SEARCH RESULTS
 
Showing 1-10 of 83 records
 
Expand article

Notes from IEEE Web 2.0 Security and Privacy Workshop (W2SP2008)

2008-05-27 22:45:00 by Security Retentive in Security Retentive
 
...URLs. He sketched out how to modify OpenID to use email addresses or lookalikes for authentication rather than URLs. Some of his proposals hinge on using DNS lookups for a domain to find the authentication server much like we use MX records for email. While potentially risky, DNSSEC could theoretically be used to mitigate some of the...
 
Tags: browser, browser security models, browser project, browser security model, security models, browser security, security, web, security challenges
 
 
 
 
Expand article

All Your iFrame Are Point to Us

The Article has images
2008-02-11 13:57:00 by Panayiotis Mavrommatis in Google Online Security Blog
...URLs and found more than three million unique URLs on over 180,000 web sites automatically installing malware. During the course of our research, we have investigated not only the prevalence of drive-by downloads but also how users are being exposed to malware and how it is being distributed. Our research paper is currently under peer review,...
 
Tags: malware distribution sites, malware distribution, malware, anti-malware team, malware payload, chinese web servers, servers, regular web sites, web sites
 
 
 
 
Expand article

Internet Censorship

2008-04-07 05:00:32 by schneier in Schneier on Security
 
...URLs or entire domains than it is to block information on a particular topic. Some countries block specific sites or URLs based on some predefined list but new URLs with similar content appear all the time. Other countries -- notably China -- try to filter on the basis of keywords in the actual web pages. A halfway measure is to filter on the...
 
Tags: internet censorship, censorship, internet censorship measures, enable internet censorship, internet, prevent anonymous internet, internet access, global internet, net interprets censorship
 
 
 
 
Expand article

Introducing Google's online security efforts

The Article has images
2007-05-21 09:43:00 by A Googler in Google Online Security Blog
...URLs. Using targeted feature extraction and classification, we select a subset of URLs believed to be suspicious for in-depth investigation. So far, we have investigated about 12 million suspicious URLs and found about 1 million that engage in drive-by downloads. In most cases, the web sites that infect your system with malware are not...
 
Tags: activity, malware activity, web servers, servers, malware, anti- malware effort, malware distribution servers, sites, web sites
 
 
 
 
Expand article

How effective is the wisdom of crowds as a security mechanism?

2007-12-21 15:26:10 by Tyler Moore in Light Blue Touchpaper
 
...URLs from suspected phishing websites and vote on whether the submissions are valid. The idea behind PhishTank is to bring together the expertise and enthusiasm of people across the Internet to fight phishing attacks. The more people participate, the larger the crowd, the more robust it should be against errors and perhaps even manipulation...
 
Tags: phishtank, phishtank compare, leaves phishtank, users, phishtanks users, vote maliciously, vote, active users, urls
 
 
 
 
Expand article

Serving Malware Through Advertising Networks

The Article has images
2008-02-18 10:58:53 by HASH0x8bfe2fc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...URLs and dropping malware in real-time Upon registering at xbanners.biz, you're enticed to IFRAME your web property, and point to xtraff.biz/banner.php (67.228.11.176, also responds to interace8.com and cheap-web-host.net ) and xtraff.biz/ads2.htm currently trying to exploit MDAC ActiveX code execution (CVE-2006-0003) through the Neosploit...
 
Tags: malware, php attempt, php, neosploit malware kit, xtraff, exploit, live exploit urls, urls, htm
 
 
 
 
Expand article

Great Trend Micro article on Understanding Malware

2008-08-09 15:33:56 by Doug Woodall in The Spyware Biz Blog
 
...URLs: Ticket to Malware To better understand malicious URLs, it helps to divide them into two broad categories: 1) URLs that use social engineering to initially entice users to click on them, and 2) techniques that do not involve social engineering, but instead employ various technological means
 
Tags: urls, malicious urls, malware, involve social, social, article, entice users, cyber criminals, broad categories
 
 
 
 
Expand article

MDAC ActiveX Code Execution Exploit Still in the Wild

The Article has images
2007-12-05 12:08:56 by HASH0x89e6630 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...URLs are currently active and exploiting CVE-2006-0003 , and despite that it was patched in 11 April, 2006, the last quarter of 2007 showcased the malware authors simplistic assumption that outdated but unpatched vulnerabilities can be just as effective as zero day ones, and when the assumption proved to be true -- take Storm Worm's use of...
 
Tags: exploit, day, day vulnerabilities, htm, malware, malware exploitation kit, single exploit urls, vulnerabilities, storm worm apparently
 
 
 
 
Expand article

The Dutch Embassy in Moscow Serving Malware

The Article has images
2008-01-28 16:07:58 by HASH0x8af6a58 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...URLs, to both, generate fake visits to certain sites that are paying for this, and a live exploit URL as it happens in between Historical preservation of actionable intelligence on who's what and what's when is a necessity. Here are for instance two far more in-depth assessments given the exploits URLs were still alive back then, discussing...
 
Tags: malware, attack, malware attack, media malware gang, redirector script, script, alive iframes, royal netherlands embassy, alive