Feeds

Articles about Scansafe

SGI logo hardware close-up

Cisco borgs real-time security biz ScanSafe

Cisco intends to buy the web security outfit ScanSafe in a deal worth approximately $183 million, the networking gear maker said today. ScanSafe sells a web-based security service that analyzes a company's end-user web requests in real-time to determine if content is malicious, inappropriate, or acceptable based on defined …
Austin Modine, 27 Oct 2009
globalisation

Orange biz picks up web security

Orange Business Services is to start selling ScanSafe web security products. The distribution agreement has already chalked up one win for a contract with a multi-national chemical company, covering 45,000 staff in 80 countries. Gerard Garnier, VP of IT servies at Orange Business Services, said ScanSafe was chosen because it …
John Oates, 15 Sep 2009
The Register breaking news

Hackers pwn Macca site with banking malware

Webmasters had to purge the website of former Beatle Paul McCartney after hackers planted malware. The timing of the attack coincided with a reunion gig between McCartney and Ringo Starr at the David Lynch fundraiser concert in New York on Saturday. Hackers used the occasion, the duo's first joint performance in seven years, and …
John Leyden, 08 Apr 2009
clock teaser

Poisoned websites staying contaminated longer

Compromised websites are staying infected longer. Some infected sites stay up and running for as long as two months, according to an annual report from web security firm ScanSafe. ScanSafe's Annual Global Threat report (published on Monday) also revealed that web threats including viruses, Trojans, and password stealers are …
John Leyden, 31 Mar 2008
The Register breaking news

Nine-ball attack splits security researchers

Security researchers are split over the seriousness of a web attack dubbed "Nine-ball" which broke onto the internet last week. Websense last week reported a web attack dubbed "Nine-ball", a moniker derived from the name of ninetorag.in, one of the malware hosts associated with the assault, had claimed 40,000 website victims. …
John Leyden, 23 Jun 2009
The Register breaking news

Cisco puts a virty router in the clouds

Nothing is what it appears to be in the data center any more. Servers have integrated storage and switching, routers and switches are getting servers. And virtual switches and now virtual routers are running inside of servers and blade enclosures. Nothing seems to know its proper place any more. Maybe it is convergence. Maybe …
The Register breaking news

Network Solutions customers hit by mass hack attack

Network Solutions' security team is battling a mysterious attack that has silently infected a "huge" number of the websites it hosts with malicious code. The mass compromise affects sites running WordPress, Joomla, and plain-vanilla HTML, according to reports here and here from Securi Security and Stop Malvertising. Many of the …
Dan Goodin, 19 Apr 2010
The Register breaking news

Zeus botnets suffer mighty blow after ISP taken offline

At least a quarter of the command and control servers linked to Zeus-related botnets have suddenly gone quiet, continuing a recent trend of takedowns hitting some of the world's most nefarious cyber operations. The massive drop is the result of actions taken by two Eastern European network providers. On Tuesday, they pulled the …
Dan Goodin, 10 Mar 2010
The Register breaking news

Gumblar Google-poisoning attack morphs

A Web attack that poisons Google search results is getting worse, according to security researchers. The attack first relies on compromising normally legitimate website and planting malicious scripts. US CERT reports that stolen FTP credentials are reckoned to be the main technique in play during this stage of the attack but …
John Leyden, 19 May 2009
Warning: biohazard

'Legit' website compromises reach epidemic proportions

Once upon a time surfers could stay unmolested by malware by staying away from warez and smut. Those days are well and truly over as changes in hacking tactics mean that compromised content on legitimate website has become the main conduit for so-called drive-by download attacks. Web security firm ScanSafe reports that two in …
John Leyden, 05 Jun 2008
channel

Cisco rolls out mobile VPN trifecta

It was back in October that Cisco first revealed its latest corporate vision to mush a whole bunch of enterprise Web 2.0-ish concepts into what it calls the new "borderless networks" architecture. It's something to do with combining in-house network kit and cloud-based technology to deliver services and applications to anyone, …
Austin Modine, 02 Mar 2010
The Register breaking news

Potent malware link infects almost 300,000 webpages

A security researcher has identified a new attack that has infected almost 300,000 webpages with links that direct visitors to a potent cocktail of malicious exploits. The SQL injection attacks started in late November and appear to be the work of a relatively new malware gang, said Mary Landesman, a researcher with ScanSafe, a …
Dan Goodin, 10 Dec 2009
The Register breaking news

Mass web infections spike to 6 million pages

An estimated 5.8 million pages belonging to 640,000 websites were infected with code designed to launch malware attacks on visitors, according to a report released Tuesday. The numbers, compiled over the third quarter by security firm Dasient, represent a significant jump in number of legitimate websites that have been …
Dan Goodin, 27 Oct 2009
Flag China

