Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Phishers and scammers use bleak economic news to lure victims

Scammers using gloomy economic news to lure victims Patches from Mandriva, Ubuntu Prominent Web sites found to have serious coding flaw, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 10/02/2008
Sign up for this newsletter now!

Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Today's malware news:

Scammers using gloomy economic news to lure victims
Not surprisingly, scammers and spammers (or are they one in the same?) are jumping on the bleak economic news as a means of delivering their wares. Network World, 10/02/2008.

The Forrester Wave: Web Filtering, Q2 2009: Download now

419 Scammer Via Skype
Well that's typical, I go on holiday and the moment I switch a PC on to check something, this appears in Skype. The SpywareGuide Greynets Blog, 09/29/2008.

Did You Catch Some Phish?
The evolution of a phishing attack is quite straightforward. At first, the fraudsters compromise a vulnerable server and deploy a package called a "phishing kit," which contains a clone application of the targeted institution. Symantec Security Response, 09/29/2008.

Related Content

419 Scammers Hack Email, Target Friends & Family With Request For Money
This is a particularly disturbing scam that's been passed my way, courtesy of reader MTGarden. The scammers in question hacked a colleague's e-mail account, then sent out a request for money to the people on the hacked account's contact list, claiming they were overseas and without cash. The SpywareGuide Greynets Blog, 10/01/2008.
**********

Today's bug patches and security alerts:

Two new patches from Mandriva:

pam_mount (authentication bypass)

OpenAFS (denial of service)
**********

Two new updates from Ubuntu:

nasm (one off vulnerability, code execution)

Thunderbird (multiple flaws)
**********

From the interesting-reading department:

Prominent Web sites found to have serious coding flaw
Two Princeton University academics have found a type of coding flaw on several prominent Web sites that could jeopardize personal data and in one alarming case, drain a bank account. The type of flaw, called cross-site request forgery (CSRF), allows an attacker to perform actions on a Web site on behalf of a victim who is already logged into the site. IDG News Service, 09/30/2008.

FAQ: Clickjacking - should you be worried?
Last week, a pair of security researchers spread the news that a new class of vulnerabilities, called "clickjacking," puts users of every major browser at risk from possible attack. Computerworld, 09/29/2008.

Also: Clickjacking vulnerability to be revealed next month

Five mistakes security pros would make again
Ten years ago, Michael Riva was network administrator for a top-five American consultancy. Employees were downloading graphic pictures and videos onto the network. Riva told his boss a proxy server with content filtering might be in order; his boss laughed and suggested they put in a bigger file server instead. CSO, 09/29/2008.

Jason Meserve is multimedia editor at Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comments (1)
Login
Forgot your account info?

Taking new whats?By Anonymous on October 2, 2008, 10:26 am"take new tacts" ? I think you meant to use the nautical term, "tack." I'm surprised that even passed a spellcheck.

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed