A new Internet Explorer zero-day exploit has been spotted in a compromised website of the US Department of Labor.
When users visit the compromised website, it loads a malicious script which Trend Micro detects as JS_DLAGENT.USR. This particular script was hosted on the compromised site itself. It loads another script (this time, hosted on a malicious server) detected as JS_KILLAV.AA.
Once executed, JS_KILLAVA.AA obtains specific information from the infected machine such as the installed Adobe Reader and Flash version as well as security ...
Windows XP is officially on its last legs - as far as Microsoft is concerned. There is less than a year remaining before official support ends for the 11-year-old operating system on April 8, 2014.
For users, the biggest impact of this will be that Microsoft will no longer release security updates for Windows XP vulnerabilities after that date. This wouldn't be a problem, if it weren't for the fact that so many users are still using XP. Net Applications data ...
Two of the hottest buzzwords circulating in the IT world today are “SCADA” and “cloud computing.” Combining the two technologies has been talked about and is starting to garner more attention because of the potential cost savings, system redundancy, and uptime benefits.
Like most IT companies, industrial control system (ICS) devices can benefit from cloud use. The cloud is and will remain a viable business additive for traditional IT worldwide. SCADA devices do not differ from IT devices in that they ...
With the amount of media coverage surrounding this year’s papal conclave and inauguration, it’s hardly a surprise that cybercriminals have taken advantage of this event to victimize users. We recently spotted spam that use newly-elected Pope Francis as the subject.
These email messages use the new pope and controversies surrounding the Catholic Church to pique the recipients’ curiosity. To convince users of the legitimacy of the emails, these cite CNN as the alleged source. A screenshot of an email can be ...
Industrial Control System (ICS)/SCADA systems have been the talk of the security community for the last three or more years due to Stuxnet, Duqu, and other similar noteworthy attacks. While the importance and lack of security around ICS systems are well documented and widely known, I’ve been researching Internet-facing ICS/SCADA systems, who’s really attacking them, and why. Recently, I spoke at BlackHat Europe about the same research and wrote a research paper to share my findings.
Without knowing if Internet-facing SCADA ...
