Category: Threats

Sextortion via Hacking

Sextortion via Hacking

At least 186 women and 44 girls were caught in a bizarre scheme by 31 year old Santa Ana CA resident Luis Mijangos who attempted to extort pornographic videos from his victims. Mijangos, a paraplegic due to a gang shooting, was arrested yesterday following a two year investigation by the FBI, is charged with extortion and faces a maximum of two years in federal prison.

114,000 iPad Owners: The Script that Harvested Their E-mail Addresses

114,000 iPad Owners: The Script that Harvested Their E-mail Addresses

Here is the script referenced in the Gawker story from earlier that describes how a number of early iPad 3G subscribers, including names like Harvey Weinstein, Michael Bloomberg, Diane Sawyer, and Rahm Emanuel had their e-mails revealed via a poorly designed web application hosted by AT&T.

The Proliferation Of Scareware Hits Home

The Proliferation Of Scareware Hits Home

The agitation in the voice on the phone shook me from sleep early Saturday morning: My Uncle the surgeon had a computer problem and he was concerned enough to call. He explained he had been trying to view pictures of a newly renovated base in South Korea when all of a sudden McAfee popped up and did a scan, revealing 28 viruses. But for some reason the new module McAfee wanted him to install wasn’t working because the site wouldn’t accept either of his credit card numbers.

IEPeers – A New Internet Explorer Zero Day Vulnerability

IEPeers – A New Internet Explorer Zero Day Vulnerability

We posted an aside yesterday referencing Microsoft’s recent blog post for new security advisory 981374 referencing a new zero day vulnerability in Internet Explorer versions 6 and 7. New details have emerged since, and the exploit has moved from being what was described as part of “limited targeted attacks” to being widely accessible and available as a new module for the Metasploit framework.

Cmd.exe launched with my Help file.

Press F1 for Help, pwned.

Microsoft published security advisory 981169 yesterday in response to the zero day vulnerability reported a few days prior. The vulnerability is in the help system and can be triggered by luring an Internet Explorer user into pressing the F1 key. Windows 2000, Windows XP SP2 & SP3, and Windows 2003 SP2 with Internet Explorer 7 […]

The “Aurora” IE Exploit Used Against Google in Action

The “Aurora” IE Exploit Used Against Google in Action

The big news hit earlier this week, the attack vector that allowed bad actors presumably from China into the networks of Google, Juniper, Adobe, and some 30 other firms was an Internet Explorer zero day, a use after free vulnerability on an invalid pointer reference affecting IE 6, 7, and 8 but only used in IE 6 according to Microsoft.

Scareware Purveyors, Spammers, and Crooks Take Advantage of Haiti Earthquake

Scareware Purveyors, Spammers, and Crooks Take Advantage of Haiti Earthquake

Bad actors have taken advantage by engaging in search engine poisoning including taking over existing web sites, using techniques that boost search ranking, and installing malicious software using scareware tactics on user’s PC’s. They also set up fake donation web sites. Finally, they employ Spam e-mail, Twitter messages, and related electronic communication methods in order to direct users to these web sites.

Windows 7 SMB Kernel Crash Video

Windows 7 SMB Kernel Crash Video

Back on November 11th, 2009 we confirmed Laurent Gaffié’s remote exploit for Windows that causes a kernel crash. The operating system actually freezes creating a denial of service when for example a user is tricked into clicking on a link to a malicious SMB share on a web page. The SMB client goes into an infinite loop when processing this malformed request according to Microsoft. The video below demonstrates this effect, having a user click a web site link and showing the crash.

Juniper Kernel Crash – scapy Code

Juniper Kernel Crash – scapy Code

Following the Juniper kernel flaw posts, we received a number of inquiries regarding how to determine the option value to use, however we were somewhat reluctant to provide that level of detail. Now that exploit code has been published elsewhere, there is little reason not to answer this question.

JUNOS (Juniper) Kernel Crash Video

JUNOS (Juniper) Kernel Crash Video

We have noted some interesting responses since our post yesterday detailing the information in Juniper bulletin PSN-2010-01-623 and our thoughts on its somewhat understated effect. Since our post yesterday, the bulletin has been updated, becoming more specific about the versions affected (basically excluding JUNOS version 10.x and versions no longer supported by Juniper). We have tested all 256 permutations of the Options field in the TCP header, and reproduced the kernel crash, which is demonstrated in the video below.

Page 1 of 212