Security Bytes: Phishing worm spreads through MySpace

By SearchSecurity.com Staff 04 Dec 2006 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Phishing worm spreads through MySpace
Here's a concern for enterprises whose employees may be using MySpace on company time:

Phishers are targeting the MySpace community with a worm that exploits the Javascript support within Apple's embedded QuickTime player as well as a MySpace vulnerability, San Diego, Calif.-based Websense Inc. said in an advisory. Attackers are using the flaws to replace legitimate links on the user's MySpace profile with links to a phishing site.

"Once a user's MySpace profile is infected [by viewing a malicious embedded QuickTime video], that profile is modified in two ways," Websense said. "The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly-infected profile may have their own profile infected as well."

An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, Websense said.

Security researchers warn of new Windows flaw
Attackers could cause a denial of service by exploiting a new flaw in Microsoft Windows, security researchers warned in advisories over the weekend.

According to Danish vulnerability clearinghouse Secunia, the flaw is caused by an error in the handling of "RpcGetPrinterData()" RPC requests within Windows' Print Spooler service (spoolsv.exe). "This can be exploited to consume almost all available memory via a specially crafted packet, which may result in a system crash," Secunia said.

Secunia confirmed the flaw on a fully patched Windows 2000 SP4 system, and said other versions may be affected as well.

Secunia and the French Security Incident Response Team (FrSIRT) recommended users mitigate the threat by restricting access to the service or by disabling the Print Spooler service.

EveryDNS is hit by massive botnet attack
Botnet masters launched a fierce distributed denial-of-service (DDoS) attack over the weekend against Web sites using the free domain name management services of EveryDNS and sister company OpenDNS, which runs the PhishTank anti-phishing initiative. The attack ultimately affected thousands of sites, according to a report in eWeek. While the home page and blog for OpenDNS were knocked down for more than an hour Dec. 1, the company's core DNS resolution service seems to have escaped damage.

Attacks are continuing, but the company has managed to contain it through high-level traffic filtering and modifications at the DNS level, eWeek reported.

Tags: Emerging Information Security Threats,  Identity Theft and Data Security Breaches,  Malware, Viruses, Trojans and Spyware,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Emerging Information Security Threats Best practices for (small) botnets Cybersecurity grant to fund research into critical infrastructure threats RSA security conference 2010: news, interviews and updates Hackers to sharpen malware, malicious software in 2010 Modern malware, stealthy botnets, adapt quickly, expert says New ransomware Trojan pushes victims to buy software Bruce Schneier on outsourcing, awareness training Marcus Ranum on cyberwarfare, infosec careers US-CERT warns of BlackBerry snooping software Researchers find thousands of flawed embedded devices Identity Theft and Data Security Breaches Health Net healthcare data breach affects1.5 million Massive T-Mobile UK security breach involves insiders Chip and PIN adoption serves lesson for U.S. payment industry Group to shed light on secure identity management threats Heartland CIO is critical of First Data's credit card tokenization plan Heartland CIO on end-to-end encryption, credit card tokenization Heartland CIO on PCI, E3 project Visa probes tokens, encryption for PCI card data protection University data breach exposes 163,000 women to identity theft TJX thrives following breach, bucks sour economy Malware, Viruses, Trojans and Spyware The world's top 5 riskiest domains New Zeus spam poses as Social Security statements Increase in Gumblar backdoors poses FTP credential problems Hackers to sharpen malware, malicious software in 2010 iPhone worm Rickrolls jailbroken phones Israeli Mossad add Trojan Horse to Syrian laptop Schneier-Ranum Face-Off: Is antivirus dead? Modern malware, stealthy botnets, adapt quickly, expert says Computer worm infections up, scareware antivirus down, Microsoft says Web-based attacks skyrocket, pirating sites surge, security firms say

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary DNS rebinding attack  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) man in the browser  (SearchSecurity.com) phlashing  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com) pulsing zombie  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary