Information Armor » seo http://www.informationarmor.com Protecting Your Data. A public service from Arizona IT Management LLC Tue, 22 Jun 2010 16:27:09 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Blackhat SEO http://www.informationarmor.com/2010/03/09/blackhat-seo/ http://www.informationarmor.com/2010/03/09/blackhat-seo/#comments Tue, 09 Mar 2010 22:13:16 +0000 root http://www.informationarmor.com/?p=88 Recent assessments have discussed many of the Search Engine Optimization (SEO) scams currently in circulation. In a blog post published on Friday, X-Force analysts note how scammers are not only exploiting real news events, but they are also creating their own news to gain profits through affiliate programs. Our researchers warn, “you can’t always trust the hosts that search engines point to.” We encourage our customers to ensure their anti-virus software is up-to-date and to enable blacklisting on browsers that support it, such as the ‘Block reported attack sites’ setting in Firefox.
http://blogs.iss.net/archive/CreatingNewsForBlack.html

]]> http://www.informationarmor.com/2010/03/09/blackhat-seo/feed/ 0 Happy Friday! http://www.informationarmor.com/2010/02/26/happy-friday/ http://www.informationarmor.com/2010/02/26/happy-friday/#comments Fri, 26 Feb 2010 15:25:21 +0000 root http://www.informationarmor.com/2010/02/26/happy-friday/ Adobe libtiff exploitation
On Monday, we reported that Secunia had discovered that one of the recent Adobe Reader vulnerabilities was actually related to an old vulnerability in libtiff. Secunia had developed an exploit but kept it private. Now, there are reports that others have succeeded in constructing exploits for this issue as well. We encourage clients to apply the recent Adobe patches as soon as possible.
http://rootkit.tw/blog/?p=34
http://www.adobe.com/support/security/bulletins/apsb10-07.html

Browser vulnerabilities
A proof of concept exploit has been posted for a vulnerability in the iPhone browser. The exploit sends a malformed CSS style tag which causes a denial of service. It’s possible that a remote attacker could execute arbitrary code if the victim is tricked into visiting a malicious website. The same vulnerability is reported to also affect Apple’s Safari browser and Google’s Chrome browser.
http://www.packetstormsecurity.nl/1002-exploits/iphone_crash.py.txt
http://www.packetstormsecurity.nl/1002-exploits/safarichrome-dos.txt

Olympic themed SEO
Last week we highlighted the use of Search Engine Optimization (SEO) techniques where an attacker modifies the optimized search results of search engines to direct users to malicious sites. Currently, many search results for Olympic-themed queries lead to malicious sites. Upcoming events like the St. Patrick’s Day holiday and Spring Break in March may be the next campaigns that are abused. We encourage our customers to be cautious when clicking on links from search results and to visit official Web sites when possible.
http://www.avertlabs.com/research/blog/index.php/2010/02/23/on-olympics-st-patricks-day-screensavers-and-wallpaper/
http://twitter.com/mikkohypponen/status/9628022758

]]> http://www.informationarmor.com/2010/02/26/happy-friday/feed/ 0