(Dec 11) A heap-based buffer overflow was discovered in bogofilter, a software package for classifying mail messages as spam or non-spam. Crafted mail messages with invalid base64 data could lead to heap corruption and, potentially, arbitrary code execution. [More…]
(Dec 10) An updated openshift-console package that fixes one security issue is now available for OpenShift Enterprise. The Red Hat Security Response Team has rated this update as having [More…]
(Dec 10) Updated openstack-glance packages that fix multiple bugs and add various enhancements are now available for Red Hat OpenStack Essex. 2. Relevant releases/architectures: [More…]
Netcraft’s new phishing attack map provides a real-time visualisation of the phishiest countries in the world. Measurements are determined by using IP address delegation information to attribute current phishing sites in our Phishing Site Feed to countries. We then use the number of active sites found by our Web Server Survey to calculate and display the ratio of phishing attacks to web sites in each country.
A few themes become immediately apparent when studying the map. Countries with poor internet access may host very few phishing attacks, or even none at all, and therefore may appear very safe; however, countries with an extremely small number of websites can prove very volatile: For example, the Falkland Islands appears incredibly phishy by virtue of the fact that out of only 38 active sites hosted in that country, one of them is currently blocked for phishing.
Countries which respond slowly to taking down phishing sites are more likely to have a higher proportion of their sites engaged in phishing at any one time. As the map displays only currently blocked phishing attacks, this characteristic is highlighted particularly well in Morocco, which is the second phishiest country with nearly 200 of its 11,000 sites blocked.
Fraudsters commonly host their phishing sites on compromised servers, as this does not require a purchasing transaction, making it more difficult to correctly identify the perpetrators. Shared hosting services tend to be the least secure, so countries with a large number of sites running on shared hosts are likely to attract the attention of fraudsters.
Countries which host a large number of vulnerable and commonly targeted web applications consequently host a large number of phishing attacks, notwithstanding their responsiveness to takedown requests. This perhaps explains why the US appears phishier than either Russia or China, and some US hosting companies host more phishing attacks than entire European countries, as they provide proportionately more WordPress and hosting control panel administered sites, plus shared IP hosting configurations that allow customer content to be accessed from any domain that resolves to the same IP address. Our datasets show that these are the most favoured platforms for hosting fraudulent content on compromised servers.
More information:
Please contact us ([email protected]) for pricing or further details about any of our anti-phishing services.
The following new functionality has been added:
[+] Ability to manage amount of auto-reply answers in Plesk GUI has been added. Deatils in article http://kb.parallels.com/en/112946 (91429)
The following bug has been fixed:
[-] (Windows only) dbbackup.exe consumes a lot of memory when copying MS SQL database (122635)
[-] mailmng fails on Debian 6 x64 with error “symbol EVP_CIPHER_CTX_init, version libmysqlclient_16 not defined in file libmysqlclient.so.16 with link time reference” after libmysqlclient package update (122745)
51 queries. 8.75 mb Memory usage. 0.386 seconds.