Spyware, Viruses, & Security forum

General discussion

NEWS - May 25, 2005

by roddy32 / May 24, 2005 9:51 PM PDT
Cisco targets Net phone software flaw
By Marguerite Reardon, CNET News.com
Published on ZDNet News: May 24, 2005, 4:42 PM PT

A software flaw that could crash Cisco Systems' Internet protocol phones has been discovered, and the networking company has issued a patch to fix the problem.

The flaw, which opens the IP phone service up to denial-of-service attacks, was reported by the National Infrastructure Security Co-ordination Centre, a security research group based in the U.K. In its warning, it gave the Domain Name System protocol vulnerability, which also affects other software, a "moderate risk" warning.

The flaw is associated with Cisco IP phones running the DNS protocol. DNS handles the translation of domain names into IP addresses. DNS servers are located throughout the Internet to perform this translation and to ensure that IP packets arrive at their proper destinations.

more here
http://news.zdnet.com/2100-1009_22-5719098.html?tag=zdnn.alert
Discussion is locked
You are posting a reply to: NEWS - May 25, 2005
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - May 25, 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Worm, phishing scam hit IM services
by roddy32 / May 24, 2005 9:54 PM PDT
In reply to: NEWS - May 25, 2005

(this is just more and a different source of an article that was posted yesterday)

By Joris Evers, CNET News.com
Published on ZDNet News: May 24, 2005, 4:43 PM PT

A new worm and a phishing scam are targeting members of the America Online and Yahoo instant messaging networks, security companies warned Tuesday.

In both cases, people receive an instant message with an apparent reference to the newly released "Star Wars Episode III: Revenge of the Sith" movie, encouraging them to click on a link, said Jon Sakoda, chief technology officer at IMLogic, an instant messaging security company.

"Both seek to capitalize on momentum and enthusiasm around the 'Star Wars' movie," he said.

more here
http://news.zdnet.com/2100-1009_22-5719088.html?tag=zdnn.alert

Collapse -
Intuit launches Windows patch tool
by roddy32 / May 24, 2005 9:57 PM PDT
In reply to: NEWS - May 25, 2005

By Joris Evers, CNET News.com
Published on ZDNet News: May 24, 2005, 5:32 PM PT

Jumping into the Windows patch management fray, Intuit on Tuesday announced a software tool aimed at smaller businesses.

The Track-It Patch Manager is designed to help information technology managers install security updates to Microsoft's operating system on networks belonging to small and midsize businesses, or at units of larger companies.

Several other companies, including LANDesk and Altiris, sell Windows patch management products. Microsoft itself offers a free patch management tool called Software Update Services.

Patch Manager, like other Track-It products, comes out of Intuit's IT Solutions group. Last week, the Mountain View, Calif.-based company said it plans to sell that unit and focus on its core QuickBooks, Quicken and TurboTax products for financial management.

more here
http://news.zdnet.com/2100-1009_22-5719152.html?tag=zdnn.alert

Collapse -
Stealth virus warning sounded again
by roddy32 / May 25, 2005 1:56 AM PDT
In reply to: NEWS - May 25, 2005

By Munir Kotadia, ZDNet Australia
Published on ZDNet News: May 25, 2005, 6:08 AM PT

Virus authors are choosing not to create global epidemics--such as Melissa or Blaster--because that distracts them from their core business of creating and selling botnets, according to antivirus experts.

Botnets are groups of computers that have been infected by malware that allows the author to control the infected PCs, and then typically use them to send spam or launch DDoS attacks.

Speaking at the AusCERT conference on Australia's Gold Coast on Tuesday, Eugene Kaspersky, founder of Kaspersky Labs, said that the influence of organised crime on the malware industry has led to a change of tactics, echoing comments made in March of this year by Mikko Hypp

Collapse -
FTC Urges ISPs to Crack Down on 'Spam Zombies'
by roddy32 / May 25, 2005 2:08 AM PDT
In reply to: NEWS - May 25, 2005

By Paul F. Roberts
May 24, 2005

The U.S. Federal Trade Commission plans to issue a statement Tuesday urging ISPs to take a tougher stance on compromised computers known as "spam zombies," which could include cutting off Internet access for the machines, which experts believe are responsible for sending out huge volumes of unsolicited e-mail messages.

The FTC will join with government agencies from around the world to alert ISPs about the spam zombie problem. ISPs should consider a number of options to stem the zombie problem, including better user education, anti-virus protection and even denying Internet access for problem machines, according to two FTC officials.

more here
http://www.eweek.com/article2/0,1759,1819487,00.asp?kc=ewnws052505dtx1k0000599

Collapse -
AOL Suspends Trojan-Infected AIM Accounts
by roddy32 / May 25, 2005 2:11 AM PDT
In reply to: NEWS - May 25, 2005

By Ryan Naraine
May 24, 2005

America Online on Tuesday confirmed the inadvertent suspension of an undisclosed number of Trojan-infected AIM screen names.

The company said its internal anti-SPIM (spam over IM) mechanism flagged the infected screen names for terms-of-service abuse and led to the account cancellations.
The suspension is directly related to the virulent "Oscarbot" Trojan Horse that targets AOL's Instant Messenger users and propagates by sending IMs to every buddy on an infected user's buddy list.

America Online Inc.'s behavior-pattern tracking system noticed the unusual surge in IM activity and unintentionally flagged the infected users as potential IM spammers.

more here
http://www.eweek.com/article2/0,1759,1819973,00.asp?kc=ewnws052505dtx1k0000599

Collapse -
Microsoft plugs phishing hole in Xbox site
by roddy32 / May 25, 2005 4:46 AM PDT
In reply to: NEWS - May 25, 2005

Published: May 25, 2005, 11:39 AM PDT
By Ina Fried
Staff Writer, CNET News.com

Microsoft has patched a flaw in its Xbox 360 Web site that researchers say could have opened the door to a phishing attack.

Security company Finjan Software said that it notified the software maker of the issue last week and that Microsoft patched its site within 12 hours. The flaw was what is known as a cross-site scripting vulnerability, which could have been exploited by hackers to gather credit card data and other personal information from people looking to get more information about the new game console.

"This discovery is another example of our cooperation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community," Finjan CEO Shlomo Touboul said in a statement.

more here
http://news.com.com/Microsoft+plugs+phishing+hole+in+Xbox+site/2100-1029_3-5720241.html?tag=html.alert

Collapse -
Doors opening for outsourced security
by roddy32 / May 25, 2005 6:56 AM PDT
In reply to: NEWS - May 25, 2005

Published: May 25, 2005, 10:01 AM PDT
By Matt Hines
Staff Writer, CNET News.com

Chris Hoff isn't ready to throw caution to the wind, but the CIO is defying the conventional mindset about outsourcing enterprise security.

To keep operations safe at Western Corporate Federal Credit Union--known to some as the "credit union to credit unions"--Hoff has a long list of security issues to consider. And for one important element of WesCorp's defense--testing its IT systems for potential weak points--he signed on with an outside software provider, Qualys.

Hoff said he had to change a few minds in WesCorp conference rooms to get acceptance for his decision to use hosted vulnerability management. Wescorp has been using Qualys' online applications for the last year.

more here
http://news.com.com/Doors+opening+for+outsourced+security/2100-7355-5719012.html?part=dht&tag=ntop&tag=nl.e433

Collapse -
Experts: Zombies ousting viruses as malware of choice
by roddy32 / May 25, 2005 6:59 AM PDT
In reply to: NEWS - May 25, 2005

Published: May 25, 2005, 1:18 PM PDT
By Munir Kotadia
Special to CNET News.com

Virus authors are choosing not to create global epidemics--infections of the type caused by Melissa or Blaster--because that distracts them from their core business of creating and selling zombie networks, according to anti-virus experts.

Speaking at the AusCERT conference in Australia's Gold Coast on Tuesday, Eugene Kaspersky, founder of Kaspersky Labs, said that the influence of organized crime on the malware industry has led to a change of tactics. Instead of trying to create viruses and worms that infect as many computers as possible, malware authors are instead trying to infect 5,000 or 10,000 computers at a time to create personalized zombie armies.

"Do I need a million computers to send spam? No. To do a DDoS attack, 5,000 or 10,000 PCs is more than enough. That is why virus writers and hackers have changed their tactics of infection--they don't need a global epidemic," said Kaspersky.

more here
http://news.com.com/Experts+Zombies+ousting+viruses+as+malware+of+choice/2100-7355_3-5720428.html?tag=html.alert

Collapse -
Antiphishing toolbar for Firefox released
by roddy32 / May 25, 2005 9:17 AM PDT
In reply to: NEWS - May 25, 2005

Published: May 25, 2005, 3:56 PM PDT
By Joris Evers
Staff Writer, CNET News.com

Internet services company Netcraft has released a version of its toolbar for Firefox. The plug-in can help users of the Web browser avoid phishing scams, the company said.

The Netcraft Toolbar blocks phishing Web sites that have been reported by other users. A version of the plug-in for Microsoft's Internet Explorer browser has been available since December of last year. More than 7,000 phishing sites have been detected and blocked since then, Netcraft, which is located in Bath, England, said on its Web site on Tuesday.

Phishing is a prevalent type of online fraud that attempts to steal sensitive user information such as user names, passwords and credit card information. The attacks typically combine spam e-mail and fraudulent Web pages that look like legitimate sites.

more here
http://news.com.com/Antiphishing+toolbar+for+Firefox+released/2100-7349_3-5720585.html?tag=html.alert

Collapse -
Apple fixes hole in Keynote
by roddy32 / May 25, 2005 10:12 AM PDT
In reply to: NEWS - May 25, 2005

Published: May 25, 2005, 4:55 PM PDT
By Joris Evers
Staff Writer, CNET News.com

Apple Computer on Wednesday released a security update for its Keynote presentation application. The Keynote 2.0.2 update fixes a flaw that could allow an attacker to access files on a Mac by crafting a malicious Keynote presentation, Apple said in a security advisory.

more here
http://news.com.com/Apple+fixes+hole+in+Keynote/2110-1002_3-5720639.html?tag=html.alert

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GIVEAWAY

Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.