait another 3 months?
In the meantime Didier Stevens, who originally found the problem has done some research...
Adding Twitter Updates with Style
01
Jul, 2010
Getting back into things, some things just weren't lining up in the blog template any longer, so we decided to scrap the whole thing and rebuild using the same template. Strangely enough though, the Twitter widget provided by Blogger doesn't allow any styling, which made the Twitter updates almost impossible to read.
After a while of tinkering with the widgets and trying to find the right one to let me do this I finally found...
We're Back!
01
Jul, 2010
Green Cloud Security is back after a long layoff, mostly working on other projects. It's exciting to dig back into the site, and security in general. You can expect more of the same posts, coverage on the latest threats, threat reports, security tips and more.
Have a great day everyo...
Banking and Virus Scanning with a Live CD
20
Oct, 2009
Last week, Brian Krebs of the Washington Post blogged here advising business owners to perform online banking using a live CD. This excellent advice (IMHO) created quite a stir over the last week.
Essentially, banking on a live CD prevents you from becoming susceptible to Windows viruses, while at the same time loading a fresh, non-compromised...
Obama Stresses Cybersecurity Awareness
19
Oct, 2009
"The lesson is clear, this cyberthreat is one of the most serious economic and national security challenges we face as a nation" (Obama).
This is the message that Obama recently declared in a short video on the White House website. He makes it very clear, in the midst of cybersecurity awareness month, that all Americans need to be aware and secure in their online activities.
"As consumers we use the internet to pay our bills,...
New Zeus Scam Emails and Download Domains
19
Oct, 2009
There are some new Zeus emails going around that folks should be aware of. These emails, as reported by the Securosis blog, pretend to be from a system administrator. The administrator asks them to "run SSl updates procedure" as belo...
Subscribe to:
Posts (Atom)
