Blog

Microsoft warned companies on Monday that a flaw in the way Windows searches for Web proxies could allow an attacker the ability to reroute traffic through a malicious server.

The security issues occur when a Windows computer attempts to find a proxy server using Microsoft’s Web Proxy Automatic Discovery (WPAD) technology and the organization’s domain name starts at the third level or deeper, such as somecompany.co.jp, the software giant stated in an advisory. The WPAD search first attempts to find the server using the fully-qualified domain name (FQDN), and if it doesn’t find the server will try the next higher level of the domain name. For example, a search for a proxy server in somecompany.co.jp will look for servername.somecompany.co.jp and then move on to servername.co.jp, which could be a malicious server outside the company’s network.

“At this time, we are not aware of attacks attempting to use the reported vulnerability, but we will continue to track this issue,” Tim Rains, a spokesman for the Microsoft Security Response Center, said on the teams’ blog. “The advisory contains several mitigations that customers can use to help protect themselves from attackers.”

Read more

If you enjoyed this post, make sure you subscribe to my RSS feed!

Widgets and gadgets that users add on to their PCs could pose a security threat, according to Finnish security company Finjan.

Finjan’s Malicious Code Research Centre has found that add-ons that add functions to websites contain code which make the PC they are on more vulnerable to hackers.

The security model that gadgets and widgets have must now be completely revised to take these findings into account, Finjan stated.

Finjan chief technology officer Yuval Ben-Itzhak said: ‘As widgets become common in most modern computing environments, from operating system to web portals, their significance from a security standpoint rises.’

He added: ‘Vulnerabilities in widgets and gadgets enable attackers to gain control of user machines, and thus should be developed with security in mind.’

Corporations may need to deal with a ‘vast array’ of new security considerations, added Mr Ben-Itzhak.

Meanwhile, a new report from Symantec has warned that internet crime has gone from simply causing trouble to a multi-million pound industry.

If you enjoyed this post, make sure you subscribe to my RSS feed!

Trojans have topped threat lists during the first six months of the year, according to a new report.

Security firm BitDefender Labs says that Trojans were the most popular form of malicious threat in the first half of 2007, along with mass mailers.

The Netsky worm also continued to keep its place in the top ten threat list, with all of the malware in the table accounting for two-thirds of total web viruses.

Viorel Canja, head of BitDefender Labs, called the shift from viruses to Trojans ‘an interesting trend’.

‘Although the popularity of mass mailers is slowly receding, variants are still present and pose a very real risk to computer systems used by consumers and small businesses,’ he added.

A recent report from information security services provider SecureWorks revealed that the number of hackers targeting banking institutions has soared by 81 per cent since 2006, with attackers using the Gozi, Prg and BBB Trojans in particular.

If you enjoyed this post, make sure you subscribe to my RSS feed!