Criminals are exploiting social networking Web sites such as MySpace, Facebook and Bebo to trick and defraud users, according to a report from McAfee Inc.
    Fraudsters are befriending users to persuade them to provide personal information, open attachments and click on links and gain access to online bank accounts, a report McAfee conducted with forensic psychologist Clive Hollin shows. McAfee is the world's second-largest anti-virus company.
    Online scams are the fastest-growing category of fraud in Europe, Santa Clara, Calif.-based McAfee said, citing the European Commission. Easy access to details such as users' nicknames, hobbies and film preferences on social networking sites including News Corp.'s MySpace helps scammers trick users through familiarity, the company said.
    ''We believe that cyber criminals are going out and developing these pages and developing networks of friends to try and get information,'' McAfee Security Analyst Sal Viveros said in an interview.
    The ''MySpace and Facebook generation'' often don't question the legitimacy of e-mails and have been hit by identity-theft scams and other fraud, McAfee said.

We received large amounts of .PDF spams today. At first glance, we think these .PDF files may be spreading by some malwares. However, after we anylized these .PDF files, we found that the contents of these .PDF files were the same as early stock spams.

When users open these .PDF files, some images are displayed.

Today, Hong emailed me with yet another Google XSS vulnerability. This time it is in the way Google’s filtering engines work to protect its users from malicious HTML in the Google documents. I’ve seen this exact hole a number of times in sites that allow WYSIWYG editors. Unfortunately, just because it’s rendered, it doesn’t make it safe. Things like that are also often vulnerable to iframe injection as well. Here’s his email. Edited only for formatting.

Here they are:

The Black Hats form a well integrated community that shares knowledge effectively.

Should you, after months of research and effort, create an exploit that allows you to hack Windows or any other frequently used software product, you can auction the exploit on the internet in a well organised manner. Yes, the hackers have their own auction sites (it's true). And if you're looking to write a virus, say, well, there are hundreds of sites out there that can provide you with source code to help you construct something really fiendish. Different modules for setting up a mail server or planting a specific Trojan or whatever. Open source is all the rage, even among hackers.

Becoming a Black Hat is a career option even for those who are not super geeks.

Time was when Black Hats needed to have a computer science degree or a similar level of exposure to computer technology in order to operate effectively. It's comforting to know, should you want to become a Black Hat, that the barriers to entering the trade are much lower now. It's true that you'll never become a "legendary Black Hat" if you can't cut a little C++ code. Nevertheless, out there on the internet there are websites where you can buy fully functional software for launching exploits that others have written for you. Yes, there are indeed hacker-devoted software products freely available for purchase by anyone capable of installing software. $200 or so should buy you something useful (including updates).

 Just three days after the PoCs for 2 Yahoo! Messenger vulnerabilities have been posted (http://isc.sans.org/diary.html?storyid=2943), we’ve been informed by Roger C. from the Malware-Test Lab about a site hosting exploits for the mentioned vulnerabilities.

The exploit is referenced the standard way – an iframe points to the web site hosting the exploit (n.88tw.net). The exploit has been pretty simply obfuscated. One thing that makes it easier to identify is the object creation – for some reason attackers left it outside of the obfuscated string so it is very easy to spot:

The Linux® kernel is the core of a large and complex operating system, and while it's huge, it is well organized in terms of subsystems and layers. In this article, you explore the general structure of the Linux kernel and get to know its major subsystems and core interfaces. Where possible, you get links to other IBM articles to help you dig deeper.

Given that the goal of this article is to introduce you to the Linux kernel and explore its architecture and major components, let's start with a short tour of Linux kernel history, then look at the Linux kernel architecture from 30,000 feet, and, finally, examine its major subsystems. The Linux kernel is over six million lines of code, so this introduction is not exhaustive. Use the pointers to more content to dig in further.

Danny has discovered two vulnerabilities in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.

1) A boundary error within the Yahoo! Webcam Upload (ywcupl.dll) ActiveX control can be exploited to cause a stack-based buffer overflow by assigning an overly long string to the "Server" property and then calling the "Send()" method.

2) A boundary error within the Yahoo! Webcam Viewer (ywcvwr.dll) ActiveX control can be exploited to cause a stack-based buffer overflow by assigning an overly long string to the "Server" property and then calling the "Receive()" method.

Yahoo issued an emergency patch on Thursday, after a company spokesperson's description of two flaws in Yahoo Messenger 8 apparently gave a security researcher enough information to quickly develop exploits for the vulnerabilities.

On Tuesday, security firm eEye Digital Security announced that it had discovered two vulnerabilities in the software, but did not disclose the details. The next day, a Yahoo representative -- quoted in an article in Information Week -- described the flaws as buffer overflows in the ActiveX control responsible for "Web cam image upload and viewing."

For most Internet users, defending against phishing attacks is a top priority. Typically, phishing attacks involve phony emails and fraudulent web sites that try to lure users into disclosing user names, passwords and other personal information, such as credit card numbers and social security numbers.

The damage caused by phishing attacks ranges from loss of access to your web account to identity theft. Once the personal information is obtained, the phishers may use one’s details to steal money, create fake accounts etc.

One popular way to combat phishing attacks is to maintain a list of known phishing sites and to check web sites against the list. This hack highlights 10 anti-phishing Firefox extensions that can be used to mitigate the risk of being a victim of a phishing attack.

The first book on BSD Rootkits was recently published. Federico Biancuzzi interviewed the author, Joseph Kong, to learn more about the dark art of kernel voodoo...

Could you introduce yourself?

Joseph Kong: I am a relatively young (24 years old) self-taught computer enthusiast who enjoys working (or playing, depending on how you look at it) in the field of computer security; specifically, at the low-level. In the past I have contributed to Phrack Magazine, and I just recently finished writing my first book (Designing BSD Rootkits) published by No Starch Press.

Interested readers can find more information about me at thestackframe.org.