Zero-day attack targets IE Researchers at Sunbelt Software warned Monday that they've detected a new zero-day attack against Internet Explorer (IE). The attacks are originating from a series of pornographic Web sites based in Russia, with the goal of dropping malicious code onto Windows machines to make them part of botnets. The attacks are targeting a buffer overflow caused by how IE handles VML (Vector Markup Language) code, Eric...
DHS names new cybersecurity chief
After a year-long wait, the Department of Homeland Security named its first cybersecurity czar Monday. DHS Secretary Michael Chertoff released a statement appointing information security policy expert Gregory Garcia as assistant secretary for cyber security and telecommunications. Garcia most recently worked for the Information Technology Association of America, serving as the industry group's vice president for information security policy and programs. His main responsibility now is to help the nation prevent catastrophic cyberattacks.
Worm spreads via AOL IM
FaceTime Security Labs is warning of a new worm that uses AOL Instant Messenger to spread. The apparent goal of Win32.Pipeline is to hijack machines that could be used in a botnet. Pipeline delivers a malicious file that's advertised as a JPEG image, and calls out to host computers that install rootkits and Trojans horse programs on the affected machine. Attackers could then use the hijacked machines to send out spam, commit a variety of fraud and cause distributed denial-of-service attacks. Like many IM worms, FaceTime said in a statement, Pipeline first appears as an instant message from a familiar contact, luring users into clicking on a link with a contextual phrase. The IM message "hey would it okay if i upload this picture of you to my blog?" downloads a command file called image18.com, which is disguised as a JPEG. Running the file results in csts.exe being created in the user's system32 folder, part of the Windows operating system.