Spyware, Viruses, & Security forum

General discussion

NEWS - January 8, 2007

Who needs sophisticated malware?

Published: 2007-01-08,
Last Updated: 2007-01-08 06:09:48 UTC
by Bojan Zdrnja

This weekend I received another ?postcard? e-mail. It looked different than those seen around Christmas so I went to investigate what?s going on here. The main difference was that this was an HTML e-mail, without any attachments, but with a ?hidden? link to malware (of course, by moving your mouse over the link shown by the HTML message, one was able to see where it really goes).
The link was pointing to http://www.pettrans [dot] sk/[removed].exe (the site is still up and happily serving malware).

Read more: http://isc.sans.org/diary.html?storyid=2022&dshield=2b28420fa3cbda80e7a607677badc991

Discussion is locked
You are posting a reply to: NEWS - January 8, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - January 8, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Google Sets Record Straight on Desktop

In reply to: NEWS - January 8, 2007

January 08, 2007 (Computerworld) -- As product manager for Google Desktop, I wanted to offer some information that was not included in the Dec. 4 Security Manager?s Journal [?Stopping Data From Flying Off to Google?]. Both privacy and security were important considerations in the development of this feature. As the article noted, Search Across Computers is off by default, must be enabled by users on all computers they want to use it on, and requires them to be logged into their Google account to use it. Your readers should also know that indexed files are stored only temporarily on Google?s servers until they are transmitted to the user?s other computers as they come online, and no files are stored for more than 30 days, even if the user?s other computers never come online.

Read more: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=277936&source=rss_topic17

Collapse -
A new SSL certificate is on the way

In reply to: NEWS - January 8, 2007

Web-based businesses face a crisis in consumer confidence because of phishing scams. But because of a new kind of SSL certificate, Web sites will be able to definitively demonstrate their identity, and customers will be able to confirm the identity of trusted sites.

http://www.pcworld.idg.com.au/index.php/id;860170254;fp;2;fpid;3

Collapse -
Prevx Uncovers Search Engine Vulnerability as Major Factor

In reply to: NEWS - January 8, 2007

in Proliferation of Spyware and Malware Infections

Recent Prevx research finds 2-15 day lag for search engines to index malicious file names; computer users unable to find solutions fast enough to thwart new outbreaks.

Prevx announced that it has uncovered new vulnerabilities affecting PC users trying to use Internet search engines to locate information about potential spyware. Prevx researchers discovered certain malicious spyware programs prevent users, whose computers have become infected, from using popular search engines such as Yahoo!, Google and MSN to locate a cure, enabling the spyware infections to proliferate more readily among consumers. More information on spyware and other malware is available at http://www.prevx.com

"If a user searches for a suspect file name on Google or Yahoo! and nothing is found, then the assumption is that the file is probably nothing to worry about," said Prevx CEO, Mel Morris. "Such is the power of search today. Sadly, users must be more vigilant, a blank result on a top search engine is more likely to point to it being malicious."

Prevx researchers recommend that search engine companies find better and faster ways to help security vendors expose new infections and make protection readily available to computer users.

http://prweb.com/releases/2007/1/prweb495662.htm

Collapse -
Finjan Releases Latest Quarterly Web Security Trends Report

In reply to: NEWS - January 8, 2007

Finjan's Web Security Trend report Q4/2006 presents new findings and "in the wild" examples related to the increased use of code obfuscation as a means of bypassing traditional signature-based solutions in order to propagate malicious code. It also provides a summary of key trends identified by Finjan's MCRC during 2006 and a brief outlook for 2007. The report offers suggestions as to how companies can protect themselves from these threats.

http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=109&STORY=/www/story/01-08-2007/0004501137&EDATE=

Collapse -
Sophos box takes aim at bad Web sites, misguided end users

In reply to: NEWS - January 8, 2007

Sophos Monday unveiled an appliance that can block access to harmful Web sites to prevent malware infection as well as filter out banned Web sites for productivity purposes.

The company's WS1000 appliance, which supports as many as 1,000 simultaneous users, scans Web traffic to block user access to known sites where risk of spyware and other malicious code is high, says Ron O'Brien, senior security analyst at Sophos. In addition, the WS1000 is built to dynamically analyze Web browsing behavior to stop or warn users when they might be lured into a spam-based phishing attack to a Web site that may only go live for a brief period to steal personal information.

Competitors in Web content filtering include Websense and Trend Micro.

http://www.networkworld.com/news/2007/010807-sophos-malware.html

Collapse -
Apple's New Years Hangover: Lawsuits, Hackers

In reply to: NEWS - January 8, 2007

Apple Computer in the past decade has risen, phoenix-like, from the ashes of its own managerial incompetence to attain new heights of profitability (up 27 percent in fourth-quarter 2006 to $546 million), market capitalization ($74 billion at last count) and plain old street cred (traffic to Apple's iTunes music store beat Microsoft's Zune 30 to 1 on Christmas Day.)

But the ball hadn't even started its descent in Times Square before CEO Steve Jobs and other Apple execs were facing a New Year's hangover of antitrust lawsuits, software holes, and a nagging SEC investigation into stock-option irregularities. Together, the lawsuits and hacks threaten to undermine longtime strengths for the company. But one expert says pressure to innovate, rather than courtroom challenges, are the biggest threat to Apple's future.

http://news.yahoo.com/s/infoworld/20070108/tc_infoworld/84825

Collapse -
Symantec's Home & Home Office Security Report-Dec. 2006

In reply to: NEWS - January 8, 2007

Symantec published the December 2006 version of the Symantec Home and Home Office Security Report, an overview of Internet security concerns that may affect you and show you what you can do to protect your valuable data.

