tag:blogger.com,1999:blog-5444458813582258922Thu, 03 Oct 2024 18:13:04 +0000botnetsmalwarescamsecurity appsweb securitymalicious siteswebsensebankingblackhat seobloggercybersecurityfirefoxfraudmiscphishingtwitterBlogs focused on Web Security and Converged Threatshttp://greencloudsecurity.blogspot.com/noreply@blogger.com (Green Cloud Security)Blogger21125tag:blogger.com,1999:blog-5444458813582258922.post-5565016480640356503Thu, 15 Jul 2010 00:38:00 +00002010-07-14T17:38:28.692-07:00Came across this great report on the state of Web Threats this year. One of the key lessons from this report shows how cybercriminals are now focused on compromising existing web servers rather than bringing their own online. In fact, they found 90% of malicious websites are compromised sites. Key reason for this, as explained by Symantec analyst Dan Bleaken: The attraction of knowing that http://greencloudsecurity.blogspot.com/2010/07/symantec-web-threats-2010.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-2979454118479598586Sat, 10 Jul 2010 03:43:00 +00002010-07-09T20:43:31.514-07:00Here's some key stories that unfolded this week in security: YouTube Victim of XSS Attack On Sunday YouTube fell victim to a XSS attack redirecting users to different sites from fake anti-virus pages to porn to Canadian pharmacy. Google patched up the problem relatively quickly but the backlash on Twitter was tremendous. Here's some great posts by SecTechno, The Register, and thehttp://greencloudsecurity.blogspot.com/2010/07/news-storm.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-8876993694215458543Fri, 09 Jul 2010 01:17:00 +00002010-07-08T18:17:01.607-07:00Symantec recently released their Message Labs Intelligence report, highlighting some key stats in email and web based threats. According to the report the global spam rate is now 89.3%, with 80% of these being pharmaceutical spam. The report also goes into depth on the rash of World Cup threats that amassed in the months before the start of the World Cup. Check out the full report below... httphttp://greencloudsecurity.blogspot.com/2010/07/global-spam-rate-893-according-to.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-3786275149154303425Wed, 07 Jul 2010 02:20:00 +00002010-07-06T19:20:21.681-07:00The long awaited Firefox 4 Beta 1 has been released. This includes tons of changes, including tab placement and other enhancements for CSS and HTML5. Download link and release notes are linked below...check it out! http://www.mozilla.com/en-US/firefox/all-beta.html http://www.mozilla.com/en-US/firefox/4.0b1/releasenotes/http://greencloudsecurity.blogspot.com/2010/07/firefox-4-beta-1-released.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-1334583551842176284Wed, 07 Jul 2010 02:06:00 +00002010-07-06T19:06:47.647-07:00Adobe release a patch last week to finally patch to limit the vulnerable Launch action that could be used to run script from Adobe Reader. Turns out the patch is not really complete and the Bkis Blog has found ways around this.  It took Adobe 3 months to issue a patch for this to begin with, are we going to have to wait another 3 months? In the meantime Didier Stevens, who originally http://greencloudsecurity.blogspot.com/2010/07/launch-action-still-vulnerable.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-2020046119172762268Fri, 02 Jul 2010 02:30:00 +00002010-07-01T20:06:19.020-07:00bloggertwitterGetting back into things, some things just weren't lining up in the blog template any longer, so we decided to scrap the whole thing and rebuild using the same template. Strangely enough though, the Twitter widget provided by Blogger doesn't allow any styling, which made the Twitter updates almost impossible to read. After a while of tinkering with the widgets and trying to find the right one tohttp://greencloudsecurity.blogspot.com/2010/07/adding-twitter-updates-with-style.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-8475088306840572296Fri, 02 Jul 2010 02:24:00 +00002010-07-01T20:05:43.633-07:00miscGreen Cloud Security is back after a long layoff, mostly working on other projects. It's exciting to dig back into the site, and security in general. You can expect more of the same posts, coverage on the latest threats, threat reports, security tips and more.  Have a great day everyone!http://greencloudsecurity.blogspot.com/2010/07/were-back.