Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: More IFRAME, phishing and BHOs; Java Security - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
More IFRAME, phishing and BHOs; Java Security
More IFRAME, phishing and BHOs

The last 24 hours have been relatively quiet. We received reports of another website that is serving up a nice IFRAME exploit. So if you haven't patched yet, it would be a very good idea to do so or consider using another browser. Most of the email consisted of more phishing attempts and one that appears the individual had a Browser Helper Object installed. Just a reminder that the BHODemon is a good tool to have on your system to help protect against BHOs. It can be found for free at

http://www.definitivesolutions.com/bhodemon.htm


Java Security

While doing some research on the Internet during my shift, I stumbled across a nice document that goes very indepth into Java Security and exploits called "Java and Java Virtual Machine Security Vulnerabilities and their Exploitation Techniques" that I wanted to pass along. It is a little outdated, but the concepts of understanding the orgins of Java, how it works and the security issues, up till the time the document was written, was nicely done. So in all your free time over the holidays(yes I know, "what free time"), it might provide some interesting reading.


http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf

Now I have to go and continue my moping....Army lost to Navy.

Lorna Hutcheson

Handler on Duty

http://www.iss-md.com

Lorna

165 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!