Browse archive

Latest news

Experts highlight top data breach vulnerabilities

Review: Logging and Log Management

Commission wants to minimize U.S. IP theft economic impact

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

Guantanamo cuts off Wi-Fi access due to OpGTMO

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

Fake LinkedIn emails serve malware

Posted on 19.03.2012

Emails purportedly coming from business-related social network LinkedIn have been hitting inboxes in the last couple of days, ostensibly reminding recipients of invitations they received:

Unfortunately, the offered links take the users to a website hosting the BlackHole exploit kit, and if successful in taking advantage of existing vulnerabilities, it installs the well-known credential-stealing Cridex Trojan on the victims' machine.

"This particular run shares the IP address 41(dot)64(dot)21(dot)71 with various BBB and Intuit spam runs from recent weeks," points out GFI's Chris Boyd.

As always, users are advised not to click on links found in unsolicited emails, but to check their various accounts by visiting the websites via their own bookmarks of by typing the correct URL into their browser's address bar.