Drive-by Trojans exploit browser flaws

Grok Headline matches for Drive-by Trojans exploit browser flaws

Infected websites exploit Microsoft
browser flaws

Infected websites exploit Microsoft
browser flaws 06/27/2004 09:35 AM

Another browser exploit: this time it's
Mozilla

Another browser exploit: this time it's
Mozilla 07/09/2004 11:41 AM
Recent browser security bulletins have focused on Internet Explorer. Now there is news of an exploit (with a patch available) for Mozilla browsers running on Windows XP.

Opera fixes browser flaws

Opera fixes browser flaws 06/17/2005 04:29 PM
Several security holes, including ones that could be used in spoofing attacks, are plugged in browser update, company says.

Microsoft faces up to browser flaws

Microsoft faces up to browser flaws 07/22/2004 09:40 AM
Mass migration to Windows XP could raise serious security questions for users week, another security patch! Microsoft has been pressed into action to release yet another patch to plug a hole in its Internet Explorer 6 web browser, which has accumulated an impressive record of holes: over 150 since 18 April 2001. What is more, it is not even a final solution to the latest in a catalogue of security compromises and back doors created by what should be a harmless, albeit essential, piece of PC software. At Microsoft's TechEd developer conference in Amsterdam earlier this month, I took time out to have a frank discussion with Detlef Eckert, senior director of trustworthy computing at Microsoft about the continuing security problems that are blighting the world's biggest software developer. Right now the company is almost fanatically committed to completing service pack 2 for Windows XP, the most security-focused update the company has ever released for one of its products. The new service pack will introduce a new, more powerful firewall, with basic predictive scanning capabilities, it will enable almost every security feature by default, including the firewall and will also address many existing security glitches in the operating system through a combined patch install, which providing users actually install the service pack, will address any lax patching over the last year.

IE Flaws Boost Browser Switching

IE Flaws Boost Browser Switching 07/07/2004 04:14 PM
Alternative browsers such as Mozilla and Opera are seeing a huge swell in downloads, but they say security holes in Internet Explorer are nothing new and haven't stopped it from taking 95 percent of the market share.

Microsoft patches three critical browser
flaws

Microsoft patches three critical browser
flaws 07/30/2004 03:44 PM
The software giant hopes that the trifecta of fixes will lasso the Download.Ject Trojan horse.

Browser Flaws Spoil Opera Tune

Browser Flaws Spoil Opera Tune 06/17/2005 04:48 PM
The new version of the alternative Web browser fixes several known cross-site scripting and window injection vulnerabilities.

[Exploit]: Microsoft FPSE fp30reg.dll
Overflow Remote Exploit (MS03-051)

[Exploit]: Microsoft FPSE fp30reg.dll
Overflow Remote Exploit (MS03-051) 11/15/2003 02:20 PM
Adik (Nov 14 2003)

[Exploit]: DameWare Mini Remote Control
Server Overflow Exploit

[Exploit]: DameWare Mini Remote Control
Server Overflow Exploit 12/19/2003 06:25 PM
Adik (Dec 19 2003)

Those trojans know how to screw.......

Those trojans know how to screw....... 04/20/2004 02:00 PM
up a perfectly running computer and make me waste three hours getting rid of the damn thing! What? You thought...

Of Trojans and Horses

Of Trojans and Horses 04/10/2004 02:18 AM
So a proof of concept Mac specific trojan has been created. Find it on Google Groups. Here's the problem. A Mac file can have...

Exploit: AIM Exploit (Ignore Previous
Post)

Exploit: AIM Exploit (Ignore Previous
Post) 09/02/2004 12:07 PM
John Bissell (Sep 01 2004)

Worms turn as Trojans take over

Worms turn as Trojans take over 01/05/2005 08:31 AM
Personal Computer World Jan 5 2005 12:48PM GMT

One in three PCs hosts spyware or
Trojans

One in three PCs hosts spyware or
Trojans 06/16/2004 07:02 AM
vnunet.com Jun 16 2004 11:03AM GMT

Protect Your PC from Spyware and Trojans

Protect Your PC from Spyware and Trojans 07/13/2004 03:44 AM
PC Tools has released Spyware Doctor v2.0, a powerful Windows spyware detection and removal utility that cleans thousands of potential Spyware, Adware, Trojans, Keyloggers, Spybots, and tracking threats from your PC. [PRWEB Jul 13, 2004]

Spams, Phishing, and Trojans

Spams, Phishing, and Trojans 05/05/2004 02:36 AM

This Netcraft article titled Phisher Kings compares growth of phishing with that of spamming (via Paymen ts News).  It's not surprising to me since I think phishers who rely mostly on social engineering used to be spammers.  However, phishers using trojans, like the one described in this Code Fish Spam Watch article, are not.  They are hackers using e-mail to find their victims.