You can view it in PDF format by downloading the report from http://www.symantec.com/home_homeoffice/security_response/consumer_reports.jsp

Report includes:
December 2006
Worm spreading through Skype
Worm spread on MySpace through QuickTime flaw
Microsoft Word plagued by critical flaws

You may also just read their blog entry about the above at http://www.symantec.com/enterprise/security_response/weblog/2007/01/2006_security_roundup_ah_the_m.html

QUOTE
The report also discusses online fraud, virus, and vulnerability trends for 2006. Online fraud is also known as phishing, which is a malicious attempt to trick people into divulging personal information, such as banking or financial details. In 2006, Symantec observed over seven million phishing attempts each day. Users should be suspicious of following links in email messages claiming to be from a bank or financial institution, and certainly no personal information should be returned to the email sender.

The development of viruses and worms continues to evolve. Mass-mailing worms still maintained an overwhelming presence in 2006, but they are slowly being overtaken with more stealthy threats that try to remain undetected once they have infected a computer using rootkit techniques. We are continually investigating the threat of zero-day exploits, which are malicious programs written by attackers to exploit a previously unknown flaw or vulnerability in software. The targets of zero-day attacks often include network- or computer-based software applications that require some level of user interaction, such as Web browsers or computer/office productivity software.
UNQUOTE

Collapse -
Sunbelt Software Announces Top 10 Spyware Threats for Decem

In reply to: NEWS - January 8, 2007

Sunbelt Software announced the top ten most prevalent spyware threats for the month of December 2006. The results are based on monthly scans performed by Sunbelt's award-winning antispyware product CounterSpy

1. Trojan-Downloader.Zlob.Media-Codec 2.56%

2. SpySheriff 1.11%

3. Trojan.Smitfraud 0.75%

4. Zango.SearchAssistant 0.71%

5. VirusBurst 0.59%

6. Virtumonde 0.57%

7. ClickSpring.PuritySCAN 0.50%

8. Trojan.Win32.Qhost.hf 0.46%

9. WinAntiVirus Pro 0.43%

10.Trojan-Downloader.Gen 0.42%

View details at http://www.sunbelt-software.com/Press.cfm?id=171
Collapse -
Wi-Fi body aims to smooth security setup

In reply to: NEWS - January 8, 2007

New specification could encourage consumers to buckle up

Stephen Lawson
January 08, 2007 (IDG News Service) -

The group that certifies Wi-Fi products aims to make more wireless LANs secure by taking some of the work out of locking them down.

The Wi-Fi Alliance is set to announce on Monday at the International Consumer Electronics Show its WPS (Wi-Fi Protected Setup) specification, which lays out an easier process for setting up a secure wireless LAN. The group will also reveal the first devices certified under WPS, though it will take a few more months for consumer products to reach store shelves.

Read more: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9007505&source=rss_topic17

Collapse -
Microsoft bans Scroogle

In reply to: NEWS - January 8, 2007

Bah! Humbuggle!

By Andrew Orlowski
Published Monday 8th January 2007

Microsoft's MSN Messenger service doesn't want you talking dirty - and its definition of dirty talk is quite peculiar.

If you send an instant message containing the word "scroogle.org" via the Microsoft service, the message never arrives. The sender doesn't know it was discarded, and the recipient has no indication that it was ever sent, as the original message remains in the chat window and history.

Read more: http://www.theregister.co.uk/2007/01/08/msn_bans_scroogle/

Collapse -
A shifting landscape for e-mail security

In reply to: NEWS - January 8, 2007

By Joris Evers, CNET News.com
Published on ZDNet News: January 8, 2007, 12:01 PM PT

ZDNet Tags: Acquisitions and mergers, Spam and phishing, Microsoft Symantec Corp Cisco Systems Inc
Cisco Systems' purchase of e-mail security specialist IronPort Systems is another sign that big-name vendors are taking over the spam fight, analysts say.

Upon completion of the the $830 million cash and stock deal, networking giant Cisco will join Symantec and Microsoft as a leader in the e-mail security arena. Those other companies entered the market via acquisitions and product development of their own.

Read more: http://news.zdnet.com/2100-1009_22-6147760.html

Collapse -
PayPal, Barclays are phishers' favorites, according to Phish

In reply to: NEWS - January 8, 2007

Frank Washkuch Jr. Jan 8 2007 20:01
PayPal, Barclays Bank and eBay were the three firms most targeted by phishers last month, according to statistics compiled by PhishTank users.


The public scam-reporting community, which allows consumers to report phishing scams, then vote on their authenticity, logged over 94,000 votes in December.

Out of the more than 20,000 unique phishing lures reported last month, 11,300 were verified as scams, according to a report from OpenDNS, the creators of PhishTank. Nearly 800 reports were dismissed as invalid phishes.

More than 2,200 validated phishing attempts targeted PayPal users, with another 1,300 targeting users who bank with U.K.-based Barclays.

Read more: http://www.scmagazine.com/us/news/article/624888/paypal-barclays-phishers-favorites-according-phishtank/

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.