-
Optimizing Cross Site Scripting – and general security practices
We have been working recently on a XSS attack that impacted a huge number of potential victims, as the attack itself has been “optimized†by SEO (Seacrh Engine Optimization) practices that pushed it to Google’s indexes. In itself, this is not a new technique, but the sheer size of it made us take a second…
-
Crimeware server and the international man of mystery
While conducting research for the latest Malicious Page of the Month we have just released, we tried to track down the origins of the crimeware. Obviously, this is a daunting task by itself, and although sometimes security researchers are able to point at specific people as the ones running the criminal activity, it does not…
-
The impact of just 5 random letters…
We have been watching in amazement the impact our latest Malicious Page of the Month had on the industry and media. From coverage at Fox Business News, and the Washington Post, all the way to the more “traditional” security outlets such as SecurityFocus, SC Magazine and bloggers such as Dancho Danchev. The scary thing is the…
-
And the winner for “top virus” of 2007 is…
Not a virus. Not even a malware. Neither is the runner up… It’s the method of how malware is populated. According to a report, the most common malware attack in 2007 is the notorious IFRAME. On our monthly and quarterly reports we provided more in-depth analysis of such top-ranking IFRAME and obfuscated code. In Finjan’s…
-
New Orkut worm takes us back in the wayback machine
I just love it how old news are recycled with a bit of a flare when they become relevant again. The latest Orkut worm reports talk about the technique that the worm writer has used to distribute its code. Quoting from the original article above: “It then downloads and executes a heavily obfuscated JavaScriptâ€â€¦ looking…