The most risk significant development this week was Microsoft’s Advance Notification for release of six security bulletins on 2009-11-10. Sun released an update to Java addressing seventeen vulnerabilities, but none are presently the target of attack. Historically, Java vulnerabilities are ignored by criminals or attacked months after patching. Social networks continue to be a primary target of criminal activity. Gumblar, the FTP-stealing trojan is now targeting Wordpress blogs. Bredolab, Virut and Zeus activity continues with malicious code disguised as shipping confirmations and money transfers. However, sending pharmaceutical spam has been occupying most criminal cycles.

Tags: INTSUM

This entry was posted on Monday, November 9th, 2009 at 9:52 pm and is filed under Analysis. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.