Spyware, Viruses, & Security forum

General discussion

NEWS - February 20, 2008

by Donna Buenaventura / February 19, 2008 7:44 PM PST
Discussion is locked
You are posting a reply to: NEWS - February 20, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - February 20, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Incredible -- C-NetMedia still continues its grossly
by Donna Buenaventura / February 19, 2008 7:46 PM PST
Collapse -
Update mechanisms in utility software
by Donna Buenaventura / February 19, 2008 7:48 PM PST

Internet Storm Center blogs:

"Default inbound firewalling has significantly limit the network attack surface posed by core services. Today issues with tools such as Quicktime, Acrobat Reader, Flash, Realplayer and others are causing users to get compromised. The good thing about these massively deployed applications is that they usually have strong update mechanisms. Shortly after a vulnerability is identified and fixed, the user is prompted to update.

This is not the case with all pieces of software, though. There?s plenty of software that is not installed on a whopping 80% of all machines, but is popular with a specific userbase. At the Internet Storm Center, we have recently for example seen the increased use of exploits targeting users of WinRAR, a popular archiver. While each of these vulnerabilities has been remedied years ago, they are still being used to compromise users.
"

http://isc.sans.org/diary.html?storyid=4001

Collapse -
ISC: Digital Photo Frame replies
by Donna Buenaventura / February 19, 2008 7:52 PM PST

For those who are curious whether their Digital Photo Frame is infected, ISC blog their reply:

"Several people wanted to know if their particular frame has been reported to be infected.

At this point the only 3 that have been identified by name are the Insignia 10.4?, the ADS 8? and Uniek brand.

Many people wanted to know how they can tell if their computer has been infected by their digital frame."

Read about it at http://isc.sans.org/diary.html?storyid=3995

Collapse -
Harvard Web site hacked; database on file-sharing site
by Donna Buenaventura / February 19, 2008 8:00 PM PST

One of Harvard University's Web sites appeared on Monday to have been hacked, with its contents appearing on the BitTorrent file-sharing network.

A compressed 125MB file described as the database for the Web site of Harvard's Graduate School of Arts and Sciences is available via the BitTorrent peer-to-peer network. The file is listed on The Pirate Bay, a Web site that indexes torrents, or small information files that coordinate the download of content from other users on BitTorrent.

The Web site for the Graduate School of Arts and Sciences was offline on Monday.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9063198&intsrc=news_ts_head

See also earlier post of Microsoft MVP Linda Layton at: http://forums.cnet.com/5208-6132_102-0.html?forumID=32&threadID=284592&messageID=2708346

Collapse -
Microsoft scrambles to quash 'friendly' worm story
by Donna Buenaventura / February 19, 2008 8:02 PM PST
Collapse -
'Hacker' launches iTunes copying
by Donna Buenaventura / February 19, 2008 8:04 PM PST

The release of software from a firm run by a notorious Norwegian hacker is likely to cause waves in the music and film download world.

Jon Lech Johansen became the "enfant terrible" of the DRM industry when he released software which cracked the encryption codes on DVDs, aged just 15.

His firm, DoubleTwist, has now released software allowing users to share digital media files across devices.

It would allow songs bought on Apple's iTunes to be shared on other devices.

http://news.bbc.co.uk/1/hi/technology/7253542.stm

Collapse -
(ISC)
by Donna Buenaventura / February 19, 2008 8:06 PM PST

(ISC)

Collapse -
Vista SP1 prerequisite updates send some PCs into endless re
by Donna Buenaventura / February 19, 2008 8:09 PM PST

Updates that Microsoft Corp. began feeding Windows Vista users last week to prep PCs for next month's release of Service Pack 1 (SP1) have crippled some machines, according to messages posted to the company's support site.

Microsoft said it is investigating the reports.

Last Tuesday, Microsoft started sending Vista users two final prerequisite updates that are required before SP1 can be installed in March. The updates to the operating system's install components were delivered via Windows Updates, which automatically downloaded and installed them on the majority of Vista machines.

Users quickly started squawking.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9063158

Collapse -
Laptop wipes self to beat thieves
by Donna Buenaventura / February 19, 2008 8:11 PM PST

A UK company has come up with a nifty laptop-protection system that can automatically wipe hard disk data on machines taken from authorised locations.

Sold as a hosted service, Virtuity?s BackStopp server monitors a protected laptop using any medium available, including the Internet, or locally using Wi-Fi or GSM. If a laptop is reported stolen ? or even just moved from a designated space - the system can reach out and execute a file deletion routine that clears the laptop of all important data.

For laptops stolen while switched off, the location system can use RFID tags to make a judgement about whether that movement is within allowed parameters. A full log of all deletions is sent back to the service centre once completed.

http://www.techworld.com/security/news/index.cfm?newsID=11472&pagtype=samechan

Collapse -
Windows 2008 to hit the right security buttons
by Donna Buenaventura / February 19, 2008 8:17 PM PST

Better security is the biggest draw of Windows Server 2008, Microsoft's recently-launched operating system. However, IT pros are also worried about first-version bugs bedevilling the system, which is due for official release next Wednesday.

