One of the most well known and documented problems this month was blackhat SEO poisoning with malicious results leading to rogue AV and other types of malware.
"Searches for current events often lead to malicious Web sites designed to lead people into installing rogue (fake) security software. It's now a given that whenever a big news story breaks, a big event is happening, or a big holiday is coming up that the bad guys will start populating search results on Google, Bing and other search engines with fake stories. This month we saw fake results in relation to the deaths of Patrick Swayze and Keith Floyd, Labor Day sale, the launch of Microsoft's free anti-virus, and the launch of Google Wave. The manipulation of search results is a highly automated operation and the bad guys monitor Twitter trending topics, Google Trends, and major news sites for topics to use in their activities" (Websense).Some other highlights this month include:
- Malvertising incidents most notably with the New York Times website.
- Wordpress worm compromising outdated installations with a known exploit.
- IIS FTP servers faced a zero-day vulnerability, which still has not been patched (due next week).
- Other Microsoft zero-day exploits allowing remote users to execute code.
- "Chat-in-the-Middle" real-time phishing attacks .
- IRS phishing attacks serving the Zbot trojan.
- Bahama botnet linked to click fraud and other activities.
http://securitylabs.websense.com/content/Blogs/3490.aspx
