Spyware, Viruses, & Security forum

General discussion

NEWS - January 07, 2010

by Donna Buenaventura / January 6, 2010 5:11 PM PST
Easily spoofed traffic can crash routers, Juniper warns

Juniper Networks is warning customers of a critical flaw in its gateway routers that allows attackers to crash the devices by sending them small amounts of easily-spoofed traffic.

In an advisory sent Wednesday afternoon, the networking company said a variety of devices could be forced to reboot by sending them internet packets with maliciously formed TCP options. The flaw affects versions 3 through 10 of Junos, the operating system that powers devices at ISPs, backbones, and other large networks. Software releases built on or after January 28, 2009 have already fixed the issue.

"The Junos kernel will crash (i.e. core) when a specifically crafted TCP option is received on a listening TCP port," the bulletin, which was issued by Juniper's technical assistance center, stated. "The packet cannot be filtered with Junos's firewall filter. A router receiving this specific TCP packet will crash and reboot."

There are "no totally effective workarounds," the bulletin added.

Continue reading in http://www.theregister.co.uk/2010/01/07/juniper_critical_router_bug/
Discussion is locked
You are posting a reply to: NEWS - January 07, 2010
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - January 07, 2010
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
25 million strains of malware identified in 2009
by Donna Buenaventura / January 6, 2010 5:34 PM PST

2010 will see even more malware created

More than 25 million new strains of malware were created last year, says PandaLabs.

According to the security vendor's Annual Malware Report, the number of new versions of malware identified has topped the 15 million identified throughout the company's 20-year history.

PandaLabs said that 66 percent of the new malware identified were banking Trojans, and the next popular type was scareware, also known as fake antivirus software that encourages web users to part with their hard-earned cash to download hoax security software that serves no purpose.

The security vendor predicts that the amount of malware in circulation will continue to grow during 2010.


Collapse -
Iran posts list of banned Websites
by Donna Buenaventura / January 7, 2010 2:13 AM PST

Authorities block any site seen as immoral or a threat to security, government.

The Iranian judicial authorities have published a long list of banned Internet Web sites in a new crackdown on online networks, including those deemed immoral, the press reported Thursday.

They said the list, drawn up by a "committee of experts," bans any site that contains pornography, prostitution, sexual deviation or anything considered to be "contrary to the morals of society" in the Islamic republic.

Websites containing material "contrary to security and social peace" as well as those seen by the authorities as "hostile to government officials and institutions" bound to lead to "crimes" are also banned.

According to the list published in several Tehran newspapers, anyone found guilty of using such Web sites could be jailed for several years in line with a law on Internet offences passed in parliament more than a year ago.


Collapse -
EC card disaster: French manufacturer takes responsibility
by Carol~ Moderator / January 7, 2010 2:20 AM PST
EC card disaster: French manufacturer Gemalto takes responsibility

7 January 2010

In a statement, French vendor Gemalto has taken responsibility for the current EC and credit card disaster in Germany. The vendor says it is currently working with the banks to solve the problem and avoid having to replace an estimated 30 million faulty cards. It remains unclear how a solution might be implemented and whether this could involve a software update of the EMV application installed on the cards embedded chip. The problem is caused by a flawed date processing mechanism on the chip which, since the first of January, 2010, has caused the EMV application to terminate certain transactions in terminals equipped with the latest software version.

The Central Credit Committee (ZKA), the stakeholders of the German banking industry, are investigating whether or not it is possible to re-program the faulty cards. Conceivably this would involve the card holders inserting the card in a specially modified ATM at their local bank and although it would in itself be a herculean task, it would negate the need for card replacement and provide a solution for any similar future problems.

Continued here: http://www.h-online.com/security/news/item/EC-card-disaster-French-manufacturer-Gemalto-takes-responsibility-897991.html
Collapse -
Unpatched Adobe Vulnerability Is Still Being Exploited...
by Donna Buenaventura / January 7, 2010 2:55 AM PST
in the Wild

Another PDF sample that exploits an unpatched vulnerability in Adobe Reader and Acrobat has been spotted in the wild. The sample (detected by Trend Micro as TROJ_PIDIEF.WIA) uses the heap spray technique to execute shellcode in its stream. As a result, a malicious file detected as BKDR_POISON.UC is dropped into the system.

When executed, BKDR_POISON.UC opens an instance of Internet Explorer and connects to a remote site, cecon.{BLOCKED}-show.org. Once connected, a malicious user may execute any command on the affected system.

Adobe has announced that it will provide a patch for this vulnerability on January 12, 2010 but until then, users are advised to disable JavaScript in Adobe Reader and Acrobat as cybercriminals are sure to take advantage of this unpatched vulnerability. To do this, follow the steps below.

1.Click Edit > Preferences.
2.In the left panel, select JavaScript.
3.Untick the Enable Acrobat JavaScript option.
4.Click OK.

In addition, Adobe also plans to release an automatic/silent updater that will automatically patch systems even without user intervention.

More in http://blog.trendmicro.com/unpatched-adobe-vulnerability-is-still-being-exploited-in-the-wild/

Related article Adobe's silent updater in yesterday's news thread

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!