Tuesday, December 14, 2010

Even the two biggest names in computing are not always secure. What can Dataccount do to protect you from these types of intrusions?


Full Article: http://arstechnica.com/security/news/2010/12/google-microsoft-distribute-malware-after-domain-name-trickery.ars



Google and Microsoft have inadvertently infected an unreleased number of computers last week with a new variation of an age-old attack (phishing) combined with a newer form of attack referred to as “drive-by malware.” Just updating your anti virus will protect you from the average virus attack, but what is your Business Continuity Plan in case of disaster? How does it fit into your three-year IT plan?

If you don’t know the answers to these questions, how do you know you are fully protected?

Ads served by DoubleClick (Google) and MSN (Microsoft) were distributing drive-by malware last week after attackers were able to trick the networks using a ploy from the phishers' playbook: they masqueraded as a legitimate advertising provider by using a domain name that looked the same as the provider's.

AdShuffle.com is a legitimate company selling ads to various ad networks, including DoubleClick and MSN. AdShufffle.com—three fs—is not, but it looks close enough to AdShuffle.com that the networks were tricked. These banner ads attempted to use a range of exploits (two Internet Explorer, one Java, and four Adobe Reader flaws—all which are currently patched), to install the HDD Plus malware. HDD Plus is bogus disk diagnostic software; it warns of impending failures, and says that to avoid trouble you should buy the full version.

Analysis of the attacks suggests
Read more

Labels: , , , , , , , , ,


posted by Dataccount Inc. @ 3:22 PM   188 Comments




188 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home