Facebook scams becoming increasingly multilingual

March 31st, 2011 Tim Posted in Industry News, Kaspersky No Comments »

When I was checking Facebook this morning, I spotted some friends posting the same message all over their friends’ walls. Well, another likejacking scam I assumed. So I did what I usually do when this happens, I wrote them a quick note telling them to clean up their Facebook apps and delete the wall posts. Nothing spectacular so far, as this happens on quite a regular basis. But wait…

A Web of (Mis)Trust – Comodogate Part II

March 30th, 2011 Kurt Baumgartner Posted in Industry News, Kaspersky No Comments »

Since we posted about the compromised CA incident and related browser fixes, the incident has been labeled “Comodogate”. Quite a bit of information has been released since then. There is even a voice that claimed responsibility for the breach, allegedly describing his attack and proving his success by disclosing a private key.

The CEO of Comodo (the Certificate Authority compromised in this incident) stirred an alphabet soup of speculation regarding attribution, or who may have performed the break-in and their motivations. At one point, he even compared the recent RSA incident as related, claiming the entire authentication layer of the internet is under attack. While the RSA-gate incident may seem to be coming from another, yet connected, part of the world, it was another attack on the trust inherent in authentication and cryptography services. There is more than a kernel of truth to the statement.

New webcast – The Truth about Malware and Linux

March 30th, 2011 Tim Posted in Industry News, Kaspersky No Comments »

In this Q&A session with Ryan Naraine, Kaspersky Lab malware researcher David Jacoby dispels the myth surrounding Linux as a malware-free platform and makes the case that misconfigurations and other security problems on Linux contributes to the malware epidemic on Microsoft’s Windows operating system.

Malvertizing Continued – Spotify’s Ad Networks Outed

March 25th, 2011 Kurt Baumgartner Posted in Industry News, Kaspersky No Comments »

Over the past couple months, some advertising networks have been distributing ads that redirect browsers to sites hosting exploits.

Spotify’s advertising network was most recently outed (note that it is the third party banner ads rotating through the client’s ad frames). Most of the redirections we have been been monitoring have sent users to a variety of servers in the .cc TLD. We have been working with providers to ensure the ads aren’t on their networks, but the groups have been active in rotating malvertizing banners through multiple networks.