Reading Time: 1 minute Microsoft’s September “Patch Tuesday” security updates this week included 37 security patches for Internet Explorer, including a critical zero day defect. The term zero day refers to the fact that until now the defect was unidentified. The bug can be exploited to identify path names, file names and Internet Protocol addresses. According to Microsoft, the…

Reading Time: 2 minutes If you would really like to be infected by malware, the best place to go these days is amazon.com! According to a quarterly report for Q2 2014 by Solutionary’s Security Expert Research Team (SERT), Amazon hosts 41% of all malware identified by SERT’s honeynet. A honeynet is a network configured in ways to invite attacks…

Reading Time: 1 minute According to Homeland Securities Computer Emergency Response Team (US-CERT) SpamTitan contains a reflected cross-site scripting (XSS) vulnerability. SpamTitan is a server system for monitoring email and reducing spam email and other threats. The vulnerability was found in the auth-settings-x.php page of the management interface. It will enable an attacker to load a malicious script in…

Reading Time: 6 minutes Contributors: Ionel Pomana, Kevin Judge Video games have played an important role in the history of computers and are a significant reason for their popularity as a consumer product. Families had video game players in their homes long before they had personal computers. The ability to provide web sites that more closely replicate the experience…

Reading Time: 2 minutes Ransomware is quickly becoming the scourge of the Internet and Cisco Systems is reporting that several very popular web sites have recently been distribution points via malvertising. According to an investigation detailed on the Cisco Systems blog site, popular web sites including Disney and Facebook have been compromised to display infected advertisements that download a…

Reading Time: 4 minutes On Monday, the US Department of Justice announced that law enforcement working in multiple countries had successfully seized control of the “Gameover Zeus” botnet that distributes the Zeus banking Trojan and a second botnet that distributes the Cryptolocker ransomware program. Zeus and its variants enable financial fraud by stealing login credentials and diverting financial transactions…

Reading Time: 2 minutes The case for a containment strategy to defend against malware grew even stronger this week with reports that hackers are using vulnerabilities in Microsoft’s Silverlight animation plug-in to deliver malware. In recent years, numerous exploits found in Adobe Flash and Java have allowed hackers to overcome malware detection systems. To some, Silverlight appeared to be…

Reading Time: 2 minutes Improving privacy and security while browsing has been a major objective for Comodo in recent product releases and enhancements, and a Senate subcommittee report yesterday highlights the need. The report warns of the dangers of malicious advertising, so called malvertising, and threats to privacy and security posed by online advertising in general. Entitled “Online Advertising…

Reading Time: 5 minutes Most of the malware created these days is designed to generate income to the malware authors. That’s not a surprise, but it is amazing how creative these digital criminals can be. At Comodo AV Labs we observe and analyze the many schemes, tricks and methods they use to acquire their ill-gotten gain, including:   Direct…

Reading Time: 4 minutes It is virtually impossible for the files of known viruses used by conventional scanners to be fully up to date. Independent tester AV-Test Labs recently estimated that there are up to 55,000 new malware variants released into the wild each day. This sounds amazing, but is actually a conservative testing. Some analyst say there are…