Using trojans to harvest passwords and credit card numbers is, fortunately, not as deadly as it might seem at first glance.  Why?  Because trojans require more technical knowledge, higher cost of maintenance, and higher cost of labor necessary to mine the returned data.  It's all glory and little in return.

In comparison, phishers with spamming background tend to focus on what really matters, the ROI numbers.  Instead of wasting days and weeks to write and finetune trojans, they use a web page editor to create their lures and receive their loots in ready to use form.

There is a more dangerous group of potential phishers we need to keep an eye out for: telemarketers.  While most spammers operate blindly, telemarketers leverage information to choose and attack their victims more intelligently.  Phishers with telemarketing background are more likely to be spear-phishers, phishers who target rich victims with tailored attacks.

When they come for you, they will know your name, where you live, what finanicial services you are using, and more.

Distributed trojans (not that kind)

Distributed trojans (not that kind) 12/08/2003 03:36 PM
Peer-to-peer networks are the next big thing for virus writers, as profit becomes the first and foremost motivation for malware writers.

Test Drive | Here's help finding things
on car drive or hard drive

Test Drive | Here's help finding things
on car drive or hard drive 12/25/2003 04:27 AM
Philadelphia Inquirer Dec 25 2003 3:36AM ET

EarthLink finds rampant spyware, trojans

EarthLink finds rampant spyware, trojans 04/15/2004 06:33 PM
Internet service provider EarthLink and Webroot Software released a report on Thursday that said an average of almost 28 spyware programs are running on each computer. More serious, Trojan horse or system monitoring programs were found on more than 30 percent of all systems scanned, raising fears of identity theft.

EarthLink uncovers rampant spyware and
trojans

EarthLink uncovers rampant spyware and
trojans 04/16/2004 08:56 AM
Computer Weekly Apr 16 2004 1:05PM GMT

Even More Ways To Exploit The URL
Handler Exploit

Even More Ways To Exploit The URL
Handler Exploit 05/21/2004 11:34 AM

RIAA/MPAA Contractor Deploys Malicious
Adware Trojans

RIAA/MPAA Contractor Deploys Malicious
Adware Trojans 12/31/2004 04:34 PM
Slashdot Dec 31 2004 8:10PM GMT

Win DRM hides malicious trojans, RIAA
deploys infected music on P2P

Win DRM hides malicious trojans, RIAA
deploys infected music on P2P 12/30/2004 04:48 PM
Cory Doctorow: According to PCWorld and TechDirt, Windows DRM contains a flaw that allows for attakcers to create music files that contain trojans that attack your computer when you play them, and moreover, the usic industry has hired a company called Overpeer to flood the P2P networks with infected fake music files.

Overpeer is the same company that the recording industry has hired in the past to dump fake versions of songs on file sharing networks. What the article doesn't answer is whether or not the industry hired Overpeer to dump spyware on the network as well, but it's likely they're pleased either way. Overpeer defends their actions by saying that anyone obviously deserves what they get because, obviously, they were looking for unauthorized files. It's not clear that everyone would agree. Sneaking malicious files onto someone's computer because "they deserved it!" doesn't seem like a very good justification. What may be even more important to this story, however, is the revelation of just how easy it is, thanks to a huge loophole in Microsoft's copy protection technology, to include a malicious file with an audio or video file. Basically, because Windows DRM needs to look for a license, all anyone needs to do is point that license to a website that loads malicious content and off you go. Thank you Microsoft, for creating a huge loophole that will probably make sure millions of new computers are loaded with spamming, DDOSing trojans shortly.

Link (Thanks, Alex!)

Browser Wars : Wells Fargo Bans Opera
Browser

Browser Wars : Wells Fargo Bans Opera
Browser 02/05/2005 09:42 PM
As of 8am today - Wells Fargo (one of the largest Banks in the United States) began blocking Opera browser from it's online banking.

The browser is dead! Long live the
browser!

The browser is dead! Long live the
browser! 01/02/2004 07:26 PM

With a complete computer system,
including the hard drive, processor and
DVD drive, the iMac G5 is only about

With a complete computer system,
including the hard drive, processor and
DVD drive, the iMac G5 is only about 09/02/2004 05:47 AM
Xinhua News Agency Sep 2 2004 10:20AM GMT

Vosonic X'S-Drive Pro VP 300 40GB Flash
Memory Reading Hard Drive

Vosonic X'S-Drive Pro VP 300 40GB Flash
Memory Reading Hard Drive 06/30/2004 12:37 PM

The Vosonic X'S-Drive Pro VP 300 is 40GB external hard drive that is clunky, cheap-looking, has a crappy text-only integrated screen, plays MP3s, but not WMA, AAC, or OGG Vorbis, and can only read from one card from its card reader at a time. So why would any photographer want it? Because it's cheap, it does the primary job it was designed to do (act as remote backup for memory cards), and can accept as many additional 2.5-inch laptop hard drives as you want to swap into it, meaning that all other things aside, you can purchase this single $335 drive and continue to upgrade it for only the price of additional hard drives.
Read - Hard disk: X'S-Drive Pro VP 300 [BIOS]

MCE slot-loading drive replaces original
iMac drive

MCE slot-loading drive replaces original
iMac drive 06/14/2004 02:50 PM
MCE Technologies is now offering an internal 24x slot-loading CD-R/RW drive for replacing the tray-loading CD-ROM drive in the original iMac (233, 266, and 333MHz, Rev...

Console Drive makes hard drive removable
or external

Console Drive makes hard drive removable
or external 06/04/2004 03:52 PM
Addonics Technologies announced on Friday the release of its Console Drive, which turns a standard 3.5-inch hard drive into either aremovable internal hard drive cartridge or an external hard drive thatconnects to your Mac via USB 2.0 or 1.1, FireWire, SCSI or a PCMCIA slot,depending on the model you choose. Internally, the Console Drive can connectto a Power Mac's Serial ATA slot. In addition, the Console Drive acceptsAddonics' series of Pocket CD, DVD, CD-RW and DVD+/-R/RW drives, all ofwhich are Mac compatible.

BROWSER SECURITY TEST (free):
Automatically checks your browser for
various security problems. When the test
is finished you get a complete report
explaining the discovered
vulnerabilities, their impact and how to
eliminate them

BROWSER SECURITY TEST (free):
Automatically checks your browser for
various security problems. When the test
is finished you get a complete report
explaining the discovered
vulnerabilities, their impact and how to
eliminate them 03/13/2003 10:26 AM

TikiMac Unveils "Big Tiki Drive", the
World's First Hi-Speed USB Flash Drive
in the Form of a Grinning, Glowing Tiki
Idol

TikiMac Unveils "Big Tiki Drive", the
World's First Hi-Speed USB Flash Drive
in the Form of a Grinning, Glowing Tiki
Idol 03/14/2005 06:10 PM
TikiMac today unveiled the Big Tiki Drive, the world's first hi-speed USB compatible storage device in the form of a big, grinning Tiki idol, complete with hypnotic glowing eyes and a blinking "aura", for Macintosh and Windows PC-compatible computers and starting at $59. [PRWEB Feb 23, 2005]

Hitachi 500 gig Drive and 10 gig micro
drive

Hitachi 500 gig Drive and 10 gig micro
drive 01/05/2005 10:32 PM

Seems CES does not consider Endgadget a weblog so they have full access to CES and have lot's of really good CES news. Check out their review of the new Hard Drives announced by Hitachi. [Endgadget]< /p>

Lite-On 4x DVDRW drive to 8x, double
layer DVDRW drive possible

Lite-On 4x DVDRW drive to 8x, double
layer DVDRW drive possible 07/14/2004 03:34 PM

And Now... Another URI Exploit?

And Now... Another URI Exploit? 05/21/2004 11:21 PM

802.11b DoS exploit

802.11b DoS exploit 03/13/2003 10:22 AM
Mark Osborne (Mar 11 2003)

IIS, IE exploit unleashed

IIS, IE exploit unleashed 06/25/2004 12:11 PM
A possible "zero-day" IIS exploit combined with a vulnerability in IE6 is resulting in PCs which visit compromised sites being infected with malware. The code consists of JavaScript appended to image files downloaded from compromised IIS servers.

Serv-U exploit

Serv-U exploit 01/01/2005 04:54 AM
Berend-Jan Wever (Jan 30 2004)

Another Zero-Day IE Scripting Exploit

Another Zero-Day IE Scripting Exploit 06/09/2004 12:43 PM

utilman.exe exploit

utilman.exe exploit 07/17/2004 04:09 PM
Iván Rodriguez Almuiña (Jul 17 2004)
Grok Description matches for Drive-by Trojans exploit browser flaws
GrokA matches for Drive-by Trojans exploit browser flaws

Drive-by Trojans exploit browser flaws

The following phrases have been identified by the grok system as matching this entry: