Security Bytes: Phishing worm spreads through MySpace

By SearchSecurity.com Staff 04 Dec 2006 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Phishing worm spreads through MySpace
Here's a concern for enterprises whose employees may be using MySpace on company time:

Phishers are targeting the MySpace community with a worm that exploits the Javascript support within Apple's embedded QuickTime player as well as a MySpace vulnerability, San Diego, Calif.-based Websense Inc. said in an advisory. Attackers are using the flaws to replace legitimate links on the user's MySpace profile with links to a phishing site.

"Once a user's MySpace profile is infected [by viewing a malicious embedded QuickTime video], that profile is modified in two ways," Websense said. "The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly-infected profile may have their own profile infected as well."

An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, Websense said.

Security researchers warn of new Windows flaw
Attackers could cause a denial of service by exploiting a new flaw in Microsoft Windows, security researchers warned in advisories over the weekend.

According to Danish vulnerability clearinghouse Secunia, the flaw is caused by an error in the handling of "RpcGetPrinterData()" RPC requests within Windows' Print Spooler service (spoolsv.exe). "This can be exploited to consume almost all available memory via a specially crafted packet, which may result in a system crash," Secunia said.

Secunia confirmed the flaw on a fully patched Windows 2000 SP4 system, and said other versions may be affected as well.

Secunia and the French Security Incident Response Team (FrSIRT) recommended users mitigate the threat by restricting access to the service or by disabling the Print Spooler service.

EveryDNS is hit by massive botnet attack
Botnet masters launched a fierce distributed denial-of-service (DDoS) attack over the weekend against Web sites using the free domain name management services of EveryDNS and sister company OpenDNS, which runs the PhishTank anti-phishing initiative. The attack ultimately affected thousands of sites, according to a report in eWeek. While the home page and blog for OpenDNS were knocked down for more than an hour Dec. 1, the company's core DNS resolution service seems to have escaped damage.

Attacks are continuing, but the company has managed to contain it through high-level traffic filtering and modifications at the DNS level, eWeek reported.

Tags: Emerging Information Security Threats,  Identity Theft and Data Security Breaches,  Malware, Viruses, Trojans and Spyware,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Emerging Information Security Threats RSA Conference 2010: news, interviews and updates Medical identity fraudsters target health care info, experts say Clientless SSL VPN vulnerability and Web browser protection Cloud security issues, targeted attacks to be hot-button topics at RSA Google attacks and infrastructure insecurities Defending against RAM scraper malware in the enterprise Leverage Google Attacks to Improve Cybersecurity SCADA system, critical infrastructure security lacking, survey finds Preparing for future security threats, evolving malware Facebook attacks prompt investments in social networking security Identity Theft and Data Security Breaches At RSA Conference, experts dismiss end-to-end encryption claims Companies urged to share data breach information Mass 201 CMR 17: Basics for security practitioners How to prevent iPhone spying: mobile phone management tips FTC probes P2P corporate data leaks MA 201 CMR 17 enforcement less likely with prompt reporting, cooperation No major PCI DSS revision expected in 2010 Data breach costs continue to rise in 2009, Ponemon study finds Chinese hacker attacks target Google Gmail accounts, top tech firms Facebook, McAfee partner to fix social network security issues Malware, Viruses, Trojans and Spyware Zeus botnet temporarily disrupted, but back in full force Botnets, malware and capturing cybercriminals Botnets, malware and capturing cybercriminals Social networking threats put new pressure on healthcare CSOs Zeus Trojan continues reign infecting 74,000 PCs in global botnet Defending against RAM scraper malware in the enterprise Malware in Google attacks uses spaghetti code Preparing for future security threats, evolving malware Facebook attacks prompt investments in social networking security Another PDF attack targets Adobe zero-day vulnerability

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary cyberwarfare  (SearchSecurity.com) DNS rebinding attack  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) man in the browser  (SearchSecurity.com) phlashing  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com) pulsing zombie  (SearchSecurity.com) Same Origin Policy (SOP)  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary