[pchelpers] News:Hacker attacks getting more personal

• From: John Durham <john.modec@xxxxxxxxxx>
• To: PC-Helpers <pchelpers@xxxxxxxxxxxxx>
• Date: Wed, 21 Mar 2007 08:01:19 +1200

They can use a variety of exploits on the same site to target victims
Jaikumar Vijayan

March 20, 2007  (Computerworld) -- In the same way some e-commerce sites
serve up customized content based on a user's profile, cybercriminals
are increasingly using personalization techniques to more effectively
attack those who visit their Web sites.

Over the last year or so, the number of malicious sites using
personalization techniques has mushroomed and today represents a new and
disturbing trend, according to IBM's Internet Security System's X-Force
threat analysis group.

Unlike older sites that simply served up the same exploit code over and
over, the new ones are loaded with multiple exploits and payloads, said
Gunter Ollmann, director of security strategies at IBM's ISS X-Force
team. The sites are crafted to first probe a visitor's browser for
specific information which it then uses to craft a customized attack, he
said.

"We're seeing a large number of malicious Web sites that make use of IP
address and browser information before they start to create an attack,"
Ollmann said

For instance, a user who visited a malicious Web site using Internet
Explorer would be targeted with exploits seeking to take advantage of
specific IE flaws, while those running Firefox or Netscape would be
targeted with attacks specific to their browser types. The typical
payloads include spyware programs and keystroke logging software, he
said.

More here:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=spam__malware_and_vulnerabilities&articleId=9013793&taxonomyId=85
-- 
John Durham
Site http://modecideas.com
Server hosted on Ubuntu 4.10
Good advice is like good paint. It only works when applied.



-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription