News Posts matching "PC Security"

Return to Keyword Browsing

GPS Spreading Viruses

Although the GPS device itself is not affected by this, the TomTom GO 910 has been reported to be carrying Trojans win32.Perlovga.A and TR/Drop.Small.qp. Any of the $599 units manufactured between September and November last year may have been manufactured with these two Trojans "pre-installed" for you. Apparently TomTom is aware of this, yet so far no warning has been released to consumers - although the viruses pose very little risk and if you keep your anti-virus software up to date you should be fine. TomTom claims "Appropriate actions have been taken to make sure this is prevented from happening again in the future.” These Trojans can potentially spread to your PC if you connect it to synchronise information or load routes.Source: Engadget

Symantec to Acquire Altiris

CUPERTINO, Calif. – Jan. 29, 2007 – Symantec Corp. (Nasdaq: SYMC) today announced it has signed a definitive agreement to acquire Altiris, Inc. (Nasdaq: ATRS), a leading provider of IT management software that enables businesses to easily manage and service network-based endpoints – from mobile devices, laptops, and desktops to servers and storage assets. Under the terms of the agreement, Altiris stockholders will receive $33 per share of Altiris common stock in cash, resulting in a transaction value of approximately $830 million net-of-cash-acquired. The transaction is subject to customary closing conditions including regulatory and Altiris stockholder approvals, and is expected to close in the second calendar quarter of 2007.

MySpace chastises ad networks over 'scareware' tactics

MySpace ads have been taking a very interesting turn as of late. Ads for WinAntiVirus Pro and DriveCleaner are taking a new approach to getting people to buy things. Symantec and Sophos have warned that both programs are malicious, which raises questions as to why MySpace allows ads for them in the first place. WinAntiVirus Pro tries to install itself in the background via ActiveX. When it is installed, it claims you have a malware problem and makes you buy the anti-virus program it recommends. DiskCleaner pulls a similar stunt, however it claims there is a problem with your computer before it installs itself and demands you buy the professional version.

Former treasurer of Michigan fell for Nigeran scam...hard

When 1.2 million tax dollars went missing from Alcona County, Michigan, county officials wasted no time in a full investigation. They quickly found that the treasurer, Thomas Katona, had done some suspicious overseas transactions. Even after the people at the bank warned Katona of the obvious Nigerain fraud, he still sent approximately 185,000 US dollars to overseas accounts in eight payments. It is unknown how much of that is the missing tax money. 56 year old Katona was treasurer for 13 years. He was charged for felony nine times, and has a bail set at 1 million dollars.Source: The Register

Blu-ray protection broken

It seems that muslix64, the hacker who cracked HD-DVD, has now done the same for Blu-ray. Blu-ray and HD-DVD both use AACS (Advanced Access Content System) to prevent people copying the media, but it looks like both formats may have been defeated. By finding the keys that films use to prevent users copying the content, people can sidestep the protection and then rip the movies into another format, essentially allowing them the freedom to do what they want with the films. BD+, the second type of protection for Blu-ray, is yet to be broken.Source: Reg Hardware

New trojan StormWorm plays off weather fears to get itself installed

StormWorm shows a disturbing new trend of malware authors- playing off victim's fears. Instead of using classic baits of sex or celebrity information, malware authors are using a hot news event to get people to click their links. Malware authors are sending emails with the subject "230 dead as storms batter Europe", which has a link to the storm worm where a news story ought to be. Security firm F-Secure says that the worm is just a variant of Small.DAM, but it definitely has an unusual install approach.Source: The Inquirer

Persistant 'zombie' attacks target systems protected by corporate editions of Symantec antivirus

Once again, it really pays to keep your virus protection updated. A new worm, which seems to be a spybot variant, works on a flaw found in older versions of Symantec antivirus for corporations. While personal editions of the software are not affected, any corporation running an older version of Symantec Norton will be vulnerable to the worm. The worm turns whatever it infects into a "zombie" PC, which only serves to copy and send the virus. Symantec had a fix for the problem on May 25th, but not all users downloaded it. Symantec is re-evaluating it's patch/virus definition distribution method.Source: CNET

