[ Product News ] 17 September, 2010 11:44

-- Update in 2010-09-23 --

    With non-stop tracking of "invisiblebert.in", we found more vulnerable site but the detection rate is still very low. One victim is "hxxp://www.yio-shen.com.tw" which has more than 300 pages are polluted with SEO redirections.

    "invisiblebert.in" has low detection 6% (1/17) today, but Lionic blocked it from 2010-09-12.

    The final downloaded malware also has low detection rate 23.3% (10/43) in VT. ( http://www.virustotal.com/file-scan/report.html?id=333d5781ac3c0ed80cc76c8e8f94fc395aee2a64eba87eb436712f79e5bc4559-1285221104 )

   

 -- Orignally post in 2010-09-17 --

    AegisLab, security research group of Lionic Corp., constantly monitors the SEO based malicious web pages, which usually lead to drive-by-download, fake AV, scare-ware, online drug stores and etc. With our special technology and effort in discovery of SEO(Search engine optimization) based attack, we found new vulnerable site and new attack path today. The downloaded malware has very low detection rate, and the attack path is never discovered by other malicious URL database. But we discovered similiar attack path 4 days before and added it into our blacklist already.

 

    Here we disclose an attack path as the example.

 

[search] http://google.com (with popular keywords)

[root] hxxp://model.win-e.com.tw/images/model/school1.php   [PageRank:1]
  [script] hxxp://invisiblebert.in/search/search.php
   [script] hxxp://91.188.60.46/index.php
    [script] hxxp://195.206.252.154/index.php
      [script] hxxp://195.206.252.154/index.php?q=s7k4evnf

 (More)

[ Product News ] 16 September, 2010 17:27

[2010-09-16] 

    Today, we formally release the signatures to block AD in Youtube player screen. Lionic’s MiniGuard can set easily to block the advertisement on Youtube, and the snapshot of MiniGuard setting page is shown as below. It provides a very friendly user interface for configuration.

     “Lionic’s application guard offers a useful and convenient mechanism for Youtube Ads. We assist the user to block any annoying advertisements when they are watching a movie on Youtube. It’s been integrated and could be demonstrated by our reference design-MiniGuard. After a simple settings, users can easily have a nice experience in browsing YouTube. ” Mr. Eric Lu, CEO of Lionic commented.     Lionic is keep researching & developing the more user-friendly features on our Miniguard, and always plan ahead to think what features can benefit users and also provide the best applications for uses’ internet life. 

 

 [Eariler post in 2010-09-10]

     In past days, our customers complained Youtube displayed the advertisement in the movie canvas. It will occupy around one of fifth of the screen, and more annoying compared with advertisement put on elsewhere. See below figure.

      Even though Youtube provides some accout setting for user to turn on/off playing advertisement, but user seldom tweak the settings. Also, for anonymous user, there is no option to deal with it.

      Now, AegisLab will release a set of signature that can deploy in the gateway devices, all users under the gateway device with policy enabled is free from Youtube AD, oh yes!!

 

By AegisLab 

[ Security Alert ] 13 September, 2010 20:38

    The spam of Canada Pharmacy is last for several years, and now the redirected web site is sophisticated than ever. According to user geographic information, they will show different language and corresonding national flag.

 

     So professional!

 

        

[ Security Alert ] 08 September, 2010 13:49

    With AegisLab constantly monitoring for SEO(Search engine optimization) based Fake Anti-virus, we found new vulnerable site today. An online shopping site that offers cosmetics, clothes and others for target customer group - beauty or who want to become, is vulnerable and injected malicious links inside the pages.     

    When user visit those pages from search engine, it will direct user to typical fake anti-virus scanning screen, and persuades user to download an executable. The malware executable has very low detection rate now.

    Here we disclose an attack path as the example.    

[search] http://google.com
 [root] hxxp://www.holis.tw/holis/nicholas21.php [PageRank:1]
  [redir] hxxp://www.searchmanager.in/s2/search.php
   [redir] hxxp://91.188.60.35/index.php?q=22423A653V6S5A33L233W97TUK69R036ZPNB28P028P17H68X93QGtbVz1XU1UJXzdJMlJsJVZPQwhQUyglJGlQNkxSUQU5Kj5GUT1VTkRhTQR7SggkCE8DSAZPcAQNAG8HZQVyA0cpQUc%253D
    [virus] hxxp://193.169.235.227/index.php?q=p03nfr78 
 (More)

[ Security Alert ] 01 September, 2010 14:15

     Safari is a multi-platform web browser which is developed by Apple Inc. This browser supports many image formats like as SVG . The SVG is a file format based on XML for describing two-dimensional vector graphics, both static and dynamic.

     There is a vulnerability found in Webkit.dll of Safari (before version 5.0.1) . If the users visit a web pages with a crafted SVG images, his browser Safari would crash down.
 (More)

[ Security Alert ] 31 August, 2010 11:34

 

    AegisLab, security research group of Lionic Corp., constantly monitor the malicious web pages, such as drive-by-download, spam, and scare-ware. We collected the downloaded malware into our repository, and not surprisingly, the number of malware collected from web page is increased dramatically.

    The following figure is generated according our statistics from beginning of this year to this August. 

 

    Lionic WebGuard solution always includes all the malicious URLs into our list at the first moment to help user far away from attack and infection.

By AegisLab

«Previous   1 2 3 ... 13 14 15 16 17 18 19 20  Next»