Domain: trustedsource.org
Stories and comments across the archive that link to trustedsource.org.
Stories · 3
-
Obama Beats McCain In Spam Landslide
An anonymous reader writes "The New York Times runs an article about the spammers' choice of presidential candidate. From the article: 'According to Secure Computing Corp., spammers were nearly seven times more likely to slap Obama's name in the subject line than McCain's during September. The bulk of Obama's lead in the spam wars came from a massive blitz early in the month.' Secure Computing released additonal numbers for the past weeks, and McCain was able to close the gap in the latest spammers' poll." -
PDF Exploits On the Rise
An anonymous reader writes "According to the TrustedSource Blog, malware authors increasingly target PDF files as an infection vector. Keep your browser plugins updated. From the article: 'The Portable Document Format (PDF) is one of the file formats of choice commonly used in today's enterprises, since it's widely deployed across different operating systems. But on a down-side this format has also known vulnerabilites which are exploited in the wild. Secure Computing's Anti-Malware Research Labs spotted a new and yet unknown exploit toolkit which exclusively targets Adobe's PDF format.'" -
New SQL Injection Attack Fuses Malware, Phishing
PainMeds tips a recent post in Secure Computing's research blog describing a new SQL injection attack that had infected thousands of MSSQL-based web servers by last weekend, turning them into malware delivery systems. The attack apparently rewrites the server's Web pages to include JavaScript which pushes malware to the visitor as if it were from the genuine site. Sites using Sybase might possibly be vulnerable, as it uses the same exploited syntax that MSSQL does. The post includes an example of the attack. Unlike most malware attacks, this one appears to originate from the site the user is actually visiting. From the blog: "'Similar to phishing, this attack takes advantage of the website visitor's trust in the site they are visiting. Instead of phishing for information, however, malware is sent to the client, which the client has a higher likelihood of accepting being from a trusted site... These web pages are associated with Web sites from around the world and supplying various content — including government sites, sales sites, real estate sites, and financial information sites among others."