374 matches found
Fake ADP and FDIC Notifications Leading Users to Blackhole Exploit Kit
With the latest iteration of the Blackhole Exploit Kit hitting the web this week, attackers are going to great lengths to spread around links to get unsuspecting victims to click through to the first version of the kit. E-mail notifications claiming to come from Microsoft Exchange, ADP, the Feder...
Trojan Mimics Chrome Installer to Steal Banking Information
Malware impersonating a Google Chrome Installer is actually stealing data while stripping software used to protect online banking transactions. The Trojan at present appears to target users in Brazil and Peru. Trend Micro researchers report in a blog post that they have discovered a malicious fil...
Social game Zynga's YoVille gets hacked
Social game Zynga's YoVille gets hacked Matt Spencer has been an active player of "YoVille" since the Zynga-owned virtual world launched in 2008, but hasn't played the game in about three weeks. He post a complaint on the gaming company's forum that in late January, Spencer's "YoVille" account wa...
CRUNCH TV SHOW - Live Stream & Security Videos
Document Title: =============== CRUNCH TV SHOW - Live Stream & Security Videos References: =========== Download: http://www.vulnerability-lab.com/resources/videos/508.mov View: http://www.youtube.com/watch?v=G9ECcxvB0dQ Release Date: ============= 2012-04-10 Vulnerability Laboratory ID VL-ID:...
HITB2011KUL - Skype Vulnerabilities 0Day Exploitation
Document Title: =============== HITB2011KUL - Skype Vulnerabilities 0Day Exploitation References: =========== Download: http://www.vulnerability-lab.com/resources/videos/394.wmv View: http://www.youtube.com/watch?v=K4g86hVQ1wk Release Date: ============= 2012-03-30 Vulnerability Laboratory ID...
Slideshow: Scenes from SAS 2012
VIEW SLIDESHOW Scenes from SAS 2012 At Kaspersky Lab’s Security Analyst Summit last week, over 100 researchers and law enforcement officials converged in Cancun, Mexico over the course of five days to network and discuss a veritable cornucopia of security topics. Topics such as privacy, SCADA and...
Cancun, Mexico
At Kaspersky Lab’s Security Analyst Summit last week, over 100 researchers and law enforcement officials converged in Cancun, Mexico over the course of five days to network and discuss a veritable cornucopia of security topics. Topics such as privacy, SCADA and PLC security, tracking cybercrimina...
Worlds first windows 8 Bootkit to be released at MalCon
Worlds first windows 8 Bootkit to be released at MalCon It is amazing how fast security measures are bypassed by hackers. it seems Windows 8 is now Malconed! Peter Kleissner has created the world's first Windows 8 Bootkit which is planned to be released in India at the International Malware...
Reality Based Cyber Crime Novella Explores Aftermath of Stuxnet Attack On Iran
Reality Based Cyber Crime Novella Explores Aftermath of Stuxnet Attack On Iran GRAND RAPIDS – Cyber Styletto is a new novella by a journalist, a writer, and a security expert who have pooled their talents to create an enthralling good read that is future forward and predictive. The facts are base...
Sony Hiring Information Security Engineers & Facebook Hire George Hotz
Sony Hiring Information Security Engineers After 14 Hacks, Finally Sony open job recruitment for "Sr Application Security Analyst". Sony Estimates 171 Million Dollar Loss due to PSN Hack. Also Sony CEO sorry for PSN hack, offers data theft insurance. Social network Facebook has hired a computer...
Pangolin 3.2.3 - Automatic SQL injection penetration testing tool New Release !
Pangolin 3.2.3 - Automatic SQL injection penetration testing tool New Release ! Pangolin is an automatic SQL injection penetration testing Pen-testing tool for Website manager or IT Security analyst. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications...
Virus Watch: The Chinese Bootkit
We recently discovered a new bootkit, i.e. a malicious program which infects the hard drive’s boot sector. Kaspersky Lab detects it as Rookit.Win32.Fisp.a. The bootkit is distributed by Trojan-Downloader.NSIS.Agent.jd. The Trojan infects the computers of users who try to download a video clip fro...
The Decline and Fall of Slammer?
Me and Slammer Helkern go back a long way… to 25 January 2003 to be precise. It was a baptism of fire for me in my new role as a virus analyst at Kaspersky Lab. It was a weekend and I was alone, in charge of monitoring the incoming flow of suspicious files. I had barely been at the company a mont...
Apple Hires New Security Chief
Apple has hired a software security expert to head up its growing internal security group. The company has hired David Rice, a former National Security Agency analyst and consultant on security issues, according to reports. Rice is currently the director of policy reform at the U.S. Cyber...
Rogue AV Live Tech Support
This is a recording of a live chat session with the technical support agent associated with a rogue AV program. The session was recorded by Nicolas Brulez, a security analyst at Kaspersky Lab.The video is best viewed in full-screen mode...
Jose Nazario on Politically Motivated DDoS Attacks (Part 3)
In the third part of his talk on politically motivated DDoS attacks at the recent Kaspersky Lab Security Analyst Summit, Jose Nazario of Arbor Networks discusses the tactics and motivations for these attacks...
CVE-2010-2338
Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter. NOTE: some of these details are obtained from third party information...
Sql injection
Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-2338
The CVE-2010-2338 entry concerns multiple SQL injection vulnerabilities in redir.asp of VU Web Visitor Analyst, exploitable by passing crafted values to the (1) username or (2) password parameters to trigger arbitrary SQL execution. This is supported by the core description across NVD/NVD-derived...
CVE-2010-2338
Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter. NOTE: some of these details are obtained from third party information...