Browse by Tags
All Tags »
Security, safety and privacy on the Internet (
RSS)
Adobe Reader 9 has been released, and guess what, it can display SWF and FLA files... I wonder what implication this has with regards to the security landscape surrounding malicious SWF. Are we going to have to watch out for PDFs which contain malicious...
I've been keeping a close eye on Australian web sites that have been affected by malicious SQL injection attacks, specifically concentrating on sites that are 'repeat offenders'. One of the repeat offenders is walkingchallenge.gov.au. On that...
Do you ever get the feeling that people are not listening? I blogged about malicious advertisements featuring XM Radio on Sunday here: Report- Malvertizements that have been circulating Now Kimberley has discovered that those same XM Radio malvertizements...
The Internet Explorer team have published 3 new articles about IE8 that are well worth a read. First, the SmartScreen filter: IE8 Security Part III- SmartScreen® Filter The feature that I want to call out about the SmartScreen filter is the antimalware...
XM Radio Exposed domain: aboutstat.net XM Radio again Exposed domains: waytotheprofit.com/?cmpid=weannalist and officialstat.com/c/index.php , both of which are known malvertizement domains. waytotheprofit.com/?cmpid=weannalist leads us to an adverdaemon...
perfectmatch.com Domains exposed: profitabill.com/?cmpid=cancrineso stat-diagnostic-imaging.net/c/index.php profitabill.com Hosted by Plusserver, Germany. Administrative contact is the infamous Serg Moon - WHOIS details are, of course, unhelpful. Note...
First Choice in French (we have seen malvertizements featuring First Choice before - eg: this one in English ) This malvertizement exposes a domain to us, waytotheprofit.com/?cmpid=atrecreant and click.adlbrite.com . adlbrite.com is hosted by nine.ch...
Information courtesy of Intego , a company specializing in security products for the Mac. Intego has released a security memo describing a trojan horse for the Mac - a poker game that, when run, harvests the username, password and IP address of the victim...
I have received a copy of a new malvertizement featuring gifttree.com. Analysis reveals two malicious URLs, being: waytotheprofit.com/?cmpid=itlocation station-appraisals.com/c/index.php? The waytotheprofit.com URL leads us to an adnetserver.com URL which...
First, driveway: waytotheprofit.com/?cmpid=comedogeni&adid=intl statgroup.net/c/index.php?id=WmhuaHhDTEFpUXm7NkiZmOVpYVnd4cGtoPTEyMDgxNjk3MDUmcG56Y252dGE9cGJ6cnFidHJhdgYNkiDgNmYNkiDgNm Next, dreammates: waytotheprofit.com/?cmpid=comedogeni&adid...
Adopstools.com was not able to analyse the sample that I have, but there is more than one way to get things done. The malicious SWF exposes victims to two different URLs: impressiontracker.com/url/sc_6.php and yourredirect.com/soft.php?aid=000417&d...
Regular readers may recall the new eBooks malvertizement highlighted the other day - this one: Here's another version, slightly tweaked. You'll notice the different wording and different font:
Screenshots (had to smile at the appearance of the word "malware"): I'm also seeing a steady stream of ringtone: and American Singles malvertizements:
A fraudware web site that will *not* close. I see this: I try to close using Red X, I get this: I try to close using the Red X, which has always been sufficient in the past. In this case, the dialogue box goes away but the god-damned window is still open...
Washington State Attorney General Rob McKenna today announced another win in the state’s fight to protect consumers from online fraud. A King County Superior Court Judge found that Internet affiliate advertisers Securelink Networks, LLC , and NJC Softwares...
The malvertizements discovered on Yahoo are STILL there... Moli.com is still displaying malvertizements as well
Earlier I posted an alert that ReachWe (reachwe.com) has been caught distributing malvertizements . Kimberley has written about another advertising service that shares IP with reachwe.com - P-mediaonline.com - discussed here: http://www.bluetack.co.uk...
Here it is folks, hot off the press... What can I say... the sheer arrogance of those behind the malvertizement is staggering - they believe that they can impersonate a multi-million dollar corporation without fear. When we analyse the malvertizement...
Here it is: URL: content.yieldmanager.edgesuite.net/atoms/d0/e4/38/21/d0e4382110fedd6e68c86c5f1febe683.swf content.yieldmanager.edgesuite.net is Akamai... I know just who to contact :o) Analysis The malvertizement utilizes two URLs, being: stathome.net...
One more for this evening... a new "getafreecar" malvertizement
More Posts
Next page »