That's according to a survey from US reseller CDW, which surveyed 800 tech decision makers. Of these, 49 percent cited security features as the benefit of most interest to their organisation. Other perceived benefits of Windows Server 2008, according to the survey, included faster setup and configuration (cited by 41 percent of the respondents), easier administration (40 percent) and the operating system's new integrated virtualisation (35 percent).

"Security ranked No. 1, both here and in the three surveys we did on Windows Vista," said David Cottingham, CDW's director of product and product management.

http://www.techworld.com/opsys/news/index.cfm?newsID=11481&pagtype=all

Collapse -
Privacy, civil rights advocates castigate Wikileaks ruling
by Donna Buenaventura / February 19, 2008 8:20 PM PST

Privacy and civil rights advocates are expressing their dismay over a pair of decisions made by a California District Court judge last week to shut down Wikileaks.org, a controversial Web site that allows whistleblowers to anonymously post corporate and government documents online.

Several called the decision unprecedented and a violation of Wikileaks' First Amendment rights. Others said the rulings were an unnecessarily provocative action that would do little to curtail the publishing activities of Wikileaks, which is mirrored on servers in several countries.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9063478&taxonomyId=17&intsrc=kc_top

Collapse -
Symantec Endpoint Security throws out error bugs
by Donna Buenaventura / February 19, 2008 8:23 PM PST

But remains functional, company says

Symantec is working on a patch a bug that generates errors in corporate security protection updates. Workarounds enabling virus signature definition updates to Symantec Endpoint Protection are available, but a more comprehensive fix is still in testing.

The glitch in the Symantec's LiveUpdate package has left sysadmins managing Symantec Endpoint Protection coping with "broken" clients, according to Reg reader Richard who manages the network of a UK college. Updates to the Decomposer function of Symantec Endpoint Protection, a software component that decompresses or unpacks files, meant that clients are unable to download new signature definition files without generating errors.

Symantec has published an advisory detailed workarounds. Posts on Symantec forums indicate that the problem first reared its head on 11 February. Richard's experiences seem fairly typical.

http://www.theregister.co.uk/2008/02/20/symantec_enpoint_security_error_bug/

Collapse -
Popular website falls foul of Firefox 3.0
by Donna Buenaventura / February 19, 2008 8:27 PM PST

The new anti-malware tool that debuted last week in Firefox 3.0 Beta 3 is blocking users from reaching the website for a popular add-on to the open-source browser.

Another add-on site that was blocked last week has since been cleared.

One of the sites, DownThemAll.net, acknowledged that it had served users malicious code, but it said that it had purged its pages of malware. The site supports the Firefox extension DownThemAll, one of several download manager add-ons for the browser. Firefox users can now reach the site.

http://www.techworld.com/security/news/index.cfm?newsID=11476&pagtype=all

Collapse -
Hackers step up website attacks
by Donna Buenaventura / February 19, 2008 8:31 PM PST

Trend Micro has warned that hackers are intensifying attacks on legitimate websites to spread malware.

The security firm's 2007 Threat Report and 2008 Forecast debunked the myth about "not visiting questionable sites". Just because a user visits a gambling or adult-content site does not necessarily mean that web threats are lurking in the shadows.
But legitimate sites with the latest sports news, or links in a search engine result, could potentially infect visitors with malware.

Trend Micro explained that an underground malware industry has carved itself a thriving market by exploiting the trust and confidence of web users.

http://www.vnunet.com/vnunet/news/2210040/hackers-step-website-attacks

Collapse -
Russian hosting network runs a protection racket
by Donna Buenaventura / February 19, 2008 8:32 PM PST

It attacks shady sites, hits them up for anti-attack hosting services

The Russian Business Network, a notorious hacker and malware hosting network, runs a protection racket that extorts as much as US$2,000 a month in fees for "protective Web services" from borderline sites, a researcher alleged.

The RBNExploit blog -- which is authored by one or more anonymous researchers -- spelled out the racket run by the group, which is thought to be headquartered in St. Petersburg, Russia, and has been pegged by security professionals as a major source of malware and cyber criminal activity.

http://www.arnnet.com.au/index.php/id;1496227928;fp;16;fpid;1

Collapse -
Got malware? Now you can bank online anyway
by Donna Buenaventura / February 19, 2008 8:34 PM PST

The CSIRO has developed a tool it says will prevent criminals snooping on online communications, but hacking experts say the system is not foolproof.

The tool, dubbed the Trust Extension Device (TED), developed by the government research body, is a set of software tools loaded on to a portable storage device, which the CSIRO claims will allow online banking customers to create a quarantined desktop environment on computers that have been compromised by trojans, viruses or other malware.


"The TED is a set software components currently because it's implemented on a USB stick. It essentially starts a virtualisation machine. It's built on top of QEMU virtualisation software," TED's developer, Dr John Zic, research director of the CSIRO's Networking Technologies Laboratory.

http://www.zdnet.com.au/news/hardware/soa/Got-malware-Now-you-can-bank-online-anyway/0,130061702,339286124,00.htm

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?