Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Unpatched Firefox flaw lets fox into henhouse

The latest Firefox vulnerability allows hackers to implant malware onto a vulnerable system due to a memory corruption flaw in the browser. The bug revolves around errors in the handling of JavaScript code.

Click here for more information.

Attacks Against Unpatched Microsoft Bugs Multiply

Several security firms are seeing growth in attacks regarding Microsoft’s latest vulnerability. The attacks are exploiting a bug in IE’s ActiveX control. To date numerous sites have been detected for hosting the attack code. One highly targeted attack hit one company through a well crafted Microsoft Office document that contained embedded HTML links. Broader attacks are occurring from compromised, Chinese-based sites.

The following link provides a way to guard against this vulnerability until Microsoft releases a patch.

Click here for more information.

Irish ISP downed by DDoS

Ireland’s largest ISP was hit by a DDoS attack earlier this week. The volume of traffic doubled their normal volume to 8 million requests per minute during the attack. Last week subscribers were sent to the wrong websites due to problems with their DNS.

Click here for more information.

New Zealand set to join internet blocking club

Asking ISPs to voluntarily join in the use of the government’s blocked list, New Zealand will begin with a list of over 7,000 sites that target child porn sites. The government has budgeted an additional $617,000 for Censorship Enforcement Activities for 2009/2010, which includes $150,000 for Internet filtering software. ISPs already expressing interest in participating cover 94% of the New Zealand Internet.

The list will not be made public as law enforcement fear it would tip the hand of those under investigation.

Click here for more information.

Japan Faces Crisis of Confidence Over Internet Safety

A recent survey of 2,000 Japanese citizens indicate approximately 32% feel insecure regarding their online privacy. 50% feel relatively insecure. When projected onto Japan’s Internet population that equates to 70 million who worry about safety when online. Efforts are underway to help boost confidence among Japan’s Internet community.

Click here for more information.

Investigation Into Cyberattacks Stretches Around the Globe

More is being learned about the recent cyber attacks on sites in the US and South Korea. A Vietnamese security vendor identified a master command-and-control server that coordinated the cyber attacks. This security firm traced the server to Brighton, England. The company who has the server later confirmed that while the compromised server belongs to them it was actually based in their Miami data center.

This master command-and-control server distributed instructions to eight other command-and-control servers. In total 166,908 hacked computers in 74 countries were used in the attack. The MyDoom malware variant found in the hacked computers was designed to look for new instructions every three minutes.

Click here for more information.

Report: Cybercriminals Take Lessons From Business School

Cybercriminals appear to be implementing lessons learned from business school. From obtaining financial support to marketing/SEO to specializing to forming partnerships, cyber criminals are building very agile businesses to take advantage of opportunity. The recently released report from Cisco indicates that some groups are specializing in providing spam services while others might focus strictly on botnet engineering. Confiker and Waledac viruses have also shown where cybercriminals formed partnerships to help spread infections more quickly or to produce infections that are more effective.

Click here for more information.