Home l Company l SERVICES l Training l Partners l Threats
IT Security Specialists - Digital Boundary Group's record in servicing the security verification needs of the North American law enforcement, financial services, professional services, municipal government and utilities sectors is founded upon our understanding of the mandate of these organizations to protect the confidentiality, integrity and availability of the sensitive data they obtain in the course of their operations and to operate in a safe and secure manner. Our company provides the best in operational security assessments, security auditing and regulatory compliance assessments along with network security training and computer user social engineering training.
Current Threat Status
IT Security Specialists - Digital Boundary Group's record in servicing the security verification needs of the North American law enforcement, financial services, professional services, municipal government and utilities sectors is founded upon our understanding of the mandate of these organizations to protect the confidentiality, integrity and availability of the sensitive data they obtain in the course of their operations and to operate in a safe and secure manner. Our company provides the best in operational security assessments, security auditing and regulatory compliance assessments along with network security training and computer user social engineering training.
ELEVATED RISK
This condition applies when knowledge of or the expectation of a reasonably harmless or containable computing threat is present.

 Adobe Vulnerability April 2008 

A vulnerability has been reported in Adobe Photoshop Album Starter Edition 3.2 and Adobe After Effects CS3, which potentially can be exploited by malicious people to compromise a user's system.  The vulnerability is caused due to a boundary error when handling BMP files. This can be exploited to cause a buffer overflow via a BMP file having a malformed header.  Successful exploitation may allow execution of arbitrary code via specially crafted BMP file. Other Adobe versions may also be affected.

For further information:

http://www.adobe.com/support/security/advisories/apsa08-04.html


 Microsoft GDI Vulnerability April 2008 

An exploit targeting a GDI vulnerability patched by Microsoft on April 8, 2008 has been detected as active in the wild.  The malicous image targets the Microsoft Windows GDI Stack Overflow Vulnerability (BID 28570).  At least three different sites are hosting the images; two different malicious binaries are associated with the attacks.  Additionally, exploit code has been posted at Milworm.  Users are advised to apply the MS08-021 patches immediately.


 Adobe Flash Player Vulnerability April 2008 

On April 8, 2008, Adobe released a security bulletin for Flash Player that includes a vulnerability that remote attackers can leverage to execute arbitrary code.  Attackers could create a malicious Flash object embedded in a web page or email to gain access to a vulnerable system.  Adobe has reported that Flash Player 9.0.115.0 (and earlier) and 8.0.39.0 (and earlier) are affected.  Patches are available.  The vulnerabilities have not been seen in the wild.  Adobe considers this a 'critical' update and recommends that customers upgrade to Flash Player 9.0.1.24.0 to fix the issue.

Adobe's security bulletin:
http://www.adobe.com/support/security/bulletins/apsb08-11.html

Bugtraq entry:
http://www.securityfocus.com/bid/28694


Archived Threats
 Trojan.Peacomm - Moderate Risk (3) January 2007   
Trojan.Peacomm is a Trojan horse that drops a driver program file to download additional security threats.  This threat is currently building a peer-to-peer botnet.



 Zero Day Flaw Microsoft Excel January 2008   

Microsoft has released Security Advisory 947563 to address reports of public exploitation of a zero day flaw in Microsoft Excel. This issue affects the Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac versions. Exploitation would require a victim to open a malicious Office file.


 Peacomm & April Fools' Day April 2008   

Peacomm beginning to propagate with April Fools' spam

On March 31, 2008, reports began circulating that Trojan.Peacomm is attempting to propagate using spam emails leveraging April Fools' Day titles and jokes.

The following is a list of known subject lines for the April Fools’ variant of Trojan Peacomm:

  • Surprise !
  • Happy April Fools Day !
  • Happy Fools Day !
  • Gotcha! April Fool !
  • Doh! April's Fool

Users should refrain from opening unsolicited emails from untrusted sources and be wary of any "April Fools’" emails.

Peacomm is also known as:

  • Small.DAM [F-Secure]
  • CME-711 [Common Malware Enumeration]
  • Troj/Dorf-Fam [Sophos]
  • Downloader-BAI!M711 [McAfee]
  • TROJ_SMALL.EDW [Trend]
  • W32/Tibs [Norman]
  • Troj/Dorf-J [Sophos]
  • W32/Zhelatin.gen!eml [McAfee]
  • Email-Worm.Win32.Zhelatin [Kaspersky]


Copyright © Digital Boundary Group. All Rights Reserved. | powered by webAssist Inc.