Spyware, Viruses, & Security forum

General discussion

News - July 1, 2004

by Donna Buenaventura / June 30, 2004 1:56 PM PDT

Another big Apache hole found

Linux and Unix vendors are releasing fixes for a critical bug in the popular Web server Apache that could allow attackers to crash the system or execute malicious code.

The bug affects Apache 1.3.x installations configured to act as proxy servers, which relay requests between a Web browser and the Internet. When a vulnerable server connects to a malicious site, a specially crafted packet can be used to exploit the vulnerability, according to security researcher Georgi Guninski, who has publicly released exploit code.

http://www.computerworld.com/securitytopics/security/holes/story/0,10801,94191,00.html

Discussion is locked
You are posting a reply to: News - July 1, 2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: News - July 1, 2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Pop-Up Program Snatches Banking Passwords
by Donna Buenaventura / June 30, 2004 1:59 PM PDT
In reply to: News - July 1, 2004

Customers who use a number of the top online banking sites are at risk of falling prey to a new Web-based attack that snatches user IDs and passwords for these sites.

Among the sites targeted by the attack are some owned by Citibank, Deutsche Bank and Barclays Bank.

The attack is rather complex and appears to use a known flaw in Internet Explorer (IE) to drop a Trojan horse program on vulnerable machines. The Trojan is delivered through a malicious pop-up ad that loads a file called "img1big.gif" onto the machine. The file is in fact a compressed Win32 executable that contains the Trojan and a DLL.

The DLL is installed on the PC as a BHO (Browser Helper Object), a type of DLL that normally is used to let developers control IE in certain circumstances.

http://www.eweek.com/article2/0,1759,1618453,00.asp?kc=EWRSS03129TX1K0000614

Collapse -
Infosys' network brought down by virus attack
by Donna Buenaventura / June 30, 2004 2:03 PM PDT
In reply to: News - July 1, 2004

Infosys Technologies Ltd., a leading Bangalore-based software and business process outsourcing (BPO) company, had to bring down its network Tuesday morning, following detection of a virus attack on some machines on the network.

"We don't have the details of the virus yet, though we think it came through as an e-mail attachment," said a spokeswoman for the company who added that this is not the first time that Infosys has been attacked by a virus, and the network shut down.

"We proactively shut off a part of our network for a couple of hours as part of our business continuity plan," said the spokeswoman. While the network-dependent work was affected, other software development and services work continued as usual, she added.

http://www.infoworld.com/article/04/06/30/HNvirusoffshore_1.html

Collapse -
Cyber-loafing boss sacks office spyware detective
by Donna Buenaventura / June 30, 2004 2:05 PM PDT
In reply to: News - July 1, 2004

The Alabama Department of Transportation has fired Vernon Blake for installing WinSpy, a freely available spyware, on his boss's computer. Mr. Blake was apparently frustrated over the 'cyber-loafing' of his boss, George Dobbs, and used the spyware to prove that Mr. Dobbs spent 70% of his time playing solitaire. Symantec warns that WinSpy can not only monitor computer use, but also log keystrokes, possibly giving Mr. Blake access to sensitive material in violation of the law. Installing spyware on a boss's computer may also violate company policy, and may result in loss of job. Mr. Dobbs has been given a written warning, reminding him that managers must not "compromise their ability to manage subordinates."

http://networks.silicon.com/lans/0,39024663,39121768,00.htm

Collapse -
NIST aims to ease XP security setup
by Donna Buenaventura / June 30, 2004 2:07 PM PDT
In reply to: News - July 1, 2004

The National Institute of Standards and Technology (NIST) has released Special Publication 800-68, offering recommendations and checklists for configuring security on Windows XP Professional in accordance with the Federal Information Security Management Act (FISMA) of 2002. The document should help systems administrators avoid mistakes that can cost time and money. NIST worked with the Defense Information Systems Agency, the National Security Agency, Microsoft, and the Center for Internet Security to develop the standards for productivity applications, e-mail, web browsers, personal firewalls, and antivirus. July 2004, NIST will publish details on its Security Configuration Checklists Program, a web portal that will let federal officials research softwares when making purchasing decisions. According to Center for Internet Security chief executive Clint Kreitner, software makers, businesses, and government agencies are reaching a consensus on security controls; Dell and Microsoft have begun shipping products already configured for security.

http://www.fcw.com/fcw/articles/2004/0628/web-nist-06-29-04.asp

Collapse -
Comcast reports 35 percent decline in spam
by Donna Buenaventura / June 30, 2004 2:14 PM PDT
In reply to: News - July 1, 2004

Cable giant Comcast on Thursday said the volume of spam originating from its network has dropped 35 percent since it blocked an e-mail loophole weeks ago.

