Pizza spam / gimalayad.ru
Cheese Lover’s Pizza with no cheese?! Chicken pizza with three lots of extra ham?? This spam actually leads to malware on gimalayad.ru: Date: Wed, 6 Mar 2013 12:22:04 +0330From: Tagged...
View ArticleDissecting NBC’s Late Night with Jimmy Fallon Web Site Compromise
Oops, they did it again! The official Web site (hxxp://www.latenightwithjimmyfallon.com) of NBC’s Late Night With Jimmy Fallon is currently compromised/hacked and is automatically serving multiple...
View ArticleAdobe CS4 spam / guuderia.ru
This fake Adobe spam leads to malware on guuderia.ru:From: messages-noreply@bounce.linkedin.com [mailto:messages-noreply@bounce.linkedin.com] On Behalf Of Donnie Cherry via LinkedInSent: 07 March 2013...
View ArticleNews Of Hugo Chavez’s Death Used in Malicious Email Campaigns
Following news of the death of Venezuelan President Hugo Chavez (as reported by the BBC) the Websense ThreatSeeker® Network has identified several malicious email campaigns that make reference to the...
View ArticleIsraeli website for “international institute for counter-Terrorism” waterhole...
Websense Security Labs™ and The Websense® ThreatSeeker™ Network have detected that the government-related websites ict.org.il and herzliyaconference.org have been involved in a 'waterhole' attack and...
View ArticleElection of New Pope used as Lure in Malware Attacks
It’s tough being a malware distributor – you can’t exactly go around asking people to install your malware – you need to be creative. So a global news story such as the election of Pope Francis is too...
View ArticleZendesk “An important notice about security” spam / vagh.ru / pillshighest.com
This unusual spam leads to a fake pharma site on pillshighest.com via vagh.ru and an intermediate hacked site.Date: Fri, 22 Mar 2013 13:52:08 -0700From: Support Team...
View ArticleHow are Java attacks getting through?
Were you aware that Java is increasingly being viewed as a security risk? Of course you were — recent high-profile attacks have firmly established the trend, so we're not going to do yet another...
View ArticleCompromised Yahoo accounts spread Android malware
The surest way to know that an attack method is working for a malware gang is seeing the method repeated over a period of several months. In Commtouch’s October Trend Report we described an attack...
View Article“Please respond – overdue payment” spam / INVOICE_28781731.zip
This spam comes with a malware-laden attachment called INVOICE_28781731.zip:Date: Fri, 29 Mar 2013 10:33:53 -0600 [12:33:53 EDT]From: Victor_Lindsey@key.comSubject: Please respond –...
View ArticleSearch Engine Poisoning: Targeting US Military?
It's been a few months since I dipped into our Search Engine Poisoning (SEP) logs, so I've been taking a look… As I was poking around, one thing jumped out at me, which was not on my radar screen back...
View ArticleAndroid malware gets phish-y
Last week the security world was abuzz with news of a new attack vector for mobile attacks. The malware was sent to the accounts of Tibetan human rights advocates and activists from the hacked account...
View ArticleWordPress Plugin Social Media Widget Hiding Spam – Remove it now
If you are using the Social Media Widget plugin (social-media-widget), make sure to remove it immediately from your website. We discovered it is being used to inject spam into websites and it has also...
View ArticleMargaret Thatcher’s Death Used in Cyber Attacks
As the world remembers former British Prime Minister Margaret Thatcher, cyber attackers are participating too, but in their own tricky ways. Websense® Security Labs™ and the Websense ThreatSeeker®...
View ArticlePinhout: Pinterest clone or phishing site?
Recently I stumbled upon pinhout.com. Look familiar? Pinhout.com looks awfully familiar to…It looks like a Turkish copy of Pinterest, a growing social network to share web content. .. Pinterest (home...
View ArticleWhen Good Plugins Go Bad – SEO Spam on Joomla Websites
We recently published an article about an interesting case where a very popular WordPress Plugin (Social Media Widget), with more than 900,000 downloads, got sold and the new owners decided to use...
View ArticleMassive Google scam sent by email to Colombian domains, (Wed, Apr 10th)
This morning many users in my city woke up with supposedly good news from a resume they sent to google looking for open positions: Of course this scam does not have anything new and innovative to...
View ArticleMass WordPress Brute Force Attacks? – Myth or Reality
We are seeing in the media some noise about a large distributed brute force attacks against all hosts targeting WordPress sites. According to reports, they are seeing a large botnet with more than...
View ArticleDNS Poisoning Hits Kenya Google, MSN, Skype…
The Websense® ThreatSeeker® Network has detected that a DNS poisoning attack is happening in Kenya, with local big name websites in information technology targeted including Google, Bing, and LinkedIn....
View Article“Fiserv Secure Email Notification” spam
This spam has an encrypted ZIP file attached that contains malware. The passwords and filenames will vary.From: Fiserv Secure Notification [mailto:secure.notification@fiserv.com]Sent: Tue 16/04/2013...
View Article