Microsoft released yesterday its new Security Essentials real-time protection software for home users. Bad guys haven't let their chance to slip away.
Websense's alert warns about rogue links that malware authors have been able to get between legit results by using Search Engine Optimization (SEO) techniques. Results for Soft_71.exe file, one of those malicious files spread, were pretty low when the file was scanned on VirusTotal some hours ago.
Wednesday, September 30, 2009
Tuesday, September 29, 2009
Microsoft Security Essentials Is Out
Microsoft has released public version of their new real-time protection software, Microsoft Security Essentials (MSE). Program is meant mainly for home PC use. "For business customers, Microsoft continues to offer Forefront Client Security, providing centralized, comprehensive management and reporting capabilities", is stated on the press release.
More information and download link for the program can be found on the official site of MSE.
More information and download link for the program can be found on the official site of MSE.
Monday, September 28, 2009
"Inside the Password Stealing Business" -Report
Avert Labs has published a research paper called “Inside the Password-Stealing Business: the Who and How of Identity Theft”.
The report uncovers technical details on the capabilities, level of sophistication, and inner workings of the most infamous contemporary password-stealing malware families such as Zbot, Sinowal, and Steam Stealer. Discussed topics are also the prevalence of such malware, distribution channels, how criminals keep up with the changes banks make to keep transactions secure, and how they exploit today’s economic climate.
The report can be found here.
Source
The report uncovers technical details on the capabilities, level of sophistication, and inner workings of the most infamous contemporary password-stealing malware families such as Zbot, Sinowal, and Steam Stealer. Discussed topics are also the prevalence of such malware, distribution channels, how criminals keep up with the changes banks make to keep transactions secure, and how they exploit today’s economic climate.
The report can be found here.
Source
Tuesday, September 22, 2009
Razer Support Site Distributed Malware
"The support website at gaming hardware manufacturer Razer, has been compromised to distribute malware", writes Rik Ferguson from Trend Micro in their blog. According to Ferguson, Razer took their support website down after it was found out that a big amount of the device drivers offered for download at the site were infected with a Trojan. The Trojan delivers the original installer but then goes on to drop a copy of WORM.ASPXOR.AB in the system directory. 7 of 41 scanners at Virustotal flagged the infection.
At the moment of writing this, Razer Support Downloads page is still under maintainence. Announcement recommends to run a virus scan if one has "downloaded and installed drivers or firmware from www.razersupport.com from the 19th of September 2009".
At the moment of writing this, Razer Support Downloads page is still under maintainence. Announcement recommends to run a virus scan if one has "downloaded and installed drivers or firmware from www.razersupport.com from the 19th of September 2009".
PHP Version 5.2.11 Released
There has been released a new version of branch 5.2.x of scripting language PHP. New version fixes over 75 bugs of which four are security related:
PHP 5.2.x branch users are advised to upgrade their current versions to this latest one.
More information can be read here.
* Fixed certificate validation inside php_openssl_apply_verification_policy. CVE-2009-3291
* Fixed sanity check for the color index in imagecolortransparent(). CVE-2009-3292
* Added missing sanity checks around exif processing. CVE-2009-3293
* Fixed bug #44683 (popen crashes when an invalid mode is passed). CVE-2009-3294
PHP 5.2.x branch users are advised to upgrade their current versions to this latest one.
More information can be read here.
Friday, September 18, 2009
Microsoft Goes After The Malvertising Threat
Microsoft has filed five civil lawsuits, the first of their kind against a phenomenon known as malvertising that hit also New York Times website last weekend. It is a term used of malicious online advertising.
"The lawsuits allege that individuals using the business names “Soft Solutions,” “Direct Ad,” “qiweroqw.com,” “ITmeter INC.” and “ote2008.info” used malvertisements to distribute malicious software or present deceptive websites that peddled scareware to unsuspecting Internet users. Although we don’t yet know the names of the specific individuals behind these acts, we are filing these cases to help uncover the people responsible and prevent them from continuing their exploits", states Tim Cranton, associate general counsel for Microsoft in a blog post that announced the lawsuits.
These five filings build on other recent actions that Microsoft has taken against click fraud and instant messaging spam.
