Protect yourself from targeted phishing attacks, malware, spyware, and more. Bad actors and their tactics continue to become more and more sophisticated. Ensure that you change default passwords, always use encryption, learn about safe browsing habits, and maintain security for your home or business network.
An outage of the Windows Live ID service affected a large number of MSN users today including users of the popular Hotmail email service. Hotmail is one of the largest web based email outlets and not surprisingly news of the outage spread quickly as users were not able to access their email.
Today, zvelo is alerting customers to a new targeted email scam. This newest twist to the common IRS email scam seems to be targeted to organizations, notifying the recipient of a tax evasion complaint being filed against the company. Opening the file infects the user’s machine with dangerous trojans that monitor the infected machine, report back to the attacker and download other malicious payloads.
Since its’ release on January 21st, the newest version of the Firefox web browser has received a great deal of attention. In just a short time it has achieved over 30 million downloads. Adware pushers are capitalizing on the success of Firefox, packing ad serving software in with the program in an effort to increase their reach.
The security community at large and the eSoft Threat Prevention Team have recently noticed an uptick in sites compromised by a new injection attack that results in an injected iframe. This attack can be recognized by its attempts to masquerade the malicious script as GNU GPL or LGPL.
The FDA crackdown on online pharmacy sites has driven a lot of attention to illegal and fraudulent online pharmacies and in particular to their methods for tricking people to visit their sites. These practices include prolific spam and search engine poisoning.
zveloLABS™ has uncovered an additional 1.5 million sites associated with the newest series of SQL injection attacks. Any compromised sites are very dangerous, infecting the user with Trojan.Buzus silently in the background. The Buzus family of trojans can steal passwords, financial data, and other sensitive information.
CoolerEmail is notifying customers of a new phishing scam used to steal login credentials. The web based email marketing program carries an impressive client list including Walmart, Toyota, Pepsi and dozens of other big name brands. Any phished credentials can be used to impersonate these companies in additional phishing or malicious emails.
Yahoo! Marketing users are the target of a new phishing scam being detected today by zveloLABS™. Webmasters receive a very believable notification that their Yahoo Marketing account has expired with a link to login and presumably reactivate the account.
The Koobface gang has struck again using compromised web servers to deliver a potent mix of malware. zveloLABS™ researchers have found hundreds of newly exploited sites hosting malware which includes downloaders, keyloggers and multiple variants of the Koobface worm.
A fresh twitter phishing campaign is underway and using both tweets and direct messages to spread. The messages contain text such as “hah, I think I seen u on here” and “wow you look different on here” together with a link to a video.