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-2034350729618710764Wed, 21 Oct 2009 02:51:00 +00002009-10-20T19:57:57.816-07:00bankingbotnetsfraudmalwareLast week, Brian Krebs of the Washington Post blogged here advising business owners to perform online banking using a live CD. This excellent advice (IMHO) created quite a stir over the last week. Essentially, banking on a live CD prevents you from becoming susceptible to Windows viruses, while at the same time loading a fresh, non-compromised OS each time. This can almost guarantee that you http://greencloudsecurity.blogspot.com/2009/10/banking-and-virus-scanning-with-live-cd.htmlnoreply@blogger.com (Anonymous)tag:blogger.com,1999:blog-5444458813582258922.post-2156518236720440532Tue, 20 Oct 2009 02:15:00 +00002009-10-19T19:29:50.318-07:00cybersecurity"The lesson is clear, this cyberthreat is one of the most serious economic and national security challenges we face as a nation" (Obama). This is the message that Obama recently declared in a short video on the White House website. He makes it very clear, in the midst of cybersecurity awareness month, that all Americans need to be aware and secure in their online activities. "As consumers we http://greencloudsecurity.blogspot.com/2009/10/obama-stresses-cybersecurity-awareness.htmlnoreply@blogger.com (Anonymous)tag:blogger.com,1999:blog-5444458813582258922.post-7716319231998909082Tue, 20 Oct 2009 00:44:00 +00002009-10-19T17:52:50.714-07:00botnetsmalicious sitesmalwarescamThere are some new Zeus emails going around that folks should be aware of. These emails, as reported by the Securosis blog, pretend to be from a system administrator. The administrator asks them to "run SSl updates procedure" as below. Attention! On October 22, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour. The changes will concern http://greencloudsecurity.blogspot.com/2009/10/new-zeus-scam-emails-and-download.htmlnoreply@blogger.com (Anonymous)tag:blogger.com,1999:blog-5444458813582258922.post-3111105159669273181Fri, 16 Oct 2009 01:20:00 +00002009-10-19T17:48:04.738-07:00botnetsscamweb securityThere is a new twist on the IRS emails that have been delivering zbot and other threats over the last month. In some new emails, reports Gary Warner, the link contained in the message is to Geocities.An example from the CyberCrime & Doing Time blog:hxxp://geocities.com/FreddyCampbell36/ohuloc.htmWhile the users will ultimately end up at the commonly used http://www.irs.gov.blah.blah.co.uk/http://greencloudsecurity.blogspot.com/2009/10/new-twist-on-irs-spam.htmlnoreply@blogger.com (Anonymous)tag:blogger.com,1999:blog-5444458813582258922.post-5742099044467461525Sat, 10 Oct 2009 14:52:00 +00002009-10-10T07:53:00.501-07:00firefoxsecurity appsFirefox recently added the ability to group collections of add-ons for easy sharing. The ISC recently published their recommended add-ons and we've followed in suit. There was a couple additional add-ons, namely FlagFox and KeyScrambler, that are also useful security add-ons. Green Cloud Security Add-Ons: https://addons.mozilla.org/en-US/firefox/collection/greencloudsecurityhttp://greencloudsecurity.blogspot.com/2009/10/green-cloud-security-firefox-add-on.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-1672310483475264291Sat, 10 Oct 2009 14:37:00 +00002009-10-10T07:53:39.187-07:00blackhat seowebsenseWebsense published their monthly report, "This Month in the Threat Webscape". September saw a number of new attacks and an increase in some old ones. One of the most well known and documented problems this month was blackhat SEO poisoning with malicious results leading to rogue AV and other types of malware. "Searches for current events often lead to malicious Web sites designed to lead people http://greencloudsecurity.blogspot.com/2009/10/spike-in-blackhat-seo-websense-monthly.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-4260696302575447720Fri, 09 Oct 2009 16:15:00 +00002009-10-10T07:52:46.259-07:00security appsComcast is beginning the launch of a new service to notify users when of compromised computers and botted machines. The service, called Comcast Constant Guard, has started an initial roll out in the Denver area. Infected customers will be notified via a pop-up message in a browser, and given links to go to the Anti-Virus Center to repair the problem. This will give notification to those not http://greencloudsecurity.blogspot.com/2009/10/comcast-monitoring-users-for-malware.