Saturday, March 31, 2007

Websense: ANI Zero-Day Update

Via Websense Security Labs.

Websense Security Labs(TM) is actively tracking more than 100 websites that are spreading the ANI "zero-day" exploit. Proof-of-concept (POC) attack code is also now available, and we expect additional attacks to surface.

Currently the majority of the attacks appear to be downloading and installing generic password stealing code. Also, as represented in the below graphs, most sites are hosted in China. Interestingly the most popular domain space being used is .com.

Due to the fact that POC code is now downloadable on the web, there is no patch from Microsoft, and the fact that some of the attackers we are tracking have infected hundreds of sites on the web, we believe that exploits will continue to surface and the numbers will get larger.

More here.

posted by Fergie @ 3/31/2007 04:18:00 PM

2 Comments:

At Tue Apr 03, 10:11:00 AM PDT, Blogger none said...

i just stumbled into here. i strongly suspect that your page is going to become a staple of my tech-news reading. mad props.

 
At Tue Apr 03, 10:14:00 AM PDT, Blogger Fergie said...

Thanks for the kind words.

- ferg

 

Post a Comment

<< Home