Enclave Security "A Leader in Data Protection Services"

• Home
• Auditing
• Services
• Blogs
• Resources
• About Us

Subscribe to This Feed

Recent Posts

• Malware hosted on Google Code project site: Cyber Security Highlights September 3rd
• BadB now charged in RBS WorldPay ATM case: Cyber Security Highlights Sept 2, 2010
• HP holds Navy network Hostage for $3.3 billion: Cyber Security Highlights
• Nuclear plants prepare for cyber attacks: Cyber Security Highlights August 31, 2010
• iPad spam: Cyber Security Highlights August 27th

Categories

• 20 Critical Controls
• 44th Presidency Cybersecurity efforts
• Advanced Persistent Threat
• Assurance
• Audit
• Background Checks
• CISA
• Cyber Warfare
• Cybercrime
• Data Leakage Protection (DLP)
• DHS Infrastructure Reports
• Encryption
• Free Audit Checklists
• Health Information Technology
• Information Security Awareness
• Legal & Privacy
• Malware
• Medical Identity Theft
• Microsoft Windows
• Policy
• Progressive Reforms
• SANS Institute
• Secure Development Lifecycle (SDL)
• Sharpen the Saw
• Social Engineering
• Tools
• Training
• Web 2.0
• Writing Secure Code

Attend an Event

Enclave on Twitter

« Info Sec Highlights from the DHS Open Source Report 12-28-2009 | Main | Info Sec Highlights from the DHS Open Source Report 12-29-2009 »

Info Sec Highlights from the DHS Open Source Report 12-28-2009

By Kelli Tarala | December 28, 2009

Internet Sites Including Amazon Go down Briefly on Christmas Eve
Neustar a DNS provider for Amazon, Walmart and other high profile shopping sites was hit by a distributed denial of service (DDoS) attack. Neustar who provides DNS services under the UltraDNS brand, said the flood of malicious traffic was directed at the company’s facilities in San Jose and Palo Alto, and that the effects were mostly limited to California users.

Full Story:
http://www.theregister.co.uk/2009/12/24/ddos_attack_ultradns_december_09/

 Facebook Hit by ClickJacking Attack
Clickjacking is a type of attack in which an attacker slips a malicious link or malware onto a legitimate Web page. Facebook was cleaning up after such an attack and has now blocked the URL to the malicious site, fb.59.to. Security researcher Krzysztof Kotowicz, who blogged about the attack this week, said  the attack appeared to be more of a prank or trial, and it affects only Firefox and Chrome browsers.

Full Story:
http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=222100098

Krzysztof Kotowicz’s Blog Post
http://blog.kotowicz.net/2009/12/new-facebook-clickjagging-attack-in.html

Hackers Exploit Flaws in Advertisements on Popular Web Sites

Hackers attacked popular open-source advertising software by taking advantage of a pair of bugs in the OpenX advertising software. Hackers were then able to login to advertising servers and place malicious code on ads being served on the sites. On Monday, cartoon syndicator King Features said that it had been hacked last week, because of the OpenX bugs. King Features said that the malicious code used a new, unpatched Adobe attack to install malicious software on victims’ computers, but that could not immediately be verified. Another OpenX user, the Ain’t It Cool News Web site was reportedly hit with a similar attack last week.

Full Story:
http://www.computerworld.com/s/article/9142643/Hackers_hit_OpenX_ad_server_in_Adobe_attack?taxonomyId=17&pageNumber=1

Ain’t it Cool News Malware Attack:
http://www.theregister.co.uk/2009/12/18/aintitcool_malware_attack/

 To Read the Complete DHS Report:

www.enclavesecurity.com/blogresources/cdr_122809.pdf

Topics: DHS Infrastructure Reports, Malware |

Comments are closed.