CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
October 8th, 2009

US And Egyptian Authorities Arrest 100 Phishers In Biggest Cybercrime Case Ever

US and Egyptian authorities have charged 100 people with conducting a phishing operation that siphoned at least $1.5m from thousands of accounts belonging to Bank of America and Well Fargo customers.

Fifty-three defendants from California, Nevada and North Carolina were named in a federal indictment unsealed Wednesday. Prosecutors said it was the largest number of defendants ever charged in a cybercrime case. Authorities in Egypt charged an additional 47 people.

Operation Phish Phry, as the case was dubbed, marks the first joint cyber investigation between law enforcement agencies in those two countries. The case was filed in federal court in Los Angeles.

According to the indictment, the Egypt-based defendants phished individuals’ personal information and then used it to access victims’ bank accounts. The phishers then worked with their counterparts in the US so money could be transferred into fraudulent accounts created specifically to receive the stolen funds.

The ring leaders were named as Kenneth Joseph Lucas, Nichole Michelle Merzi and Jonathan Preston Clark, all of California. They directed dozens of “runners” to set up the accounts that would receive the stolen loot. A portion of the funds were wired to the individuals in Egypt who originated the scam. Other defendants were located in Nevada and North Carolina.

Each defendant named in the 51-count indictment is charged with conspiracy to commit wire fraud and bank fraud. If convicted, each faces a maximum penalty of 20 years in federal prison. A handful of defendants were charged with additional felonies, including bank fraud, aggravated identity theft, conspiracy to commit computer fraud and domestic and international money laundering.

The operation is an object lesson in the scale and coordination found in today’s professional phishing operations. The charges are the result of an investigation that began in 2007, when FBI agents identified criminal enterprises targeting US financial institutions.

“The sophistication with which Phish Phry defendants operated represents an evolving and troubling paradigm in the way identity theft is now committed,” Keith Bolcar, acting assistant director in charge of the FBI in Los Angeles, said in a statement.

Credit: The Register

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • TwitThis
  • Facebook
  • LinkedIn
More on CyberInsecure:
  • Cybercrime Related Losses Doubled In 2009, Financial Losses Totaled 559.7 Million
  • 5534 Stolen Ebay Logins And Passwords Accidentally Found Online By Security Firm
  • Police Bring Down Major Card-Cloning Network, 178 Arrested In Europe, Australia, U.S.
  • Xbox Players Targeted By Phishers With Fake Gamertag Changer
  • Latvian ISP Real Host Disconnected From The Internet Due To Cybercrime Servers Hosting

  • October 6th, 2009

    List of 20000 More Email Accounts From Gmail, Hotmail, Yahoo, AOL And Others Posted Online

    A second list containing webmail addresses and passwords referring to Hotmail, Yahoo, AOL and Gmail also surfaced online. Some of the addresses on this list were old and fake, but at least some were genuine, the BBC reports. Both lists have been taken offline, so are no longer directly accessible.

    Hackers used fake websites to gain the login credentials attached to various webmail accounts. The attack emerged after a list of 30,000 purloined usernames and passwords was posted online. These leaked details reportedly referred to Gmail, Comcast and Earthlink accounts. The phishing scam was originally thought to target just Hotmail users. It was brought to light when 10,000 Hotmail addresses were posted online at Pastebin, a website commonly used by developers to share code.

    A spokesperson for Microsoft said phishing was an “industry-wide problem”. “Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software.”

    Google has confirmed to BBC News that its e-mail system – Gmail – has been targeted as part of an “industry-wide phishing scheme”. The search giant said that it had taken immediate action to safeguard the affected accounts.

    Yahoo also confirmed that an unspecified number of Yahoo webmail accounts were on the leaked list. It couldn’t confirm how many of the profiles were genuine:

    We are aware that a limited number of Yahoo! IDs have been made public.

    Online scams and phishing attacks are an ongoing and industry-wide issue and Yahoo! takes great effort to protect our users’ security. We urge consumers to take measures to secure their accounts whenever possible, including changing their passwords. We also encourage our customers to review resources that provide guidelines on email safety.

    Rik Ferguson, a security researcher at Trend Micro, said that the security firm had begun detecting spam sent through these compromised Hotmail accounts.

