Since the Flotilla incident about 2 weeks ago, we’ve been witnessing many clashes over the net between both sides, especially between the Israelis and the Turks; most of which have been over the social networks e.g. Facebook.

Several Israeli websites have been hacked by Turkish hackers and political messages and pictures were planted instead of the original content.

In the last couple of days we started to see Israeli facebook accounts that were hacked by Turkish hackers, changing the profile pictures to the Palestinian Authority flag and to caricatures related to the Palestinian-Israeli conflict. In some cases messages like “Free Palestine” were added to the status text of users whose accounts were hacked, and links to streaming movies about the Turkish army were planted.

We have received some reports regarding a new Paypal phishing spam that is being spread over the net. Please also be aware that it contains an attchment with double extenssion, e.g. PayPal - Email Reset Form.pdf.zip which contains a java script.

Here is an example of the mail:

Subject: Email adress has been successfully changed   

Message body: 

Dear PayPal member,

You have added (XXX at msn.com) as a new email address for your
PayPal account.

If you did not authorize this change, check with family members
and others who may haveaccess to your account first. If you still
feel that an unauthorized person has changedyour email.   

Please download and unzip the form attached to your email . 

Submitting this form you will unlimit and restore your PayPal account .

If you are using Internet Explorer please allow ActiveX for scripts 

to perform all data transfers securely .

Thank you for using PayPal !

The PayPal Team        

Microsoft has released an advisory regarding a new zero-day IE6 and IE7 vulnerability: http://www.microsoft.com/technet/security/advisory/981374.mspx

eSafe will be able to detect the exploit from SV140 which is scheduled to be released today. Detection name: as JS.CVE-2010-0806

More information will be published later on.

Hackers are spreading a rumor regarding Facebook, describingit as a botnet that is used it to infect Facebook users with rogueanti-malware.

In the last 48 hours a rumor was spread claiming that an“unnamed app” in Facebook is actually a bot Trojan. The rumor was a hoax, andhackers used it to distribute malicious fake antivirus software (Rougeanti-malware). When Googling for “unnamed app”, people received links to siteswhich pose as security sites but are actually fake antivirus traps – rogueanti-malware sites.

Please be aware.