
BBC and CNN spam linked to Blackhole exploit kit
Hackers mount phishing scam with bogus Pope sex scam news reports

Security firm AVG has linked a series of malicious email messages masquerading as news alerts from the BBC and CNN to the infamous Blackhole exploit kit.
AVG reported uncovering malware-infested messages purporting to be news alerts for BBC and CNN alerts, with titles such as "New Pope sued over sex abuse".
Businesses have been warned that the fake messages included malicious links to malware-laden sites related to the Blackhole exploit kit.
"AVG Web Threats researchers have found spam from scammers using the Blackhole exploit kit that use the issue of sex abuse scandals in the Catholic Church as bait," AVG warned.
"Clicking on the link in the email takes the victim to an exploit kit. The Java download icon suggests that Java is being used to exploit the users PC."
The security vendor said that it has since linked the attack to several other bogus BBC news alert messages.
"The researchers discovered another message that the same malicious individual or group is using in their spam campaign. It reports another user saw an BBC News report on the Cyprus debt deposit tax and thought you should see it," reads AVG's statement.
The scam is one of many to target flaws in Oracle's Java platform. Previously, numerous security firms have reported detecting automated scams using exploit kits like Blackhole targeting Java.
Most recently security firm MalwareBytes reported detecting a new ransomware variant being spread by the Neutrino exploit kit, targeting Java with a fake Skype file.
Finnish security F-Secure to said the influx of new attacks means Java is currently cyber criminals' victim of choice in its 2012 H2 Threat Report in February.
V3 Latest
TSMC starts high volume production of 7nm chips
Claims to have "the most competitive logic density" in the industry
Dell unveils Precision 5530 2-in-1 mobile workstation with Radeon Pro WX Vega M GL graphics
Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs
Europol coordinates close down of 'world's biggest' DDoS-for-hire service
Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia
Almost 90 per cent of UK websites suffer from 'serious' security flaws
Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws