Bromium says IE browser 2x more attacks than others

Bromium report has the information plus a lot more. Two items of note in the report: 1. the type of exploits occurring in IE, Java and Flash The security system of the Operating system(ASLR and DEP) was exploited in Zero-day attacks in Internet Explorer(IE). The new Adobe Action Script feature was exploited in Flash And … Read more

New attack vector – Man-in-the-Browser Malware –

OWASP has a good description of Man-in-the-Browser or MITB attacks. I am trying to explain it with an image (this is a fictional account)- 1. the Customer (person trying to go use a financial website) goes to “Bank in USA” website. 2. The “Bank in USA” sends information to create a web interface for Customer. … Read more

Everything Matters – what is important? HP Loadrunner vulnerability

Managers have to make decisions as to what to focus on: HP Loadrunner vulnerability is one of those. specifically 11.52 and here is the money quote:   RESOLUTION HP has provided LoadRunnner patch 11.52 Patch 1 to resolve this issue. Download the patch from HP Software Support Online (SSO). Note: For LR versions before 11.52 … Read more

High exploit vulnerability: Alt-N Security gateway

IBM’s ISS explains the potential problem and with informative links: The problem is the software is vulnerable to a specially crafted HTTP request to SecurityGateway.dll using a long username parameter, a remote attacker can overflow a buffer and execute arbitrary code. This means that a system vulnerable will be potentially owned by hackers in no … Read more

malware hunting for port 32764

Internet Storm Center  has an important current status on a new malware.   It scans for port 32764 and port 23 (telnet) so it can propagate and create more. It also tries to “phone home”   With our help we can scan (Alpha Scan) for any machines that actually respond to this open port (32764) … Read more