Cyber criminals are selling made-to-order malware plug-ins to steal personal information from online banking customers, a reflection of a maturing black market in which the best developers can demand the highest prices, security vendor Trusteer says. Depending on the sophistication, the Web-inject plug-ins cost as much as $2,000 and support several malware platforms, such as…

A threat is saving files into the printer spooler directory – certain printer applications are set to print any files appearing in this directory, including the binary in the form of ASCII characters. This situation may be overwhelming printers, rendering them unusable, and impacting business operations. The printing of random binary data is likely a unintended side…

Grep is a powerful command-line tool in Unix and Linux used for searching and probing data sets for lines that matches a regular expression. As a short history, this utility was coded by Ken Thompson on March 3, 1973 for Unix. via Simple Kung Fu Grep for Finding Common Web Vulnerabilities & Backdoor Shells |…

Security researchers have published detailed information about how Flame malware spreads through a network by exploiting Microsofts Windows Update mechanism. Their findings answer a key question: How could Flame infect fully patched Windows 7 machines? via Experts show how Flame malware fakes Windows.

Several readers mentioned that Microsoft today issued a Security advisory regarding Microsoft XML Core Services (MSXML). This is in response to active exploitation. The issues affects Office 2003 and 2007 on all versions of windows. All a user has to do to fall victim is visit the wrong website using IE. via ISC Diary |…

Microsoft is aware of active attacks that leverage a vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker…

The U.S. Computer Emergency Readiness Team CERT has issued an alert for a dangerous guest-to-host virtual machine escape vulnerability affecting virtualization software from multiple vendors. The vulnerability, which affects 64-bit operating systems and virtualization software running on Intel CPU hardware, exposes users to local privilege escalation attack or a guest-to-host virtual machine escape. via US-CERT…

Duqu and Stuxnet raised the stakes in the cyber battles being fought in the Middle East – but now we’ve found what might be the most sophisticated cyber weapon yet unleashed. The ‘Flame’ cyber espionage worm came to the attention of our experts at Kaspersky Lab after the UN’s International Telecommunication Union came to us…

Attention Microsoft Windows administrators: Stop what you’re doing and apply the new — and very critical — MS12-020 update. Microsoft is warning that there’s a remote, pre-authentication, network-accessible code execution vulnerability in its implementation of the RDP protocol. via Microsoft warns: Expect exploits for critical Windows worm hole | ZDNet.

While I started working on comparing various OS X hardening guides see the prior diary from a couple of days ago, Apple announced one important new security feature in OS X 10.8 Mountain Lion. The new operating system to be released this summer will include a white listing system based on iOS. iOS has received…