Internet Explorer executes code in pictures

A feature in Internet Explorer, which checked the type of file before presenting it to the user, has been found to allow execution of JavaScript embedded in an image. The MIME sniffing functionality was originally meant to compensate for web servers sending out the wrong content type information when they responded to a request for an image. However it now appears that the feature can be easily confused, and that confusion can be exploited through a crafted image file with embedded HTML and JavaScript code that will be rendered and executed by the browser.

heise Security presents a feature, Risky MIME Sniffing in Internet Explorer, which examines the problem, demonstrates it with examples and explains how users and web site developers can mitigate the risk.

Source:
http://www.heise-online.co.uk/news/Internet-Explorer-executes-code-in-pictures–/112614

Posted in Internet, Privacy, Security, Windows | No Comments

Verizon expands anti-DoS protection

Verizon Business has announced a global expansion of its WAN-based service to detect and defend against denial-of-service attacks.

DoS attacks have been around for years but are on the rise with backing from organised groups, including intelligence agencies inside smaller nations that use the attacks as a form of cyber-terrorism against their enemies, Verizon officials and analysts said.

Verizon Business, a unit of Verizon Communications, said it has added a detection component to its DoS Defence service for mitigating DoS attacks. DoS Defense has been available for more than four years and is in use in 22 countries in Europe and the Asia-Pacific region.

In addition to already offering mitigation services in the US, Verizon today began offering both mitigation and detection of denial-of-service in Canada as well.

Source:
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=110661

Posted in Internet, Privacy, Security | No Comments

Google closes critical hole in Chrome

Google has discovered a vulnerability in its Chrome web browser that can allow an attacker to execute his own commands on a vulnerable Windows system. The vulnerability requires that the victim has previously installed Chrome, but is visiting a rigged web page using another browser, such as Internet Explorer.

According to Google, the cause of the problem is, related to the processing of particular URI/URLs in other browsers, through which it is possible to start a new Chrome window with an arbitrary address. By adding certain parameters, it can be possible to start and stop programs on the users system, such as a FTP program, which could open a back door. Google has fixed the problem in the stable version 1.0.154.48 and updates are available through using the “About Google Chrome” option, to check for updates.

Source:
http://www.heise-online.co.uk/news/Google-closes-critical-hole-in-Chrome–/112610

Posted in Internet, Security, Software | No Comments

OpenDNS to block Conficker

On Monday, OpenDNS, the free DNS service, plans to start blocking the Conficker worm’s attempts to connect to potential control servers. According to The Register, the new free service will also be able to alert administrators to the presence of the Conficker worm and assist them in locating infected machines.

Conficker is a difficult worm to block on a domain name, or IP address, basis. It attempts to connect to up to 250 different domain addresses each day, looking for a new payload. However these addresses can be predicted; in part this was how F-Secure estimated the size of the Conficker problem, by predicting a future domain, registering it, and then counting the machines that connected to that domain.

Apparently, to date, no new payload has been deployed, but this could change at any point. By pre-loading the OpenDNS service with the predicted addresses, OpenDNS, using a predicted address list provided by Kaspersky, hopes to be able to block any future connections by the Conficker worm. Blocking Conficker is to be the first part of a botnet blocking service provided by OpenDNS.

Source:
http://www.heise-online.co.uk/news/OpenDNS-to-block-Conficker–/112590

Posted in Internet, Networking, Privacy, Security | No Comments

IRS Stimulus Package Phishing Scam

US-CERT is aware of public reports indicating that phishing scams are circulating via fraudulent U.S. Internal Revenue Service emails offering users stimulus package payments. These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request the user to provide personal information.

Users receiving the fraudulent email messages are encouraged to send the email message and the website URL to the IRS at [email protected].

US-CERT encourages users to do the following to help mitigate the risks:

• Do not follow unsolicited web links received in email messages.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks (pdf) document for more information on social engineering attacks.
• Review the How to Report and Identify Phishing, E-mail Scams and Bogus IRS Web Sites document on the IRS website.

Source:
http://www.us-cert.gov/current/index.html#irs_stimulus_package_phishing_scam

Posted in Internet, Privacy, Security | No Comments