Last week, for the second time since June, Google warned his Gmail users of possible state-sponsored attacks. According to Mike Wiacek, a manager on Google’s information security team, Google started to alert users to state-sponsored attacks three months ago. Meanwhile the security team has gathered new intelligence about attack methods and the groups deploying them, and that information was used to warn “tens of thousands of new users”, possible targets of the attack.
In the last few days I have received a couple of advises regarding the fact that some URL filter engines flagged several pages of my blog as malicious. One page in particular appears to have been inserted inside the category of Malicious sites.
Unfortunately so far I have not been able to identify the URL Filter technology that has categorized that page as malicious and. Of course, I would greatly appreciate if someone who encountered the same problem could be so kind to provide me some additional details. In any case I believe that the semantics of the site (probably full of long links and terms as “malware”, “hacking”, and so on) has tricked the content filter engine (why apparently just that specific page has been affected, is something I cannot explain right now).
Targeted attacks exploiting endpoint vulnerabilities are becoming more and more common and increasingly aggressive.
For this reason I could not help but notice the last report from NSS Labs dealing with the capability of 13 consumer grade AV products, to protect against two critical Microsoft vulnerabilities (CVE-2012-1875 and CVE-2012-1889). The successful exploitation of these critical vulnerabilities could result in arbitrary remote code execution by the attacker leading to very harmful consequences for the victim, such as, for instance, to make it become part of a botnet. Unfortunately a very common scenario in these troubled days.