"The lawsuits allege that individuals using the business names “Soft Solutions,” “Direct Ad,” “qiweroqw.com,” “ITmeter INC.” and “ote2008.info” used malvertisements to distribute malicious software or present deceptive websites that peddled scareware to unsuspecting Internet users. Although we don’t yet know the names of the specific individuals behind these acts, we are filing these cases to help uncover the people responsible and prevent them from continuing their exploits", states Tim Cranton, associate general counsel for Microsoft in a blog post that announced the lawsuits.
These five filings build on other recent actions that Microsoft has taken against click fraud and instant messaging spam.
Wednesday, September 16, 2009
Cyber Security Risks Report From SANS
SANS (SysAdmin, Audit, Network, Security) has published a report about cyber security risks.
The report sums up popular unpatched 3rd party programs (i.e. Adobe PDF Reader, QuickTime, Adobe Flash) as biggest risk on client-side. The biggest risk on server-side in turn are web applications. The combination of vulnerable web applications and vulnerable client software is frequently used to inject a client exploit into a web application in order to pivot and attack inside the attacked network.
Full report can be read here.
The report sums up popular unpatched 3rd party programs (i.e. Adobe PDF Reader, QuickTime, Adobe Flash) as biggest risk on client-side. The biggest risk on server-side in turn are web applications. The combination of vulnerable web applications and vulnerable client software is frequently used to inject a client exploit into a web application in order to pivot and attack inside the attacked network.
Full report can be read here.
Tuesday, September 15, 2009
Trojan Uses Google Groups To Deliver Botnet Commands
Gavin O Gorman from Symantec writes in the company's blog how data criminals are using trojan, named as Trojan.Grups by Symantec, to distribute botnet commands in Google Groups newsgroups. Trojan distribution via newsgroups is not very uncommon, but this is the first instance of newsgroup C&C (command and control) usage that Symantec has detected.
Detailed analysis of how the Trojan.Grups trojan works can be read in Symantec blog here.
Source: TheRegister
Detailed analysis of how the Trojan.Grups trojan works can be read in Symantec blog here.
Source: TheRegister
Friday, September 11, 2009
Vulnerabilities In QuickTime player
Apple has released new version of its QuickTime media player. Version 7.6.4 patches four critical vulnerabilities that when exploited may lead to an unexpected application termination or allow execution of arbitrary code.
Apple's QuickTime 7.6.4 related security document can be found here.
Users of vulnerable version are advised to download the latest version available.
Apple's QuickTime 7.6.4 related security document can be found here.
Users of vulnerable version are advised to download the latest version available.
Version 3.5.3 of Firefox Released
Mozilla has released version 3.5.3 of its Firefox web browser. New version contains fixes for four vulnerabilities of which three are critical and one low. New version contains also fixes for several stability issues and brings earlier blogged check for Flash version.
Update can be obtained by using inbuilt updater of Firefox or by downloading it manually. More details in Firefox 3.5.3 Release Notes.
Update can be obtained by using inbuilt updater of Firefox or by downloading it manually. More details in Firefox 3.5.3 Release Notes.
Tuesday, September 8, 2009
Security Updates For September 2009 From Microsoft
Microsoft has released its monthly security update packet. September 2009 update consist of five different packets that all patch found vulnerabilities in Windows and are categorized as critical:
New version of Microsoft Windows Malicious Software Removal Tool was released too.
More information of the update and its contents can be read from here.
For consumer the easist way to get the update is to use Microsoft Update service.
MS09-045: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961)
MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (956844)
MS09-047: Vulnerabilities in Windows Media Format Could Allow Remote Code Execution (973812)
MS09-048: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (967723)
MS09-049: Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution (970710)
New version of Microsoft Windows Malicious Software Removal Tool was released too.
More information of the update and its contents can be read from here.
For consumer the easist way to get the update is to use Microsoft Update service.
Saturday, September 5, 2009
Upcoming Firefox Versions Check Flash Version Freshness
Mozilla states in their blog that from the upcoming versions of Firefox 3.5.3 and Firefox 3.0.14 onwards Firefox users will be warned if their version of Adobe Flash Player plugin is not up-to-date. This will be a welcome add since old Flash versions are often exploited in cyber criminals' attacks. "For now our focus is on the Adobe Flash Player both because of its popularity and because some studies have shown that as many as 80% of users currently have an out of date version", is stated in the blog.
Mozilla plans to work with other plugin vendors to provide similar checks for their products in the future too.
Mozilla plans to work with other plugin vendors to provide similar checks for their products in the future too.
Tuesday, September 1, 2009
Opera 10 Released
Subscribe to:
Posts (Atom)
