Security Bytes: Phishing worm spreads through MySpace

By SearchSecurity.com Staff 04 Dec 2006 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Phishing worm spreads through MySpace
Here's a concern for enterprises whose employees may be using MySpace on company time:

Phishers are targeting the MySpace community with a worm that exploits the Javascript support within Apple's embedded QuickTime player as well as a MySpace vulnerability, San Diego, Calif.-based Websense Inc. said in an advisory. Attackers are using the flaws to replace legitimate links on the user's MySpace profile with links to a phishing site.

"Once a user's MySpace profile is infected [by viewing a malicious embedded QuickTime video], that profile is modified in two ways," Websense said. "The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly-infected profile may have their own profile infected as well."

An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, Websense said.

Security researchers warn of new Windows flaw
Attackers could cause a denial of service by exploiting a new flaw in Microsoft Windows, security researchers warned in advisories over the weekend.

According to Danish vulnerability clearinghouse Secunia, the flaw is caused by an error in the handling of "RpcGetPrinterData()" RPC requests within Windows' Print Spooler service (spoolsv.exe). "This can be exploited to consume almost all available memory via a specially crafted packet, which may result in a system crash," Secunia said.

Secunia confirmed the flaw on a fully patched Windows 2000 SP4 system, and said other versions may be affected as well.

Secunia and the French Security Incident Response Team (FrSIRT) recommended users mitigate the threat by restricting access to the service or by disabling the Print Spooler service.

EveryDNS is hit by massive botnet attack
Botnet masters launched a fierce distributed denial-of-service (DDoS) attack over the weekend against Web sites using the free domain name management services of EveryDNS and sister company OpenDNS, which runs the PhishTank anti-phishing initiative. The attack ultimately affected thousands of sites, according to a report in eWeek. While the home page and blog for OpenDNS were knocked down for more than an hour Dec. 1, the company's core DNS resolution service seems to have escaped damage.

Attacks are continuing, but the company has managed to contain it through high-level traffic filtering and modifications at the DNS level, eWeek reported.

Tags: Emerging Information Security Threats,  Identity Theft and Data Security Breaches,  Malware, Viruses, Trojans and Spyware,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Emerging Information Security Threats Antispyware buying guide for Indian enterprises ATM malware lets attackers take over machines FTC shutters rogue ISP for hosting malicious content, botnets The failing war against cybercriminals White House cybersecurity czar faces major hurdles Cybercrime and threat management The Pipe Dream of No More Free Bugs Face-off: Who should be in charge of cybersecurity? Federal efforts to secure cyberinfrastrucure Adobe working on patch to correct new zero-day flaw Identity Theft and Data Security Breaches TJX to pay $9.75 million for data breach investigations Man pleads guilty in online banking hacking scam White House cybersecurity czar faces major hurdles Heartland breach cost $12.6 million, CEO says An inside look at security log management forensics investigations LexisNexis investigates breach, notifies thousands Senators hear call for federal cybersecurity restructuring Former Federal Reserve Bank employee arrested Attackers cash in on fundamental data handling mistakes, Verizon finds Courts turn aside data breach suits Malware, Viruses, Trojans and Spyware How to defend against rogue DHCP server malware New Trojan stealing FTP credentials, attacking FTP websites Cybercriminals exploit Michael Jackson, Farrah Fawcett deaths When BIOS updates become malware attacks Antispyware buying guide for Indian enterprises PCI compliance requirement 5: Antivirus Hacker attack techniques and tactics: Understanding hacking strategies Rootkit Hunter demo: Detect and remove Linux rootkits Botnet threats and countermeasures Conficker worm much smaller than feared

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary DNS rebinding attack  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) man in the browser  (SearchSecurity.com) phlashing  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary