Mass compromises have not been in the news of late but a new wave recently hit the headlines. According to news reports, users running the popular blogging platform WordPress have been hit with an attack that modifies a setting within the application that contains the URL of a blog.
In compromised sites, this setting is changed to point to a malicious website. This redirects all would-be blog readers to the said website, which contains scripts leading to a malicious file detected ...
Less than a month after the so-called “Iranian Cyber Army” reportedly “hacked” the popular micro-blogging site, Twitter, they are back with another attack, this time against another Internet giant, Baidu. Baidu is China’s most popular search engine, as 62 percent of the total number of Web searches in the country are done with it compared with Google’s 29 percent share, according to research firm Analysys International.
Some days ago, users who tried to access Baidu were instead redirected to the following ...
Trend Micro threat analysts come across a huge number of phishing cases that feature nearly identical domain names every day. In a Web reputation manual verification exercise, analysts found that three of the most popular phishing targets to date were Chase, the Internal Revenue Service (IRS), and, just recently, Web hosting sites.
To launch such an attack, cybercriminals use the phishing URL format cpanel.{attacked_company}.{phishingdomain}/scripts/cpanel-ftp-confirmation.php.
In this kind of attack, the phishing URL loads a page where users are asked to enter the ...
Trend Micro threat analysts found several phishing sites registered in China that target specific people or companies. The said email can customize phishing URLs using the names of intended recipients via a technique called “spear phishing.”
Spear phishing has been used by cybercriminals before in attacks that involved specific targets. In the previous post, “So Is It Twitter or Facebook?,” for instance, cybercriminals exploited Twitter’s direct message function to inform users that their pictures were seen on another website, the link to which is ...
A specially crafted .PDF file, detected by Trend Micro as TROJ_PIDIEF.ASP, was recently found to be hosted by several Indian, Thai, and New Zealand websites.
The Trojan takes advantage of critical vulnerabilities in Adobe Reader 9.1.3 and Acrobat 9.1.3; Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh, and UNIX; and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh. These vulnerabilities can cause the application to crash and can potentially allow an attacker to take control of an affected system. Adobe ...