The new data comes after Comcast, the nation's largest broadband service, earlier this month began blocking a gateway that spammers commonly use to send mass volumes of unsolicited e-mail. Called "port 25," the gateway lets PCs send and receive e-mail based on SMTP (Simple Mail Transfer Protocol), the most common technology for exchanging messages.

While a Comcast representative declined to offer an estimate of the service's daily e-mail volume, independent measuring firm SenderBase confirmed the decline.

http://zdnet.com.com/2100-1105_2-5251909.html

Collapse -
Panda Software Launches Beta Test for TruPrevent
by Donna Buenaventura / June 30, 2004 2:23 PM PDT
In reply to: News - July 1, 2004

Panda Software launches beta test for TruPrevent: the most intelligent technologies to combat unknown viruses and intruders

06/29/2004. - TruPrevent Technologies give a reliable response to the need for higher levels of protection for home users, professionals and large corporations to face the constant appearance of faster-spreading and more sophisticated viruses and threats

- TruPrevent Technologies take a preventive approach, not a reactive approach, automatically pre-empting the problem, without human intervention and without generating false positives

- TruPrevent Technologies are designed to stop worm attacks like those caused by Sasser or Mydoom by analyzing their behavior and are the perfect complement to traditional antivirus protection. For this reason, these technologies are even compatible with products that have not been developed by Panda Software

- TruPrevent Technologies do not have a significant impact on system performance

- The new TruPrevent Technologies are part of Panda’s new range of products, whose beta versions can be downloaded from http://www.pandasoftware.com/beta

http://www.pandasoftware.com/about/press/viewNews.aspx?noticia=5212

Collapse -
Beta version of the new Panda WebAdmin Antivirus
by Donna Buenaventura / June 30, 2004 2:25 PM PDT
In reply to: News - July 1, 2004

Beta version of the new Panda WebAdmin Antivirus: protection via the Internet for the entire organization

06/30/2004. - Panda Software's new solution is deployed and administered via a web page accessible securely from any computer with an Internet connection

- The protection against all types of virus offered by Panda WebAdmin Antivirus even includes computers with no connection to the Internet or those outside the local network

Panda Software is launching the new beta version of Panda WebAdmin Antivirus. This solution - administered remotely over the Internet- armor plates the IT infrastructure of small and medium-sized companies against attacks from all types of viruses, worms and Trojans. The beta version of Panda WebAdmin Antivirus is available for free trials from Panda Software’s website at: http://www.pandasoftware.com/download/beta/corporate.asp

http://www.pandasoftware.com/about/press/viewNews.aspx?noticia=5215

Collapse -
Norton AV 2005 Beta
by Donna Buenaventura / July 1, 2004 3:38 AM PDT
In reply to: News - July 1, 2004

Symantec published:

Norton AntiVirus 2005 Beta Version for Windows 98/2000/Millennium/XP Now Available.

We are very pleased to make the beta version of Norton AntiVirus 2005 for Windows 98/2000/Millennium/XP available for download. Symantec's Norton AntiVirus 2005 is the world's most trusted antivirus solution. It removes viruses automatically, blocks certain Internet worm attacks, and protects email and instant messages.

We've added new improvements and new features to Norton AntiVirus 2005. Download the product now! Surf the Net. Play your favorite games. We are very interested in your feedback on this product. We will give away 50 FREE copies of Norton AntiVirus 2005 to the first 50 beta users that submit undocumented bugs. Winners will be notified via e-mail.

Symantec does not provide Technical Support on beta version software products. However, we would appreciate your feedback, which can be sent via e-mail to NAVConsumer_Beta@symantec.com. In order to qualify for one of the free versions of Norton AntiVirus 2005, please be sure to include your complete mailing information in your e-mail message. An electronic bug report form is also available.

All information submitted is routed through a secure server and is in compliance with Symantec's Privacy Policy.

Please note that this Beta Release expires 30 days after product was installed.

System Requirements

--Pentium level CPU
--IE 5.5
--Windows 98, 98SE
--Windows ME
--Windows 2000 Professional
--Windows XP Home and Professional Edition

http://www.symantec.com/public_beta/index.html

Important: Install only to non-production system. Install at your own risk, it is BETA.

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?