General discussion

NEWS - April 13, 2010

Google chief 'paranoid' on security after China attack

"Schmidt spins Chrome for security line after epic fail"

Google's chief exec said the search engine giant is paranoid about further security attacks in the wake of a high-profile assault it blames on hackers in China late last year.

Answering questions following an presentation before 400 chief information officers at the Atmosphere 2010 cloud technology conference on Monday, Eric Schmidt said Google took the unusual step of going public about targeted attacks against the firm involving attempts to steal intellectual property as a warning to others.

The attacks, which also targeted the Gmail accounts of Chinese dissidents, relied on exploits against a then unpatched flaw in IE 6 and affected at least 30 other blue-chip firms as well as Google.

Continued here: http://www.theregister.co.uk/2010/04/13/google_security_paranoia/

More (with notes from the interview) here: Eric Schmidt: Mobile Is The Future, And There?s No Such Thing As Communication Overload
Discussion is locked
Follow
Reply to: NEWS - April 13, 2010
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - April 13, 2010
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
MSRT Not!

In lieu of the MSRT update today:

Microsoft?s Windows Malicious Software Removal Tool is a popular utility that removes various malware infections. Microsoft updates the tool on the second Tuesday of each month. It is part of the Windows update, so you may or may not be aware of having seen it before.

MSRT is part of Microsoft?s overall effort of disinfecting infected PCs that may be acting as bots. [...]

The bad guys have developed their own MSRT: [...]

It is fake of course, and comes after being infected through a drive-by download. This particular one originated from: jl.chura.pl/rc/{removed}?spl=DirectX_DS

This domain is hosted in Moldova.

The fake tool may install on your system as ?Protection System?: [..]

Continued (with more screenshots) here: http://blogs.paretologic.com/malwarediaries/index.php/2010/04/08/msrt-not/

With thanks to Harry Waldron.

- Collapse -
Trojan threatens legal action

In addition to yesterday's news item: ICPP Copyright Foundation is Fake ..

A number of anti-virus software vendors are reporting a particularly brazen piece of ransomware. It claims to be an anti-piracy scanner and to have discovered copyrighted files ? torrent files to you and me ? on the victim's computer. It pops up a big window listing the files found and warning of potential legal consequences for the user. The trojan finds its way onto victims' computers via scareware websites, although users apparently download and install it themselves.

According to analysis by Dancho Danchev, the trojan does in fact genuinely search the hard drive for torrent files and displays a list of any files found. The pop-up window is even localised for different countries and can display the dialogue text in German, Danish, Dutch, French or Italian, as well as other languages.

Continued here: http://www.h-online.com/security/news/item/Trojan-threatens-legal-action-976653.html

From Dancho Danchev: Copyright Violation Alert Themed Ransomware in the Wild

Also See: Malware Threatens to Sue BitTorrent Downloaders

- Collapse -
Third of XP security suites flunk tests

"'Crashes, freezes, hangs and errors' blight VB run-through"

A third of 60 anti-malware products for Windows XP failed to make the grade in independent security tests.

20 out of 60 security products tested by independent security certification body Virus Bulletin flunked its rigourous VB100 certification, mainly because of false positive problems. False alarms in scanning benign files from major providers including Adobe, Microsoft, Google and Sun tripped up many of the products under test. Failure to detect complex polymorphic viruses also acted as a stumbling block during Virus Bulletin's largest ever test of anti-malware products to date.

Win XP security products from Microsoft, Frisk, Norman and Fortinet were among those who failed to make the grade.

VB Anti-malware Test Director John Hawes said the test team were also disappointed by frequent stability problems in tested product. "It was pretty shocking how many crashes, freezes, hangs and errors we encountered in this test," Hawes said.

"XP has been around for a long, long time now and is still the world's most widely used computing environment - so developers should be producing rock-solid software for it time after time."

Continued here: http://www.theregister.co.uk/2010/04/13/winxp_anti_malware_tests/

- Collapse -
Info-scrubbing algorithm unveiled to protect patient privacy

"Medical data without the secrets"

US researchers have devised a novel way to protect the privacy of patients whose medical histories are included in public databases and electronic medial records, according to news reports.

The method, which was unveiled Monday by researchers from Vanderbilt University in Nashville, masks parts of a patient's records that aren't relevant to a particular inquiry. By generalizing vast amounts of clinical information, patients remain anonymous while still supplying researchers with data that's relevant to a specific project or topic.