    As many as two in five people use the same password for every site they use. That means access to a webmail account gives hackers a head start in accessing online banking or PayPal accounts linked to the same address. Underground bazaars and carder forums are full of sales of these more sensitive login credentials. Email addresses have sold alongside purloined credit card numbers and online bank accounts for months if not years on such black market forums.

    Credit: BBC News, The Register

    Email, Bookmark or Share:
    • E-mail this story to a friend!
    • Digg
    • del.icio.us
    • StumbleUpon
    • Reddit
    • Technorati
    • Slashdot
    • Propeller
    • Google
    • Live
    • YahooMyWeb
    • TwitThis
    • Facebook
    • LinkedIn
    More on CyberInsecure:
  • List Of 10033 Phished Hotmail Account Passwords Posted Online, Still Available In Google’s Cache
  • Microsoft’s CAPTCHA Under Spammers Attack Again
  • AOL Hosted Sites Distribute Malware
  • High Success Rate Breaking Hotmail CAPTCHAs
  • Hackers Hijack Sarah Palin’s Yahoo Account, E-mails Published Online

  • October 5th, 2009

    List Of 10033 Phished Hotmail Account Passwords Posted Online, Still Available In Google’s Cache

    Neowin.net has reported regarding a possible Windows Live Hotmail “hack” or phishing scheme where password details of thousands of Hotmail accounts have been posted online.

    An anonymous user posted details of the accounts on October 1 at pastebin.com, a site commonly used by developers to share code snippets. The details have since been removed but according to Neowin, the accounts are genuine and most appear to be based in Europe. The list details over 10,033 accounts starting from A through to B, suggesting this is only a part of a bigger list. Currently it appears only accounts used to access Microsoft’s Windows Live Hotmail have been posted, this includes @hotmail.com, @msn.com and @live.com accounts. Some accounts are from @hotmail.fr, @live.it, few from @yahoo.es.
    Neowin has reported this immediately to Microsoft’s Security Response Center and to Microsoft’s PR teams in the UK and US and we are currently awaiting feedback on the situation. As this is a breaking story, updates by Neowin can be found here.

    If you are a Windows Live Hotmail user Neowin recommends that you change your password and security question immediately.

    According to Neowin, Microsoft has fully confirmed their initial reports. According to a Microsoft spokesperson “over the weekend Microsoft learned that several thousand Windows Live Hotmail customer’s credentials were exposed on a third-party site due to a likely phishing scheme. Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts.”

    Unfortunately, according to our check, the list can still be found in Google’s cache, here is the screenshot:

    Google has already been contacted by CyberInsecure in order to remove the cached page from search results.

    UPDATE: Google removed cached page after about 3 hours.

    Email, Bookmark or Share:
    • E-mail this story to a friend!
    • Digg
    • del.icio.us
    • StumbleUpon
    • Reddit
    • Technorati
    • Slashdot
    • Propeller
    • Google
    • Live
    • YahooMyWeb
    • TwitThis
    • Facebook
    • LinkedIn
    More on CyberInsecure:
  • List of 20000 More Email Accounts From Gmail, Hotmail, Yahoo, AOL And Others Posted Online
  • 5534 Stolen Ebay Logins And Passwords Accidentally Found Online By Security Firm
  • UK Justice Minister’s Email Account Used For 419 Scam
  • Microsoft’s CAPTCHA Under Spammers Attack Again
  • FoxNews Commentator`s BillOreilly.com Website Hacked, Subscribers Personal Details Published

  • October 2nd, 2009

    Automated Malware Attacks Hit Facebook, CAPTCHA Possibly Cracked

    Hackers have figured out how to create computer-generated Facebook profiles and are using them to trick unsuspecting users into installing malware, a security researcher warned Thursday.

    The fraudulent profiles display the same picture of a blond-haired, blue-eyed woman, but with slightly different names and birthdates, said Roger Thompson, chief of research at security firm AVG Technologies. Each invites visitors to click on what purports to be a video link that ultimately tries to trick viewers into installing rogue anti-virus software.

    AVG’s LinkScanner product, which monitors webpages in real time to make sure they’re not malicious, has encountered “hundreds” of separate pages. But because AVG only sees a page when one of its subscribers tries to click on one, Thompson suspects the total number of fake profiles is in the thousands.

    “There are enough of them that it’s probably an indication of an automated attack. I just can’t see someone creating the same profile time after time after time,” Thompson said.

    That means the attackers have figured out how to crack the captcha Facebook uses to ensure profiles are created by humans, rather than computer scripts that automate the process so it can be carried out thousands of times.

    If Thompson is correct, it’s by no means the first time hackers have figured out how to bypass the measure on a high-profile website. Captchas for Google Mail and Microsoft’s Windows Live email services have been successfully cracked before. In some cases, scripts that use optical recognition technology are suspected to be at work. In other cases, sweat shops that rely on people to solve the captcha puzzles are likely at play.

    In any case, the availability of an unlimited number of fraudulent accounts is extremely valuable to scammers. Web-based email accounts typically get the green light from anti-spam products, and end users have an inherent, if misplaced, trust in social networking profiles.

    Thompson’s report came the same day that the FBI issued this advisory warning people to be wary of fraud on social networking sites.

    Facebook engineers are doing a good job killing the fake profiles, Thompson said. But at time of writing, many were still available, as pages like this one attests.

    Credit: The Register

    Email, Bookmark or Share:
    • E-mail this story to a friend!
    • Digg
    • del.icio.us
    • StumbleUpon
    • Reddit
    • Technorati
    • Slashdot
    • Propeller
    • Google
    • Live
    • YahooMyWeb
    • TwitThis
    • Facebook
    • LinkedIn
    More on CyberInsecure:
  • Google’s Blogger CAPTCHA Under Automated Registrations Attack
  • Microsoft’s CAPTCHA Under Spammers Attack Again
  • 3$ for breaking the CAPTCHA
  • High Success Rate Breaking Hotmail CAPTCHAs
  • Koobface Worm Creates A Low-cost, Distributed CAPTCHA Breaking Service

  • September 30th, 2009

    Microsoft Released Security Essentials Antivirus, Malicious SEO Poisoning Comes Right After

    Microsoft first released a public beta of its Security Essentials antivirus suite back in June and it was met with mostly positive reviews. Today Microsoft has released the final version of Security Essentials and anyone running Windows XP, Windows Vista, or Windows 7 can download it for free.

    Microsoft Security Essentials offers basic antivirus, spyware, and malware protection. It also offers real-time protection and regularly updated malware signature files via Microsoft’s Dynamic Signature Service.

    Since Microsoft Security Essentials provides the bare minimum protections for a Windows-based machine, other niceties such as a firewall and multi-PC management are not available. This should appease Microsoft’s competitors in the anti-malware software segment.

    Microsoft Security Essentials replaces the Onecare offering and the free Defender installation standard on Vista installations. It will provide you with malware detection and removal ONLY. So do not rely on this as your one stop shop for security. It does not have the features and functionality that many of the AV vendors provide in their products. Think of this as the AV as it used to be in 2000 or so. Detect rates seem to be quite good according to testers reports.

    Those who wish to try out the software can download it directly from the Microsoft Security Essentials website. The download requires that your PC pass Windows Genuine Advantage checks, so only legit Windows users will have access to the software.

    Shortly after the release of Microsoft Security Essentials, Websense Security Labs has reported that search engine results related to Microsoft’s Security Essentials are returning links to Web sites that serve rogue AV.

    Malware authors have used Search Engine Optimization (SEO) techniques to mix rogue search results in with legitimate results. For example, one of the rogue links is directly under a MSDN blog entry discussing Microsoft Security Essentials. The rogue redirects are hosted on compromised Web sites, including a Canadian publisher’s Web site and the British Travel Health Association.

    When a user browses to the compromised Web sites, so long as they have been referred by a search engine, they are redirected to malicious Web sites with domain names such as computer-scanner21 and computervirusscanner31.

    An example of one of the payload files shows that AV detection is low. One such file is named Soft_71.exe. If the user downloads the application, a file with extension .tif is downloaded in the “program filesTS” directory as TSC.exe and system.dat (the .tif file is decrypted/decompressed and split). The payload then executes “tsc.exe -dltest” apparently connects to a NASA Web site, to check internet connectivity. Finally, “tsc.exe” is executed with no parameters, and the rogue AV starts. (In the background the original file is deleted).