Mass SQL injection hits English language websites

Thousands of websites in China have been booby trapped with code written to download Trojan software onto visitors who run vulnerable Windows PCs. Unlike earlier rounds of SQL injection attacks the latest assaults mostly target English language sites (predominantly sites hosted in China but with a .com suffix) and purposefully …
John Leyden, 21 May 2008
The Register breaking news

Paris Hilton website violated by Trojan-spreaders

Virus authors reportedly planted malicious code on Paris Hilton's website late last week. Following the attack, surfers visiting the ParisHilton.com site were prompted to install an "update" via a dialogue box. Whether they accepted this update or decided to "cancel" it, a download of a malicious executable was initiated, …
John Leyden, 13 Jan 2009
The Register breaking news

Apple.com hit in latest mass hack attack

A hack attack that can expose users to malware exploits has infected more than 1 million webpages, at least two of which belong to Apple. The SQL injection attacks bombard the websites of legitimate companies with database commands that attempt to add hidden links that lead to malware exploits. While most of the sites that fell …
Dan Goodin, 17 Aug 2010
channel

Web viruses drop off despite IE exploit flap

Web viruses fell by half in September, despite recent high-profile Microsoft vulnerabilities. But spyware infections grew 21 per cent over the same period last month, according to a study by UK-based web filtering firm ScanSafe. Much attention was paid to Microsoft vulnerabilities and zero-day exploits last month but this didn' …
John Leyden, 18 Oct 2006
The Register breaking news

Mass infection turns websites into exploit launch pads

Malicious hackers have managed to infect about 57,000 web pages with a potent exploit cocktail that targets a variety of vulnerable applications to surreptitiously install malware on visitor machines. The exploits install an assortment of nasty software, including Gologger, a keystroke logging trojan, and a backdoor that …
Dan Goodin, 24 Aug 2009

Malware miscreants target parked domains

Malware authors are targeting parked domains in a bid to create a wider network of compromised zombie machines. About 100 domains parked at NameDrive, one of the top 200 websites in the world, were pointed to an "ad server" serving Trojan downloader malware. This server accounted for 10 per cent of web-based malware attacks …
John Leyden, 14 Aug 2007
The Register breaking news

Viral web infection siphons ad dollars from Google

A compromise that is moving virally across websites is making unwitting people who surf to them part of a botnet that redirects Google search results, a security researcher has warned. During the past week, the number of websites identified as infected have almost tripled, according to researcher Mary Landesman with real-time …
Dan Goodin, 14 May 2009
The Register breaking news

Mass hack plants malware on thousands of webpages

More than 100,000 webpages, some belonging to newspapers, police departments, and other large organizations, have been hit by an attack over the past few days that redirected visitors to a website that attempted to install malware on their machines. The mass compromise appears to have affected sites running a banner-ads module …
Dan Goodin, 09 Jun 2010
The Register breaking news

Webmasters targeted in cPanel look-alike phish

Fraudsters are targeting webmasters in a massive phishing campaign that attempts to trick marks into giving up credentials needed to administer their sites. The emails are sent to customers of some of the world's most widely used webhosts, including GoDaddy, Hostgator, Yahoo!, and 50Webs. Although the subject lines vary, they …
Dan Goodin, 07 Dec 2009
The Register breaking news

Surprise Adobe update grapples with critical flaws

Adobe published an out-of-sequence update for its Reader and Acrobat software packages on Tuesday that tackles a brace of serious flaws. The cross-platform Reader and Acrobat update fixes a vulnerability in the domain sandbox of the PDF technology that opens the door to possible exploits, more specifically unauthorised cross- …
John Leyden, 17 Feb 2010
The Register breaking news

Malware torrent delivered over Google, Yahoo! ad services

Some of the web's bigger websites were flooded with a torrent of malicious banner ads after cyber crooks managed to sneak them onto syndication services operated by Google, Yahoo, and a third company, according to a security firm. The ads - which attacked previously-patched vulnerabilities in Adobe's PDF Reader and Microsoft's …
Dan Goodin, 24 Sep 2009
Flag India

IndiaTimes website 'attacks visitors'

Visitors to the IndiaTimes website are being bombarded by malware, some of which appear to target previously unknown vulnerabilities in Windows, a security researcher warns. In all, the English-language Indian news site is directly or indirectly serving up at least 434 malicious files, many of which are not detected by antivirus …
Dan Goodin, 10 Nov 2007
The Register breaking news

Social sites a breeding ground for malware: report

Social networking sites are behind a surge in viruses, spyware and other "nasty stuff", according to web security firm ScanSafe's monthly report. According to an analysis of more than 5bn web requests in July, ScanSafe found that, on average, up to one in 600 profile pages on social networking sites hosted some form of malware …
Maxim Kelly, 10 Aug 2006
The Register breaking news

Major League Baseball pitches visitors foul ads

Once again, Major League Baseball's website has been caught serving ads designed to infect its considerable base of visitors with malware that trashes their machines. Partial screenshot of ad served on MLB.com Image credit: Sunbelt Software ScanSafe, a company that provides malware scanning for large companies, tracked banner …
Dan Goodin, 08 Jan 2009
The Register breaking news

Iran boasts of Stuxnet 'nuclear spies' arrests

Iran claims to have arrested spies it blames for planting the infamous Stuxnet worm on its network and attempting to clobber its Bushehr nuclear power plant. Heydar Moslehi, Iran's intelligence minister, told the semi-official Mehr news agency that the country had arrested an unspecified number of "nuclear spies" (nationality …
John Leyden, 04 Oct 2010
The Register breaking news

Spyware 'calling home' volumes soar

Outbound spyware transmissions from infested machines accounted for up to eight per cent of total outbound web traffic in pilot tests of a new managed spyware screening service. UK web security firm ScanSafe said the volume of traffic observed during a 10-week pilot test of its Spyware Screening service showed that spyware …
John Leyden, 25 Jul 2005
The Register breaking news

M86 picks up Finjan to tackle web-based threats

Content security firm M86 Security has acquired web security appliance firm Finjan in a deal designed to allow it to offer better protection against both email and web-based threats. Terms of the agreement, announced Tuesday, were undisclosed. The deal adds Finjan’s line of secure web gateway and security as a service products …
John Leyden, 03 Nov 2009
The Register breaking news

IE exploits top web security threat list

Internet Explorer exploits posed the fastest growing web security threat to enterprises in the last quarter, according to web security services firm ScanSafe. The top exploit (Exploit.HTML.Mht) was used to attack twice as many businesses as any other web security threat in Q2 2004. While Trojans and worms remain the most …
John Leyden, 02 Nov 2004
The Register breaking news

Hotmail 'phishing' campaign is small peanuts

Access to the 10,000 compromised Hotmail accounts at the centre of a high profile breach might be obtained for as little as $90 on the black market. Rik Ferguson, a security researcher at Trend Micro, argues that the importance of the online publication of 10,000 Live ID login credentials on developer website PasteBin.com and …
John Leyden, 08 Oct 2009
The Register breaking news

Microsoft knew of nasty IE bug a year before attacks

Microsoft was aware of a critical vulnerability in an Internet Explorer component at least 12 months before attackers started targeting it in lethal exploits that take full control of end-users' PCs, a member of its security team said Wednesday. The disclosure comes as attacks targeting the MSVidCtl ActiveX control vulnerability …
Dan Goodin, 09 Jul 2009
Warning: biohazard

Hackers load malware onto Mercury music award site

Hackers have been able to load malware onto the official Mercury music awards site, as well as hundreds of other sites, after breaking into the systems of US-based hosting firm DreamHost. DreamHost blamed a security flaw in its web control panel software for an attack that allowed hackers to compromise a "very small subset" of …
John Leyden, 07 Jun 2007
The Register breaking news

Security pros groan as zero-day hits Microsoft's SQL Server

Yet another zero-day vulnerability has been identified in a popular Microsoft product, this time in its SQL Server database. The revelation comes as miscreants are stepping up attacks on a particularly nasty bug in the latest version of Internet Explorer. The SQL Server bug could allow the remote execution of malicious code, …
Dan Goodin, 11 Dec 2008
The Register breaking news

Firm hunts for Nimda-like worms in Web traffic

London-based security outfit ScanSafe today launched a Net-based filtering service designed to counter Web-borne viruses and malicious code. Firms such as MessageLabs have made a successful business from weeding viruses in email traffic; ScanSafe is applying much the same methodology to HTTP traffic. ScanSafe scans for all Web …
John Leyden, 17 Feb 2004
The Register breaking news

Thousands of sites loaded with potent malware cocktail

Cybercriminals have laced about 2,000 legitimate websites with a potent malware cocktail that surreptitiously attacks people who browse to them, a security researcher warned Friday. Unlike past outbreaks of the mass web attack known as Gumblar, this round actually plants exploit code on the website servers themselves. Curiously …
Dan Goodin, 16 Oct 2009
Magnifying glass

Security gumshoes locate source of mystery web compromise

The source of the mystery infection of more than 10,000 websites back in January has been uncovered. Thousands of legitimate websites were compromised at the start of the year to serve up malware. It seemed that the exploitation of SQL Injection vulnerabilities was involved in the automated attacks. The precise mechanism was …
John Leyden, 16 Apr 2008
The Register breaking news

Mass web infection pinned on hardened crime gang

A mass compromise that has hit tens of thousands of English-language webpages is probably part of a much larger wave of attacks that's been under way since June by a sophisticated band of criminals, a security researcher said Wednesday. As reported Monday, the latest mass infection causes websites operated by health-care …
Dan Goodin, 27 Aug 2009
For Sale sign detail

MessageLabs branches out into web security

Net security firm MessageLabs is extending its services beyond email filtering with the launch of a trio of web scanning products on Monday. The UK-based firm is selling web anti-virus, anti-spyware and censorware (URL filtering) products in order to differentiate its offerings from managed service competitors such as …
John Leyden, 03 Oct 2005
channel

Alternative browser spyware infects IE

Some useful citizen has created an installer that will nail IE with spyware, even if a surfer is using Firefox (or another alternative browser) or has blocked access to the malicious site in IE beforehand. The technique allows a raft of spyware to be served up to Windows users in spite of any security measures that might be in …
John Leyden, 11 Mar 2005
channel

Gooner fan site nobbled by malware

An Arsenal fan site has been compromised to serve up sophisticated malware. Malicious code smuggled onto Onlinegooner.com redirected users to sites in Asia and Russia that download a wide variety of nasties onto vulnerable Windows PCs. The downloaded malware contains a potent cocktail of rootkit, keylogging, backdoor, ARP ( …
John Leyden, 29 Feb 2008
arrow pointing up

Grisoft acquires LinkScanner

Grisoft is to acquire Exploit Prevention Labs, a maker of software that gauges the safety of websites before end-users visit them. Grisoft will fold the technology into its AVG family of security software. The acquisition, which is expected to close by the end of the month, will help Grisoft compete against its three bigger …
Dan Goodin, 05 Dec 2007
Yahoo

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users

A Yahoo-owned advertising network became the unwitting ally of cyber crooks after it spewed millions of Trojan-laced banner ads on MySpace, PhotoBucket and other websites. The banner ads, which were brokered by Right Media, were served an estimated 12 million times over a three-week period starting in early August, according to …
Dan Goodin, 11 Sep 2007
Warning: biohazard

Mystery web infection grows, but cause remains elusive

The mystery over a cluster of poisoned websites distributing a toxic malware cocktail may be better understood but it's still not solved. Five days ago, we wrote about the infection of several hundred websites that was unlike anything seasoned researchers had seen before. Mary Landesman, a cyber gumshoe who first brought it to …
Dan Goodin, 16 Jan 2008
The Register breaking news

40,000 sites hit by PC-pwning hack attack

More than 40,000 websites worldwide have fallen under the spell of a sneaky piece of attack code that silently tries to install malware on the machines of people who visit them, security experts from Websense have warned. The mass attack has been dubbed Beladen because beladen.net is one of the internet domains used to unleash a …
Dan Goodin, 02 Jun 2009
channel

Mass web infection leaves researcher scratching her head

Security maven Mary Landesman is in the midst of piecing together a who-done-it involving the infection of hundreds of websites that are generating an enormous amount of traffic. Or maybe it's a how-done-it. Either way, she's mostly drawing blanks. Landesman is a researcher for ScanSafe, a company that monitors the web surfing …
Dan Goodin, 11 Jan 2008
HP

Microsoft and HP tackle SQL-injection scourge

With successful attacks against websites reaching epidemic levels, Microsoft and HP have released a free set of tools that help developers check their web applications for the mistakes that leave them open to exploits that can steal sensitive information and harm visitors. The tools are designed to scan websites for …
Dan Goodin, 26 Jun 2008
The Register breaking news

Hackers turn Cleveland into malware server

Tens of thousands of websites belonging to Fortune 500 corporations, state government agencies and schools have been infected with malicious code that attempts to engage in click fraud and steal online game credentials from people who visit the destinations, security researches say. At time of writing, more than 94,000 URLs had …
Dan Goodin, 08 Jan 2008
The Register breaking news

Symantec hedges bets with large stake in hosted security

Symantec, traditionally one of the more conservative firms in the security market, is attempting to pull off a high-wire balancing act with its surprise $695m acquisition of security software-as-a-service pioneer MessageLabs. The firm is betting that increased revenues in the hottest segment of the security market will justify a …
John Leyden, 10 Oct 2008