The information-scrubbing algorithm has so far withstood simulated attempts to identify the individuals using data belonging to more than 2,600 patients. The mock hack assumed the would-be attackers knew the patient's identity and some or all of the patient's itemized medical history.

"There is definitely a need to de-identify individuals," Nils Homer of the University of California at Los Angeles, told Science News. He was part of a team that demonstrated two years ago that it was possible to trace a genetic signature back to the individual even when the patient's DNA profile was buried in a pool of thousands.

Continued here: http://www.theregister.co.uk/2010/04/13/clinical_database_privacy/

- Collapse -
Twitter Reveals Business Model

"Promoted Tweets" will bring ads into the stream of real-time conversation.

At long last, Twitter has announced its business model. The company has grown explosively since its launch in 2007 and there has been intense speculation about how it could make its popular service profitable. The plan is to use an advertising model that it calls "Promoted Tweets."

In the first phase of the plan, Promoted Tweets will appear at the top of Twitter search results. They'll be just like regular tweets, meaning that users can reply, retweet them, or favorite them. But they will be clearly labeled as advertising.

Twitter co-founder Biz Stone wrote in a blog post that these aren't just a repeat of Google's sponsored search results:

' There is one big difference between a Promoted Tweet and a regular Tweet. Promoted Tweets must meet a higher bar--they must resonate with users. That means if users don't interact with a Promoted Tweet to allow us to know that the Promoted Tweet is resonating with them, such as replying to it, favoriting it, or Retweeting it, the Promoted Tweet will disappear.'

Continued here: http://www.technologyreview.com/blog/editors/25045/

Also : Twitter goes corporate, adds search ads

- Collapse -
Adobe, Microsoft Push Security Upgrades

Software giants Adobe and Microsoft today each released software updates to fix critical security flaws in their products. In addition, Adobe is rolling out a new auto-updater tool that should make it easier for hundreds of millions of Adobe Reader users to more safely run one of the most frequently attacked software applications.

Microsoft released 11 security updates that collectively fix at least 25 vulnerabilities in versions of Windows, Office, Exchange, and other Microsoft products.

Redmond said customers should install all of the relevant updates, but it called attention to a few as particularly urgent. Among those is a patch for all versions of Windows that fixes a bug which could allow attackers to fool Windows into thinking that a malicious program was created by a legitimate software vendor, said Joshua Talbot, security intelligence manager, Symantec Security Response.

?This vulnerability allows an attacker to force Windows to report to the user that the application was created by any vendor the attacker chooses to impersonate,? Talbot said.

Another patch fixes a flaw that is critical on Windows 2000, XP, Server 2003 and Server 2008, and could be triggered just by visiting a Web page hosting a specially-crafted .avi video file. A separate critical bug patched today for Windows 2000 and XP users is another browse-a-bad-site-and-get-owned type of flaw.

Adobe issued an update to its PDF Reader and Acrobat software that fixes at least 15 security flaws in those programs. Adobe labels this update ?critical,? meaning the attackers could use the security holes to crash the programs and seize control over a vulnerable system.

As promised, Adobe also is including a new updater technology with the latest version of both Reader and Acrobat (version 9.3.2) on both Windows and Mac systems. Adobe said the new updater includes an option to let Adobe ?automatically install updates,? although the company said it will respect whatever update settings users currently have selected (the default is ?download all updates automatically and notify me when they are ready to be installed?). Adobe?s Brad Arkin has more on this new updater in a post on Adobe?s ASSET blog.

As per Brian Krebs here: http://krebsonsecurity.com/2010/04/adobe-microsoft-push-security-upgrades/

- Collapse -
FYI: A-squared Anti-Malware Name Change

From the Emsisoft Newsletter:

Name change: Emsisoft Anti-Malware

Farewell a-squared! As of version 5.0 "a-squared Anti-Malware" will now be called "Emsisoft Anti-Malware".

This change is being made for the following reasons:

* Too many non-English speaking customers have problems correctly speaking the name "a-squared".
* Although the name "a-squared" is unique worldwide it says nothing about the nature of the software.
* Product names that are too long have proven somewhat confusing in the past.

Here: http://www.emsisoft.com/en/kb/articles/news100412/

CNET Forums