    According to Websense, it appears that the malware authors set up a trial run of SEO poisoning techniques, before converting the redirects to deliver rogue applications today. Screenshot of Google search results:

    Screenshot of rogue AV Web site:

    Screenshot of download prompt:

    Credit: DailyTech.com, SANS ISC, Websense Security Labs

    Email, Bookmark or Share:
    • E-mail this story to a friend!
    • Digg
    • del.icio.us
    • StumbleUpon
    • Reddit
    • Technorati
    • Slashdot
    • Propeller
    • Google
    • Live
    • YahooMyWeb
    • TwitThis
    • Facebook
    • LinkedIn
    More on CyberInsecure:
  • Several Vendors Including Microsoft Patch Multiplatform DNS Vulnerability
  • Labor Day Sale-Related SEO Poisoning Leads To Rogue Antivirus
  • Massive IFRAME Search Results Attack
  • Microsoft’s Report Shows Vista More Secure Than XP
  • Insecure Online Updates Toolkit For DNS Cache Poisoning Exploited In The Wild

  • September 25th, 2009

    Malware Torrent Delivered Over Google, Yahoo! Ad Services

    Some of the web’s bigger websites were flooded with a torrent of malicious banner ads after cyber crooks managed to sneak them onto syndication services operated by Google, Yahoo, and a third company, according to a security firm.

    The ads – which attacked previously-patched vulnerabilities in Adobe’s PDF Reader and Microsoft’s DirectShow – starting appearing on sites such as the DrudgeReport, horoscope.com and lyrics.com last Friday, according to ScanSafe researcher Mary Landesman. They were delivered over networks belonging to Google’s DoubleClick; Right Media’sYield Manager (owned by Yahoo); and Fastclick, owned by an outfit called ValueClick.

    End users visiting sites that used the ad syndication services often saw nothing more than a brief flash as the malware-laced ads caused their browsers to open – and then close – a booby-trapped PDF file. But behind the scenes, the payload installed Win32/Alureon, a trojan that drops a backdoor on infected machines.

    The malicious ads, which also appeared on slacker.com, ended on Monday, when the website used by the malware purveyors abruptly vanished. During their three-day stint, the attacks accounted for 11 percent of pages blocked by ScanSafe, a service used by businesses to prevent employees from visiting malicious sites.

    The report, issued Wednesday, came the same day a Google executive called on internet service providers, website operators, and others to do more to combat malicious ads. Over the past few years, so-called malvertisements – which employ social-engineering and exploit code targeting vulnerabilities in operating systems and applications – have become an increasingly common way of spreading malware to the masses.

    Of course, none of this would be possible without the help of the ad syndication services, which provide the software and services webmasters use to display ads to hundreds of millions of end users. DoubleClick, Right Media, and other networks have repeatedly been found to distribute malware-laced banner ads on of the net’s most popular sites.

    A spokesman for Google said the content of ads are up to websites that use the service.

    “With DoubleClick ad management, publishers are in control of what content they are serving and are therefore ultimately responsible for determining what advertising appears on their site,” a Google spokesman, who asked that his name not be included in this article, wrote in an email. “The publisher sells the space to the advertiser and must approve the content that goes on the site before it is introduced into DoubleClick’s servers.”

    No doubt, The DrudgeReport, horoscope.com, lyrics.com, and slacker.com should be called to account for the attacks on their users. And so far, none of those websites has responded to requests to comment. And neither did representatives for Yahoo or ValueClick, either. That doesn’t inspire confidence that any of those companies are doing nearly enough to protect their visitors from a growing threat.

    Credit: The Register

    Email, Bookmark or Share:
    • E-mail this story to a friend!
    • Digg
    • del.icio.us
    • StumbleUpon
    • Reddit
    • Technorati
    • Slashdot
    • Propeller
    • Google
    • Live
    • YahooMyWeb
    • TwitThis
    • Facebook
    • LinkedIn
    More on CyberInsecure:
  • Compromised Museum Website Infecting Image Search Referred Visitors
  • Yahoo! Marketing Hit By Phishers, Phished Accounts Lead To Malvertising And Malware Distribution
  • Trojan Poses As Google Chrome Browser Extension
  • Yahoo! Groups Are Used By Phishers To Send Personalized Scam Emails
  • Google Sponsored Links Offer Free Software And Install Malware

  • September 25th, 2009

    Fake OS X Codec Scam Offered 43 Cents For Every Infected Mac

    A researcher has unearthed fresh evidence of cyber criminals’ growing attraction to Apple’s OS X platform with the discovery of a now-disbanded group that offered 43 cents for every infected Mac.

    Mac-codec.com was just one of hundreds well-organized affiliate networks that pay a small bounty each time their malware is installed on an unsuspecting end user’s computer. What makes this one stand apart is its dedication to the Mac platform.

    The site advertised various promotional materials Mac-based “video players” and offered “webmasters” the fee in exchange for each installation on Macs that visited their exploit sites. The 43-cent fee is slightly lower than the 50 cents to 55 cents the codec-partnerka pay for infections of Windows-based machines.

    The outfit was holding out the offer in January and February of this year, but has since closed its doors, said Samosseiko, who is manager of Sophoslabs in Canada, a research arm of anti-virus firm Sophos. He presented his findings as part of a larger discussion about codec-partnerka presented at this week’s Virus Bulletin conference in Geneva. The groups’ malware typically masquerades as legitimate video codecs or anti-virus software.

    “I suspect that it wasn’t as profitable to target the Mac platform at that point,” he explained. Mac-codec.com “probably closed because it wasn’t commercially viable for them to conduct business.” “I suspect there are others targeting other Mac users,” he said.

    Infiltrating the highly secretive networks is by no means an easy task. Most of them are based in Russia or elsewhere in Eastern Europe, and interlopers must first gain the trust of other members. Although Mac-codec.com is no longer active, Samosseiko doesn’t believe that’s the end of the bounty program for infected OS X systems.

    Credit: The Register

    Email, Bookmark or Share:
    • E-mail this story to a friend!
    • Digg
    • del.icio.us
    • StumbleUpon
    • Reddit
    • Technorati
    • Slashdot
    • Propeller
    • Google
    • Live
    • YahooMyWeb
    • TwitThis
    • Facebook
    • LinkedIn
    More on CyberInsecure:
  • Apple Users Targeted By Smut-punting Video Codec Malware
  • Critical Flaws Patched By Apple in QuickTime 7.5 Update
  • Malware Posing As Youtube Codec
  • My.BarackObama.com Infects Visitors With Trojan
  • Apple MobileMe Users Are Attacked By Phishing Scam

  • September 21st, 2009

    Carder Forum Drops Offline After Whitehats Attack

    A Pakistan-based carder site has dropped off the net, after white hat hackers broke into the forum and posted details of the hack on a full disclosure mailing list.

    Pakbugs.com provided a forum for ne’er do wells to discuss hacking tactics and trade malware, bank logins details and stolen credit card credentials. However this activity was interrupted after login details for the forum and email addresses were posted online following a break-in.

    A previously unknown group called War Against Cyber Crime claimed credit for the hack. The group expressed the hope that law enforcement agents will begin an investigation against individuals named on the leaked list.

    Meanwhile, the Pakbugs.com site remains unavailable. Net security firm F-Secure, which was among the first to record the takedown hack, said it reckons the forum is unlikely to reappear.

    Credit: The Register

    Email, Bookmark or Share:
    • E-mail this story to a friend!
    • Digg
    • del.icio.us
    • StumbleUpon
    • Reddit
    • Technorati
    • Slashdot
    • Propeller
    • Google
    • Live
    • YahooMyWeb
    • TwitThis
    • Facebook
    • LinkedIn
    More on CyberInsecure:
  • FBI Operated DarkMarket Carder Forum Sting Brings Worldwide Cybercriminals Arrests
  • Australian Atheist Websites Taken Offline By Distributed Denial Of Service Attacks
  • German Cybercrime Forum Hacked, Members Details Uploaded Onto File-sharing Networks
  • Boards.ie Database Breached, Admins Reset Passwords For All Members
  • BSDNews.com Hacked And Members Information Publicly Exposed

  • September 21st, 2009

    Ukrainian Scammers Will Hack Any Facebook, Myspace, ICQ Account For Just 100USD

    Eastern European hackers are offering to crack into any Facebook,  Myspace and ICQ account for a fee of $100, payable online through Western Union, though circumstantial evidence suggests that the scheme might just as easily be geared towards ripping-off potential clients while delivering nothing.

    The Facebook hacking service, offered by Ukrainian hackers via a domain registered in Moscow, offers to provide clients with the login and password credentials of any account. Potential clients are offered a money-back promise in cases where a targeted profile (which might belong to celebrities, politicians, or well-known companies as well as ordinary users) proves unhackable.

    Hackers claim they’ve been offering the service for four years, during which time they’ve enjoyed a 99 per cent success rate. However, the domain via which the service is offered is only a few days old, raising doubts about the authenticity of the service.

    “The system’s real purpose may be hacking Facebook accounts as they say, or profiting from those that want to try the service,” said Luis Corrons, Technical Director of PandaLabs. “In any case, the Web page is very well designed. It is easy to contract the service and become, either the victim of an online fraud, or a cyber-criminal and accomplice in identity theft.”

    Corrons, who explored the service without handing over a fee to the cybercrooks behind it, concludes that it’s very probably a scam. “This is all about taking the money from users. And at the end, as the user wanted to hack an account, he won’t call the police,” he concludes.

    Compromised social networking profiles in general might be used to distribute spam or malware or as stepping stones towards attacks on a mark’s webmail or online banking accounts.

    Credit: The Register
    Credit: PandaLabs

    Email, Bookmark or Share:
    • E-mail this story to a friend!
    • Digg
    • del.icio.us
    • StumbleUpon
    • Reddit
    • Technorati
    • Slashdot
    • Propeller
    • Google
    • Live
    • YahooMyWeb
    • TwitThis
    • Facebook
    • LinkedIn
    More on CyberInsecure:
  • Facebook Agrees To Permanently Deploy Child-Safety Measures
  • MySpace And Facebook Users Targeted By New Worms
  • Facebook, MySpace Backdoor Exposed User Accounts
  • Botnet’s New Component Imitates Human Facebook Users
  • Social Networks Information Sharing Flaw Exposes Private MySpace Users Photos

  • September 20th, 2009

    Sections Of PBS.org Website Hijacked, Serving A Cocktail Of Dangerous Exploits

    Some sections of the popular PBS.org Web site have been hijacked by hackers serving up a cocktail of dangerous exploits, according to researchers at Purewire. Attempts to access certain PBS Web site pages yielded JavaScript that serves exploits from a malicious domain via an iframe.

    The malicious JavaScript was found on the “Curious George” page that provides content on the popular animation series. A look at the code on the hijacked site shows malicious activity coming from a third-party qxfcuc.info domain.

    The domain qxfcuc.info is part of a malware campaign that includes tens of similar websites hosted off of a handful of common IP addresses. Similar exploit code was served from most of these domains, although a handful (e.g., yyoqny.info) display a message that suggests the criminal behind this campaign is compromising systems to build a botnet he will likely later lease. Translated from Russian, that message tells prospective leasers to “Send a message to ICQ #559156803; stats available under ststst02.”

    The URL serves exploits that target a variety of software vulnerabilities, including those in Acrobat Reader (CVE-2008-2992, CVE-2009-0927, and CVE-2007-5659), AOL Radio AmpX (CVE-2007-6250), AOL SuperBuddy (CVE-2006-5820) and Apple QuickTime (CVE-2007-0015).

    Purewire said the exploit site is part of a malware campaign that includes tens of similar Web sites hosted off of a handful of common IP addresses.

    PBS.org has already removed the malicious javascript from its site.

    Credit: ZDnet.com Security Blogs

    Email, Bookmark or Share:
    • E-mail this story to a friend!
    • Digg
    • del.icio.us
    • StumbleUpon
    • Reddit
    • Technorati
    • Slashdot
    • Propeller
    • Google
    • Live
    • YahooMyWeb
    • TwitThis
    • Facebook
    • LinkedIn
    More on CyberInsecure:
  • High-profile Advertiser Media-servers.net Website Hacked, Serving Exploits Cocktail
  • Daily Mail Serves Malicious Ads, Readers Redirected To Malware Installing Server
  • Internet Explorer 0-day Malware Infects Amnesty International Hong Kong Website Visitors
  • Hackers Hijack ICANN And IANA’s Domains
  • Mass Infection Turns More Than 57000 Websites Into Exploit Launch Pads