Google researchers expose unpatched flaws in Adobe Reader | Application security – InfoWorld

Two Google security researchers have accused Adobe of failing to fix various reported vulnerabilities in Adobe Reader in a timely manner and are using the delay as justification to publicize details behind the security holes. The duo also has recommended that users avoid Reader until Adobe rolls out patches.

via Google researchers expose unpatched flaws in Adobe Reader | Application security – InfoWorld.

Chromium Blog: The road to safer, more stable, and flashier Flash

A little more than two years ago, engineers on the Chrome team began a very ambitious project. In coordination with Adobe, we started porting Flash from the aging NPAPI architecture to our sandboxed PPAPI platform. With last week’s Chrome Stable release, we were finally able to ship PPAPI Flash to all Windows Chrome users, so they can now experience dramatically improved security and stability as well as improved performance down the line.

via Chromium Blog: The road to safer, more stable, and flashier Flash.

Microsoft: Windows, Mac malware gets in via Adobe, Java, Office | ZDNet

Microsoft has been doing some research into all the recent cross-platform malware 1, 2, 3 that attacks Windows, Macs, and sometimes even Linux. The company has concluded that current attacks exploit third-party vulnerabilities in software on these platforms. There are two ways the malicious code is being delivered, according to the software giant: via the Web and via e-mail attachments.

via Microsoft: Windows, Mac malware gets in via Adobe, Java, Office | ZDNet.

Web exploit figures out what OS victim is using, customizes payload | Ars Technica

Security researchers have found a live Web exploit that detects if the target is running Windows, Mac OS X, or Linux and drops a different trojan for each platform.

The attack was spotted by researchers from antivirus provider F-Secure on a Columbian transport website, presumably after third-party attackers compromised it. The unidentified site then displayed a signed Java applet that checked if the users computer is running Windows, Mac OS X, or Linux. Based on the outcome, the attack then downloads the appropriate files for each platform.

“All three files for the three different platforms behave the same way,” the researchers wrote in a blog post. “They all connect to 186.87.69.249 to get additional code to execute. The ports are 8080, 8081, and 8082 for OS X, Linux, and Windows respectively.”

via Web exploit figures out what OS victim is using, customizes payload | Ars Technica.

Sykipot is back – Alienvault Labs

It has been a while since we published information about Sykipot. The last time we blogged about it, we discovered a variant that was able to bypass two-factor authentication to access protected resources on the victim’s network.

We have detected a new wave of Sykipot campaigns that has been running during the past weeks. There are several changes between the new Sykipot campaigns and the older ones.

The first difference is that in previous campaigns the Sykipot authors mainly used file-format exploits to gain access to the systems through spearphishing mails.

via Sykipot is back – Alienvault Labs.

New Mac OS X Backdoor Being Used for an Advanced Persistent Threat Campaign

Cyberthreats targeting the Mac OS X platform continue to appear in various types of attacks and techniques. On June 27, 2012, Kaspersky Lab’s experts intercepted a new wave of Mac OS X attacks targeting Uyghur activists that were part of an Advanced Persistent Threat (APT) campaign.

The APT attackers were sending customized emails to a select number of Uyghur activists who were presumed Mac users. The targeted emails included ZIP attachments inside them, which contain a malicious Mac OS X backdoor. To disguise the malware, the ZIP file showed a JPEG photo together with the malicious application.

via New Mac OS X Backdoor Being Used for an Advanced Persistent Threat Campaign.

Layer 8: FBI busts 24 in massive international online financial crime takedown

The FBI today said it directed what it called the largest coordinated international law enforcement action in its history directed at online “carding” crimes typically involving stolen credit card, bank account or personal identification information of hundreds of thousands of victims around the world.

The FBI said the allegations unsealed in New York today “chronicle a breathtaking spectrum of cyber schemes and scams.”  As charged, the FBI said the individuals sold credit cards by the thousands and took the private information of untold numbers of people. The defendants casually offered every stripe of malware and virus to fellow fraudsters, even including software-enabling cyber voyeurs to hijack an unsuspecting consumers personal computer camera, the FBI stated.

via Layer 8: FBI busts 24 in massive international online financial crime takedown.