tag:blogger.com,1999:blog-54444588135822589222011-11-27T15:34:30.209-08:00Blogs focused on Web Security and Converged ThreatsGreen Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comBlogger221100tag:blogger.com,1999:blog-5444458813582258922.post-55650164806403565032010-07-14T17:38:00.000-07:002010-07-14T17:38:28.692-07:00

Came across this great report on the state of Web Threats this year. One of the key lessons from this report shows how cybercriminals are now focused on compromising existing web servers rather than bringing their own online. In fact, they found 90% of malicious websites are compromised sites. Key reason for this, as explained by Symantec analyst Dan Bleaken: The attraction of knowing that

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-29794541184795985862010-07-09T20:43:00.000-07:002010-07-09T20:43:31.514-07:00

Here's some key stories that unfolded this week in security: YouTube Victim of XSS Attack On Sunday YouTube fell victim to a XSS attack redirecting users to different sites from fake anti-virus pages to porn to Canadian pharmacy. Google patched up the problem relatively quickly but the backlash on Twitter was tremendous. Here's some great posts by SecTechno, The Register, and the SunBelt Blog.

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-88769936942154585432010-07-08T18:17:00.000-07:002010-07-08T18:17:01.607-07:00

Symantec recently released their Message Labs Intelligence report, highlighting some key stats in email and web based threats. According to the report the global spam rate is now 89.3%, with 80% of these being pharmaceutical spam. The report also goes into depth on the rash of World Cup threats that amassed in the months before the start of the World Cup. Check out the full report below... http

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-37862751491543034252010-07-06T19:20:00.000-07:002010-07-06T19:20:21.681-07:00

The long awaited Firefox 4 Beta 1 has been released. This includes tons of changes, including tab placement and other enhancements for CSS and HTML5. Download link and release notes are linked below...check it out! http://www.mozilla.com/en-US/firefox/all-beta.html http://www.mozilla.com/en-US/firefox/4.0b1/releasenotes/

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-13345835518421762842010-07-06T19:06:00.000-07:002010-07-06T19:06:47.647-07:00

Adobe release a patch last week to finally patch to limit the vulnerable Launch action that could be used to run script from Adobe Reader. Turns out the patch is not really complete and the Bkis Blog has found ways around this.  It took Adobe 3 months to issue a patch for this to begin with, are we going to have to wait another 3 months? In the meantime Didier Stevens, who originally found the

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-20200461191727622682010-07-01T19:30:00.000-07:002010-07-01T20:06:19.020-07:00

Getting back into things, some things just weren't lining up in the blog template any longer, so we decided to scrap the whole thing and rebuild using the same template. Strangely enough though, the Twitter widget provided by Blogger doesn't allow any styling, which made the Twitter updates almost impossible to read. After a while of tinkering with the widgets and trying to find the right one to

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-84750883068405722962010-07-01T19:24:00.000-07:002010-07-01T20:05:43.633-07:00

Green Cloud Security is back after a long layoff, mostly working on other projects. It's exciting to dig back into the site, and security in general. You can expect more of the same posts, coverage on the latest threats, threat reports, security tips and more.  Have a great day everyone!

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-20343507296187107642009-10-20T19:51:00.000-07:002009-10-20T19:57:57.816-07:00

Last week, Brian Krebs of the Washington Post blogged here advising business owners to perform online banking using a live CD. This excellent advice (IMHO) created quite a stir over the last week. Essentially, banking on a live CD prevents you from becoming susceptible to Windows viruses, while at the same time loading a fresh, non-compromised OS each time. This can almost guarantee that you

Green Cloud Securityhttp://www.blogger.com/profile/17335573974458352011noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-21565182367204405322009-10-19T19:15:00.000-07:002009-10-19T19:29:50.318-07:00

"The lesson is clear, this cyberthreat is one of the most serious economic and national security challenges we face as a nation" (Obama). This is the message that Obama recently declared in a short video on the White House website. He makes it very clear, in the midst of cybersecurity awareness month, that all Americans need to be aware and secure in their online activities. "As consumers we

Green Cloud Securityhttp://www.blogger.com/profile/17335573974458352011noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-77163192319989090822009-10-19T17:44:00.000-07:002009-10-19T17:52:50.714-07:00

There are some new Zeus emails going around that folks should be aware of. These emails, as reported by the Securosis blog, pretend to be from a system administrator. The administrator asks them to "run SSl updates procedure" as below. Attention! On October 22, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour. The changes will concern

Green Cloud Securityhttp://www.blogger.com/profile/17335573974458352011noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-31111051596692731812009-10-15T18:20:00.000-07:002009-10-19T17:48:04.738-07:00

There is a new twist on the IRS emails that have been delivering zbot and other threats over the last month. In some new emails, reports Gary Warner, the link contained in the message is to Geocities.An example from the CyberCrime & Doing Time blog:hxxp://geocities.com/FreddyCampbell36/ohuloc.htmWhile the users will ultimately end up at the commonly used http://www.irs.gov.blah.blah.co.uk/

