Criminals like to attack the biggest target because BIGGER generally provides a better Return On Investment (ROI). Windows is a good example. Mac is indeed safer than Windows but it isn't necessarily because Mac is more secure. Windows has a larger market share and that equals more potential victims.

How about search engines? What is the biggest search engine on the block? Google — and the bad guys know it. The result?

It's becoming less and less safe to search via Google.

Charlie Miller, the Pwn2Own contest winner for two years in a row, gives his take on Internet security. Guess what — your Mac OS is no less vulnerable than its Microsoft Windows counterpart.

Windows 7 or Snow Leopard, which of these two commercial OS will be harder to hack and why?

Executive Summary

Gozi is a well known Trojan that has been around for a number of years now.

Paul, an avid reader of our blog asked us to investigate flabber.nl since it led him to a Rogue-hosting website. When we initially checked it, we found nothing. Must be those geolocation-sensing ads. To solve that, Paul sent in packet logs of when he visited flabber.nl.

And soon it showed that one ad goes a long way.

+partner.googleadservices.com
++pubads.g.doubleclick.net
+++ad.bannerconnect.net
++++ad.yieldmanager.com

We were recently asked some questions about Mac security. Mikko's comments can be read at CNET.

Also in Apple news, iPhone/iPod touch OS 3.1.3 has been released and there are security fixes.

(Not that it's mentioned during the update.)

And speaking of iPhones, they're vulnerable to remote attack on SSL.

As a followup to our early Jan Bredolab email blast warning, this post presents technical details and functionality about the payload accompanying the delivery notice + invoice attachment.

The wait is over. Apple has, finally, entered the tablet market with the iPad. Mike Romo, Sr. Product Manager for Mac products, has some initial thoughts...

Banload is a malware name that is typically associated with banking trojan downloaders, but the Banload-detected sample covered in this post is a bit different than the norm.  The MD5 hash for this sample is 707D3477CBBEAD4923B17CE353D9761D. And, just to note, currently click fraud is reported elsewhere to challenge even the biggest, most technologically advanced online advertising companies.

In an early-2009 literary flourish we condemned spammers to hell, discussed the Tedroo spambot’s increased momentum due to the shutdown of other botnets, posted screenshots of the Tedroo spewed pharmaceutical spam and related scam sites, and noted its distribution via malicious pdf files. Tedroo’s increased presence and its distribution is continuing into 2010.

There's a 0-Day PDF exploit taking advantage of a vulnerability found in Adobe Reader and Acrobat 9.2 and earlier. Adobe has issued an advisory on their PSIRT blog.

The screenshot below, pulled from our automation, shows that when the PDF file is opened in Adobe Acrobat/Reader it attempts to download an executable file. The server has been abused but is currently active.