Blog

September 2010

For the coming month Microsoft plan to release 10 bulletins. Out of the 10 bulletins, four bulletins have been rated “Critical” and six bulletins have been rated “Important”. 7 bulletins are related to “Remote Code Execution” vulnerability and two bulletins are related to “Elevation of Privilege” vulnerability and one is...
“Fake Microsoft Security Essentials Rogueware Alert” pop ups declaring that it was unable to remove Unknown Win32/Trojan threat Once user clicks on clean, it recommends to online scan and shows legitimate AVs names. In addition it also shows free install for Rogue software “Red Cross”, “Peak Protection”, “Pest Detector”, “Major...
MS10-070 security update resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited,...
Many user on Orkut are receiving scraps form their friends with words “Bom Sabado!”. The word “Bom Sabado” means “Good Saturday” in Portuguese. This is a Worm which has attacked the social networking service today. The worm seems to be posting scraps with the text “Bom Sabado” and also adding...
We have analyzed a suspicious email in our security lab that email shown below Above email has an attachment. This attachment is a zip archive which contain a trojan oficla variant. This trojan has a Microsoft word file icon. Upon execution it downloads below script file. http://ilovelasvegas.ru/web/St/bb.php?v=200&id=881716830&b=23avgust&tm=72 The script contains...
The phishing community has discovered new way to collect the information from victims. They now are using Online Form Site Builder service to create form and collect victim’s data. We received a mail targeting ICICI bank user, which contained a html file as an attachment. The subject line of the...
A critical vulnerability (CVE-2010-2883) exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and Unix and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. Currently we have not...
Yesterday I received a mail regarding “Payment Processed by Visa Bill Pay” as below… If one open this file then a Trojan get installed on system in application data folder, this Trojan connect to below domain and it may further lead to fake antivirus scams, malicious redirects, viruses, trojans, rogue...