Skip to main content

Security Blog

Filter by:

Windows Remote Desktop Vulnerability may be used to spread worms

  Working exploits for a recent Windows vulnerability on Remote Desktop is publicly available on the Internet. This has lowered the technical hurdle for attackers to perform attacks. Some security researchers have warned that this vulnerability has potential to make a wide spreading worm. Users are...
Release Date: 20 Mar 2012 4802 Views

Impact of terminating the DNS server of DNSChanger

Recently, the Information Security News reported that the U.S. Federal Bureau of Investigation (FBI) would shut down those domain name servers (DNS - Note 1) associated with the DNSChanger Botnet on March 8. What is the impact of this incident...
Release Date: 29 Feb 2012 10989 Views

Review of Information Security Threats 2011

Over the year Information Security threats are continuously growing, we summarized and recapped it below. We can learn from the past and equipped ourselves to fight off the new challenge next year.New Dimension of Motivations of Cyber AttackSince 2005, the dominating motivation of cyber attacks...
Release Date: 3 Jan 2012 5770 Views

Trust of website certificate questioned - reflection of the Comodo and DigiNotar incidents

We are educated to check the validity of a website when we need to provide sensitive information to them, e.g. online banking, webmail, by identifying the "padlock" (i.e. secure HTTPS connection) and the name of the organization shown...
Release Date: 21 Sep 2011 4663 Views

DigiNotar CA security breach resulting in issuance of fake certificates

DigiNotar, a Dutch Certificate Authority (CA) reported that their company had a security breach in July 2011 which resulted in fraudulent issuance of public key certificates. DigiNotar issues SSL (Secure Sockets Layer) and EVSSL (Extended Validation) certificates. When a user visits...
Release Date: 1 Sep 2011 6017 Views

Large scale Injection incidents targeting osCommerce websites

A large scale injection targeting websites using osCommerce is reported.  Injected "<iframe>" and "<script>" pointing to malicious links such as "" and "" will infect computers via various exploits.  Google indicates more than 90,000...
Release Date: 26 Jul 2011 71215 Views

Fraudsters eyeing on the Japan earthquake disaster

It was reported in Japan CERT (JPCERT/CC) website that fake Japan earthquake donation sites were found. These sites are taking advantage of people's wants to help in Japan's immense tragedy.
Release Date: 15 Mar 2011 73027 Views

Information security impact arising from Conficker.C worm

Introduction   Conficker (also known as Downadup, Kido) is a computer worm that targets the Microsoft Windows operating system. It keeps on evolving since its first appearance in November 2008. Variant A, B, B++ were reported in from November 2008 to February...
Release Date: 25 Mar 2009 7810 Views

Global Conficker worm outbreak, millions of computers fallen

Introduction Into 2009, a worm called Conficker (also known as Downadup or Kido) sweeping the globe in a short period of time. According to the estimation by antivirus software company, over a million computers infected in global [Note: 1]. It is...
Release Date: 2 Feb 2009 4406 Views