[ISN] Politically motivated exploits target activists on Google

From: InfoSec News <alerts_at_private>
Date: Mon, 14 Mar 2011 00:06:40 -0600 (CST)
http://www.theregister.co.uk/2011/03/12/windows_bug_target_google_users/

By Dan Goodin in Vancouver 
The Register
12th March 2011 

Politically motivated attackers are exploiting an unpatched flaw in all 
supported versions of Microsoft Windows to carry out highly targeted 
attacks against activists using Google, the company's security team 
warned.

The unidentified attackers are wielding a serious vulnerability in the 
way Windows parses webpages containing MIME-formatted content. In 
January, Microsoft issued a temporary fix for the flaw, which allows 
attackers to steal sensitive information, spoof trusted websites or 
carry out other actions not authorized by the user. The company hasn't 
said when the MHTML bug will be patched.

In a blog post published on Friday afternoon, members of Google's 
security team said the attacks are also being carried out against users 
of another popular social website, which they did not identify. Facebook 
representatives didn't immediately respond to an email seeking comment.

“We’ve noticed some highly targeted and apparently politically motivated 
attacks against our users,” they wrote. “We believe activists may have 
been a specific target.”

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Sun Mar 13 2011 - 23:06:40 PDT

This archive was generated by hypermail 2.2.0 : Sun Mar 13 2011 - 23:12:07 PDT