11 total posts
Spam scam creates Yahoo zombies
Yahoo members have been warned of a scam in which spammers try to take over their email accounts by sending out fraudulent emails asking for verification of Yahoo account login details. The email request, which claims to help Yahoo prevent automated registrations, tries to dupe users into creating email accounts from which spammers can then distribute large quantities of unsolicited email.
IT security firm MessageLabs warned that the emails contain a fake Yahoo.com URL that leads to a completely different site, but redirects through a Google URL three times to obfuscate the link.
It then redirects to another fake Yahoo web address that loads a real Yahoo help page with legitimate information explaining the code verification process. This is followed by a fake pop-up window which shows the user a Yahoo picture ID and asks them to enter the code.
Companies Scramble to Deal With Spyware
The people who call Dell Inc.'s customer service line often have no idea why their computers are running so slow. The ones who call America Online Inc. can't necessarily explain why Internet connections keep dropping. And those who file error reports with Microsoft Corp. don't always know why their computers inexplicably crash.
Sometimes, the company that gets the complaint is rightly to blame. But with alarming frequency, officials at these and other technology companies say they are tracing customer problems back to one culprit: spyware. In the past year, spyware problems have become especially pernicious, leaving companies scrambling to respond to customers who don't necessarily realize they have spyware.
Companies are concerned about the cost of dealing with such calls. But perhaps more worrisome, they fear customers will wrongly blame them.
TippingPoint Releases Open Source Code for First Intrusion
Prevention Test Tool, Tomahawk
TippingPoint Technologies, Inc., (the leader in intrusion prevention, today announced the availability and open source release of Tomahawk,TM the first test tool designed specifically to evaluate the unique capabilities of network-based intrusion prevention systems (IPS).
"TippingPoint is contributing Tomahawk to the public to make IPS testing easier and more affordable for end users," said TippingPoint's Chief Technology Officer Marc Willebeek-LeMair. "By enabling users to evaluate security, performance, and usability in real world environments, we believe it will accelerate the adoption of intrusion prevention and confirm its necessity in today's threat environment. We believe the benefit of open sourcing the tool to facilitate IPS testing outweighs the potential benefits of commercializing the tool."
New Gordano Release Upgrades Spam, Anti-Virus Features
More efficient Bayesian system, sophisticated word filtering highlight new version.
British-based Gordano has announced a revised edition of its Gordano Messaging Suite (GMS) that includes new features focused on the fight against spam and virus attacks. "Our new facilities strengthen the enterprise arsenal of weapons to fight off these attacks," said sales director Lisa Kirman.
The new features include Scored Restricted Words, a feature which allows administrators to define a set of words or phrases with a score assigned to each indicating its potential for being contained in spam messages. Gordano provides a default set of words from its Anti Spam Update Service (ASUS), and users can augment it with their own.
A more efficient Bayesian filtering system enables a single filtering program to categorize spam for the whole system. This reduces the overhead entailed in the learning process of multiple filters. Gordano's system now operates silently, preventing spammers from being alerted to any new mechanisms that have been enabled.
Cryptography Research Launches Licensing Program for Tamper
Resistance Patents to Prevent Fraud and Piracy
Cryptography Research, Inc. today announced it is now licensing its Differential Power Analysis (DPA) countermeasure technology for cryptographic device manufacturers, smart card vendors, and smart card issuers wanting to produce secure, DPA-resistant products. The Cryptography Research DPA Countermeasure Licensing Program provides access to the company's rich portfolio of broad, fundamental patents on technology that can reduce fraud and piracy by preventing DPA attacks.
These defenses are important to protect the security of tamper-resistant smart cards and other devices used in financial, pay television, mass transit, secure ID, wireless and other industries.
AOL joins industry anti-spam, anti-virus group
Internet service provider America Online Monday said it has joined the Messaging Anti-Abuse Working Group, which was formed last December by a group of communications and technology companies to fight spam, viruses and other online attacks and nuisances.
"America Online is committed to improving our customers' messaging experience," Carl Hutzler, director of antispam operations at AOL, said in a statement. "To do so, we must cooperate to find common solutions for eliminating spam and other unwanted communications and security threats."
AT&T Adds Worm And Virus Protection To Firewall Service
It lets businesses protect themselves from a variety of threats without having to deploy firewalls at each of their locations.
AT&T has added worm and virus protection to its Internet Protect service network-based firewall. The service now helps businesses protect themselves from a variety of threats without having to deploy firewalls at each of their locations.
The new capabilities, which will be added to the service next year, integrate worm and virus mitigation into AT&T's network-based firewall service. The firewall service deploys early identification and mitigation capabilities for attacks directly within the AT&T global IP network, and the firm claims that doing so can more effectively prevent attacks from proliferating and infiltrating customers' internal networks.
There's no worm in your Apple - honest
After a week of contemplation, Apple has announced that the 'Opener' malware program blighting OS X is not a virus - although the security community disagrees
Apple has denied that the malicious code dubbed 'Opener' is a worm, a Trojan or a virus of any kind.
In an emailed statement from a PR company that represents Apple, a spokeswoman said:
"Apple has just released the following statement and will not comment beyond this: 'Opener is not a virus, Trojan horse, or worm. It does not propagate itself across a network, through email, or over the Web. Opener can only be installed by someone who already has access to your system and provides proper administrator authentication. Apple advises users to only install software from vendors and Web sites that they know and trust.'"
But antivirus experts beg to differ, saying that while the program is not an immediate threat, it is a worm because it attempts to copy itself, is therefore a virus as well.
Antivirus company Sophos said: "Renepo is a worm, and since a worm is just a special type of virus - one which neither requires nor uses an existing host file as a carrier - it is a virus."
Citibank - 'Security Alert on Microsoft Internet Explorer'
Anti-Phishing: Citibank - 'Security Alert on Microsoft Internet Explorer'
Again, a phish that utilizes a good address bar forgery. These are getting very dangerous to unsuspicious customers, because very few obvious clues of phishing are left uncovered.
A weak spot in this scam is the e-mail message it's distributed through. It lacks Citibank logos and usual legit headers.
Yet, the sender is spoofed, and it would be very misleading to an unprepared user.