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-6224468656368447592Wed, 07 Oct 2009 02:20:00 +00002009-10-10T07:53:22.468-07:00phishingweb securityThe Anti-Phishing Working Group (APWG) released their first half "Phishing Activity Trends Report" with some startling statistics. For those that have not heard of the APWG, the organization devoted to the elimination of phishing and identity theft scams. The report gives statistics on many trends inlcuding phishing trends, rogue AV, keyloggers and others and fully reinforces the fact that the http://greencloudsecurity.blogspot.com/2009/10/web-threats-booming-apwg-first-half.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-7056307659367517627Tue, 06 Oct 2009 01:27:00 +00002009-10-19T17:48:14.853-07:00botnetsmalwareWebroot has discovered a new trojan that performs a variety of malicious tasks. One of the primary functions is to crack captchas so that forms of all types can be submitted by the attacker. The trojan will download a specific set of instructions from the internet including which sites to attack, and then operate in the background - attempting to connect to targeted sites. That is not the only http://greencloudsecurity.blogspot.com/2009/10/evolutionnew-multi-function-trojan.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-4008330468614671378Thu, 01 Oct 2009 00:26:00 +00002009-09-30T17:50:15.040-07:00security appsThere has been a lot of news lately surrounding key logging trojans including Zbot, Clampi and others. These trojans are designed to steal authentication credentials and other sensitive information, especially for banking and social networking sites leaving users scrambling for ways to protect themselves. The highlights of these news articles has been how easily these trojans can evade http://greencloudsecurity.blogspot.com/2009/09/protect-against-keylogging-trojans-with.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-8186267478306449649Sun, 27 Sep 2009 15:50:00 +00002009-09-27T08:57:49.272-07:00botnetsmalwareThe Zbot Trojan, aka Zeus or WSNPoem, is the world's largest and most dangerous malware. A recent whitepaper by Trusteer, who specializes in securing online transactions, proven the Zbot trojan has an incredibly low detection rate amongst anti-virus scanners. Trusteer reports that 3.6 million PCs are infected in the US alone, and even up to date anti-virus scanners cannot stop it. "Installing anhttp://greencloudsecurity.blogspot.com/2009/09/zbot-trojan-worlds-most-dangerous.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-8704346475729061915Thu, 24 Sep 2009 02:57:00 +00002009-10-19T17:47:37.527-07:00malicious sitesscamA new list of IRS Scam and Zbot domains was recently posted on malwareurl.com. These are interesting as the domain names are altered only slightly and end in .eu. There are a total of 28 domains and 20 unique IP addresses. yoky1w.eu 79.117.171.75 mi11f1.eu 187.64.34.106 mi11fa.eu 187.64.34.106 mi11fd.eu 79.184.58.166 mi11fe.eu 187.64.34.106 mi11ff.eu 85.106.95.114 mi11fi.eu 194.54.48.50 http://greencloudsecurity.blogspot.com/2009/09/newly-listed-irs-scam-and-zbot-domains.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-4719673825422337695Tue, 22 Sep 2009 02:50:00 +00002009-09-21T19:54:53.731-07:00web securitywebsenseAs internet threats continue to evolve it's becoming clear that web threats and blended threats are becoming the most predominant danger to network security. Green Cloud Security and this blog are dedicated to the proliferation of information about web security issues - increasing awareness for both network administrators and regular internet users. The creation of this blog comes on the heels http://greencloudsecurity.blogspot.com/2009/09/introductory-post.htmlnoreply@blogger.com (Green Cloud Security)tag:blogger.com,1999:blog-5444458813582258922.post-7720513749677292143Sun, 20 Sep 2009 22:07:00 +00002009-10-03T19:13:03.601-07:00Below is a list of resources that can be used to analyze web based threats, viruses and malware. I will update this list continually. Web Analysis Services Virus Total - http://www.virustotal.com/ Wepawet  - http://wepawet.iseclab.org/ Virus.org - http://scanner.virus.org/ JSUnpack - http://jsunpack.jeek.org/dec/api Web Sniffer - http://web-sniffer.net/ Applications and Plugins http://greencloudsecurity.blogspot.com/2009/09/resources_20.htmlnoreply@blogger.com (Green Cloud Security)