Green Cloud Securityhttp://www.blogger.com/profile/17335573974458352011noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-57420990444674615252009-10-10T07:52:00.000-07:002009-10-10T07:53:00.501-07:00

Firefox recently added the ability to group collections of add-ons for easy sharing. The ISC recently published their recommended add-ons and we've followed in suit. There was a couple additional add-ons, namely FlagFox and KeyScrambler, that are also useful security add-ons. Green Cloud Security Add-Ons: https://addons.mozilla.org/en-US/firefox/collection/greencloudsecurity

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-16723104834752642912009-10-10T07:37:00.000-07:002009-10-10T07:53:39.187-07:00

Websense published their monthly report, "This Month in the Threat Webscape". September saw a number of new attacks and an increase in some old ones. One of the most well known and documented problems this month was blackhat SEO poisoning with malicious results leading to rogue AV and other types of malware. "Searches for current events often lead to malicious Web sites designed to lead people

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-42606963025754477202009-10-09T09:15:00.000-07:002009-10-10T07:52:46.259-07:00

Comcast is beginning the launch of a new service to notify users when of compromised computers and botted machines. The service, called Comcast Constant Guard, has started an initial roll out in the Denver area. Infected customers will be notified via a pop-up message in a browser, and given links to go to the Anti-Virus Center to repair the problem. This will give notification to those not

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-62244686563684475922009-10-06T19:20:00.000-07:002009-10-10T07:53:22.468-07:00

The Anti-Phishing Working Group (APWG) released their first half "Phishing Activity Trends Report" with some startling statistics. For those that have not heard of the APWG, the organization devoted to the elimination of phishing and identity theft scams. The report gives statistics on many trends inlcuding phishing trends, rogue AV, keyloggers and others and fully reinforces the fact that the

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-70563076593675176272009-10-05T18:27:00.000-07:002009-10-19T17:48:14.853-07:00

Webroot has discovered a new trojan that performs a variety of malicious tasks. One of the primary functions is to crack captchas so that forms of all types can be submitted by the attacker. The trojan will download a specific set of instructions from the internet including which sites to attack, and then operate in the background - attempting to connect to targeted sites. That is not the only

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-40083304686146713782009-09-30T17:26:00.000-07:002009-09-30T17:50:15.040-07:00

There has been a lot of news lately surrounding key logging trojans including Zbot, Clampi and others. These trojans are designed to steal authentication credentials and other sensitive information, especially for banking and social networking sites leaving users scrambling for ways to protect themselves. The highlights of these news articles has been how easily these trojans can evade

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-81862674783064496492009-09-27T08:50:00.000-07:002009-09-27T08:57:49.272-07:00

The Zbot Trojan, aka Zeus or WSNPoem, is the world's largest and most dangerous malware. A recent whitepaper by Trusteer, who specializes in securing online transactions, proven the Zbot trojan has an incredibly low detection rate amongst anti-virus scanners. Trusteer reports that 3.6 million PCs are infected in the US alone, and even up to date anti-virus scanners cannot stop it. "Installing an

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-40895190428630976192009-09-25T20:20:00.000-07:002009-09-25T20:30:43.822-07:00

A new list of malicious domains was released, all with marijuana related content. The domains all point to the same server and include marijuana related terms in the domains. A spot check shows these domains have been registered for some time, and no recent changes so the sites and server have likely been compromised. Examples include marijuanause.com, purethc.com and gasmaskbong.com. Below is

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-87043464757290619152009-09-23T19:57:00.000-07:002009-10-19T17:47:37.527-07:00

A new list of IRS Scam and Zbot domains was recently posted on malwareurl.com. These are interesting as the domain names are altered only slightly and end in .eu. There are a total of 28 domains and 20 unique IP addresses. yoky1w.eu 79.117.171.75 mi11f1.eu 187.64.34.106 mi11fa.eu 187.64.34.106 mi11fd.eu 79.184.58.166 mi11fe.eu 187.64.34.106 mi11ff.eu 85.106.95.114 mi11fi.eu 194.54.48.50

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-47196738254223376952009-09-21T19:50:00.000-07:002009-09-21T19:54:53.731-07:00

As internet threats continue to evolve it's becoming clear that web threats and blended threats are becoming the most predominant danger to network security. Green Cloud Security and this blog are dedicated to the proliferation of information about web security issues - increasing awareness for both network administrators and regular internet users. The creation of this blog comes on the heels

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.comtag:blogger.com,1999:blog-5444458813582258922.post-77205137496772921432009-09-20T15:07:00.000-07:002009-10-03T19:13:03.601-07:00

Below is a list of resources that can be used to analyze web based threats, viruses and malware. I will update this list continually. Web Analysis Services Virus Total - http://www.virustotal.com/ Wepawet  - http://wepawet.iseclab.org/ Virus.org - http://scanner.virus.org/ JSUnpack - http://jsunpack.jeek.org/dec/api Web Sniffer - http://web-sniffer.net/ Applications and Plugins Malzilla -

Green Cloud Securityhttp://www.blogger.com/profile/17822028485314254179noreply@blogger.com