SecurityHome.eu Websense Security Lab

Home / mailings PDF

Websense Security Lab
Posted on 23 February 2007
Websense Security Lab
Websense® Security Labs(TM) has discovered emails that attempt to lure users to click on a link in order to upgrade their system security. The emails, which are spoofed from Monster, are written in HTML and claim that Monster systems have been upgraded and that users need to download a certified utility to be able to use Monster. The domain name that the emails point to are using five different IP addresses. Upon connecting to one of the IP addresses, the code is run, several files are downloaded and installed on the user's machine, and another file is downloaded and installed from a server in Denmark. The files appear to be designed to steal end-user information.

For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=747

TOP

Mailings :

[gentoo-announce] [ GLSA 202405-15 ] Mozilla Firefox: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-14 ] QtWebEngine: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-13 ] borgmatic: Shell Injection
[gentoo-announce] [ GLSA 202405-12 ] Pillow: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-11 ] MIT krb5: Multiple Vulnerabilities

Last 20

Exploits :

SOPlanning 1.52.00 Cross Site Scripting
SOPlanning 1.52.00 Cross Site Request Forgery
SOPlanning 1.52.00 SQL Injection
htmlLawed 1.2.5 Remote Command Execution
Online Tours And Travels Management System 1.0 SQL Injection

Last 20