Malware-slingers are tapping into the buzz around a new Harry Potter site to mount a variety of scams designed to either defraud, infect or otherwise con would-be victims.

Proving that the bad guys out there are quick to adapt to anything that might drive traffic and thus dollars, the buzz around the upcoming pottermore.com site is providing a lot of opportunity for new scams.

Santander, a well-known banking site, has often been the target of phishers. In fact, Santander UK often makes the top-10 list of most popular targets according to Phishtank. Last week, we found a phishing site for the Brazilian branch, santander.com.br, that was receiving traffic from a DNS cache poisoning attack.

This shows just how dangerous DNS cache poisoning can be. Pay close attention to the subtle signs, such as the "secure" indicator in your browser to show the page has been encrypted. If in any doubt actually click on that little padlock and verify the certificate is from who you think it is.

Last week I blogged about the CVE-2011-2110 Adobe Flash vulnerability being actively exploited in the wild. Adobe released its patch exactly a week ago (Tuesday, June 14) ... I wanted to do a follow up to identify the patch rate within our enterprise customers.

Mike's follow-up review of the numbers of vulnerable Flash installations after Adobe's update released last week... scary numbers of vulnerable systems out there.

Zscaler Safe Shopping is already available for Firefox, Firefox Mobile (aka Fennec) and Google Chrome. Now, you can also download the extension for your Opera 11 browser. A version for Safari will be available soon as well.

Julien has been busy - he's now ported his Safe Shopping browser plugin to Opera, joining the existing versions for Firefox, Firefox Mobile and Chrome.

Opera users should download it now from https://addons.opera.com/addons/extensions/details/zscaler-safe-shopping/1.0/...

The "Dad walks in on Daughter.. EMBARRASSING!" Facebook scams have become very prevalent. I listed a few examples on our new blog, Zscaler Analyst Scrapbook. I'll go into more detail in this post.

There's no end to the scam attempts on Facebook. As ever, be very careful what you click on, and make sure your security solutions are up to date and effective.

This past Tuesday, June 14, a vulnerability (CVE-2011-2110) in the Adobe Flash Player was patched. This vulnerability is actively being exploited in the wild - prior to the patch, the earliest exploitation that we have seen in our logs thus far, dates back to early last Thursday (June 9th).

Flash and Acrobat are still topping the charts of active exploits - make sure your Flash Player is up to date!

The ultimate dream of a phisher it to be able to set up thousands of phishing sites freely, anonymously, and quickly. Luckily for them, PasteHtml.com offers a service which empowers them to do just that. It is a "Free anonymous web hosting" site, which allows anyone to create any page with a simple POST request.

Trust the phishers and scammers to find a way to abuse a useful service. Be careful of any site that links you out to hosting services such as pastehtml.

Recently, I have noticed a significant increase in the usage of the Incognito exploit kit. Similar to the Blackhole exploit kit, Incognito also targets vulnerabilities in Java and Adobe products.

Use of the Incognito exploit kit is on the rise. Incognito attempts to exploit known vulnerable ActiveX controls, the Java Deployment Toolkit and Acrobat Reader.

multiple domains using IP "178.18.243.219" were found to be Blackhole exploit kit. Further analysis confirmed distribution of evil contents using these domains.