Diskeeper 2007 will run in background to eliminate fragmentation as it appears

A lot of Windows users these days have a lot of processes running in the background. This can be good or bad, but it definitely does not help a disk defragmenter do it's job. And so, the makers of Diskeeper 2007 made sure that users would not have to worry about how their various processes affected the performance of their degragmenter. Their "InvisiTasking" software runs in the background, automatically prioritizing itself as activity increases and decreases. This effectively makes Diskeeper 2007 run as if it's not there, and defragments as fragmentation appears, instead of at regular scheduled intervals. Diskeeper 2007 costs £23 for a home PC and from £285 for a Windows server.Source: The Register

IE vulnerable for 284 days in 2006

If you were using a fully updated version of Microsoft Internet Explorer last year, with every one of the patches installed, you could still have been vulnerable to attack from known flaws for 284 last year. For at least 98 of those days, Microsoft knew about bugs which were being actively exploited by criminals without a patch available. This means that there were only 81 days during which Internet Explorer was completely safe against known problems, compared to all but nine days for Mozilla Firefox. Apparently at least ten of the critical problems had resolutions published online before Microsoft released a fix, so perhaps Internet Explorer 7 will wield more security for users. Admittedly this research does not account for unknown bugs, so both browsers are likely to truly be vulnerable at any time.Source: The Inquirer

Zero-day exploit in QuickTime revealed

A serious exploit in Apple’s QuickTime has been exposed by the “Month of Apple Bugs” project. The exploit affects both Windows and Mac based versions of QuickTime 7.1.3 and earlier. The exploit could potentially allow a hacker to remotely launch what QuickTime thinks is a movie which could then be used to hijack your PC by deleting or encrypting your files for a ransom. Apple doesn’t have a patch for this serious exploit yet, so the safest measure to take would be to remove QuickTime from your computer if this proves to be genuine. The project should provide evidence to the public that Macs suffer numerous security flaws and it isn’t only Windows based computers.Source: Month of Apple Bugs

Gmail leaves your account open to spammers

A new flaw has been exposed in Google’s Gmail service which could allow hackers to get hold of your contacts. When you log into your Gmail (Googlemail in some countries) account, Google will put your details into a JavaScript file. Because of this, if you browse other websites whilst logged into your account, any of them could potentially declare the function “google” and be able to get hold of all of your contacts. The only two ways to ensure your privacy is safe are to disable JavaScript in all websites except those you trust or to not browse other sites whilst logged into any Google service. Admittedly Gmail is still only a beta, but a fault like this could be quite serious.

Update: Disabling JavaScript did not solve this problem, however it appears that Google has now fixed this issue and your contacts list should be safe.Source: Engadget

Enourmous increase in the volume of spam e-mail sent

Companies that are low enough to resort to sending out spam e-mails as advertising have recently really been working hard. Thanks to images in spam messages, a surge in botnets (computers that are hijacked by viruses to send out spam emails), a high availability of domains for spammers and underdeveloped spam filters, spammers have managed to increase their spam volume by 35%. This exceeds the expectations of internet analysts, and means that spammed advertisements now represent 90% of all e-mails on the internet.Source: Neowin

“Happy New Year” Worm

If you receive and email with the subject “Happy New Year” be very cautious, it could be a new email worm which is spreading from 160 email domains. The malicious email has an attachment named ‘postcard.exe’ which, if opened, will infect your computer with a number of dangerous codes including Tibs, Nwar, Banwarum and Glowa. Once the worm has done its work on your PC it will then mass mail from the infected computer - according to VeriSign one network is sending out five emails per second with the worm. It’s recommended that users always check with the sender whenever they receive an unexpected attachment, especially if it is an executable.Source: Computerworld

AACS "cracked"

Apparently we have us a new DVD Jon at Doom9.org. muslix86 made a program to decrypt AACS protected movies. AACS is the protection used by HD-DVD.
When a HD-DVD is played it's protection key is stored in the system memory unprotected, by grabbing the key you can use BackupHDDVD to decrypt a movie and place it on the hard drive.
The catch, however, is that the program does NOT grab these keys, you will have to add your own keys. To get your key collection started, the program does come with keys for five movies.Source: Doom9

Powerpoint 'Merry Christmas' message installs trojan

Security firm iDefense has found a "Merry Christmas" Powerpoint presentation that comes with a nasty surprise- a trojan. E-mails with the following subject and attachment are very likely to be a security risk:
Subject: Merry Christmas to our hero sons and daughters!
Attachment: Christmas+Blessing-4.ppt
Ken Dunham, of iDefense, says that this attack is similar to other exploits of Microsoft products throughout the years, and that the attacks are based on a remote server in China. If you think you may have caught the trojan, the two files that it installs are msupdate.dll and sdfsc.dll.Source: The Inquirer

Firefox 2.0.0.1 released

This is only a minor update, but recommended nonetheless. You can get this update by clicking “Help” and then “Check for Updates”, or alternatively if this doesn’t work, visit the Mozilla site and re-download Firefox. Some browsers may be set to automatically download anyway. The following issues have been fixed in this release:
  • XSS using outer window's Function object
  • RSS Feed-preview referrer leak
  • Mozilla SVG Processing Remote Code Execution
  • XSS by setting img.src to javascript: URI
  • LiveConnect crash finalizing JS objects
  • Privilege escallation using watch point
  • CSS cursor image buffer overflow (Windows only)
  • Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
Source: Mozilla

NEC Desktops catching fire

2006 was a bad year for Sony with their exploding notebook batteries, but now NEC has managed to join the list of dangerous computers with desktops which catch alight. NEC says that a part of the power supply unit, supplied to them by an unnamed external manufacturer (does Sony make PSUs for them?), was the culprit for two overheating computers leading to fires. The desktop model affected is the Valuestar model, built between November 2003 and June 2004.Source: eWeek

Microsoft fixes Internet Explorer 7 phishing shield

Internet Explorer 7 was designed with security in mind. While there have been several flaws reported in the browser, Microsoft has so far been very good with patching them. When they discovered that Internet Explorer 7's phishing shield can get bogged down very quickly when viewing multiple web pages at once (or just a web page with a lot of content), Microsoft worked hard to find a fix. The problem lied in the way the phishing filter checks for bad sites. Instead of checking whether a site is on a pre-downloaded "naughty list" like Firefox 2, Internet Explorer 7 asks Microsoft whether or not a site is good before loading it. A quick optimization patch was not included in the most recent "Patch Tuesday", but you can still get it here. Source: CNET

Hotmail account held for ransom

Earlier this week, one Hotmail user logged into their account to find that all of their emails had been removed by hackers, with the only email remaining demanding money in return for the deleted emails. According to Websense, this is a variant of “ransomware” which holds your files using methods such as encryption and demands money in return for the password. The cause of this is believed to be a computer in a Spanish Internet Cafe which was infected with spyware, therefore Hotmail users needn’t worry too much at present. Hopefully MSN should be able to restore the missing emails and this should be an isolated incident, although it could be a sign of the future.Source: Neowin.net

Microsoft's infamous 'Patch Tuesday' addresses seven flaws

Yesterday, Microsoft patched seven problems with Windows XP SP2. The three updates that were marked "critical"-
  • An update to Windows Internet Explorer 7
  • Windows Media Player patch
  • Visual Studio 2005 fix
The last four updates marked "important" fix flaws in Outlook Express, the SNMP network management protocol, fix privelage problems, and patch a problem with remote installation services. You can read a full rundown of December's Patch Tuesday here. A recent flaw discovered in Microsoft Word remains unpatched.Source: The Register

800,000 students and staff affected by hacker

Approximately 800,000 former and current students, along with some members of staff, at the University of California Los Angeles have been alerted that their details may have been exposed to a hacker who managed to breach the University’s network. The hacking had been occurring for over a year, from October 2005 until the 21st of November this year. Data that might have been acquired includes Social Security numbers, addresses and birth dates. So far there is no evidence of this data being misused.Source: CNN

Vista Trojan poses as activation crack

A Trojan virus has already been written and released for Microsoft’s new operating system. The malware, posing under the name “Windows Vista All Versions Activation 21.11.06”, pretends to be a crack to lets users avoid activating their copy of Vista but in reality it carries a the Trojan Trojan-PSW.Win32.LdPinch.aze. Apparently most virus scanners can detect this Trojan but for some reason Norton and Nod32 let it slip by them.Source: DABCC

MySpace will offer technology that keeps sexual predators out

The personal safety of it's users and the protection of multimedia copyrights are the two highest priorities for social networking giant MySpace. And to protect it's users, Myspace has teamed with Sentinel Tech Holding, an expert in background verification, to add a new feature to the website. The feature, called the "Sentinel Safe" profile searcher, will let MySpace easily search and destroy the profiles of registered sex offenders. This is to prevent those same sex offenders from seducing, kidnapping, and molestering MySpace users. MySpace says that there are roughly 550,000 registered sex offenders, all of which need to be kept away from MySpace. Sentinel Safe will be the first service that has access to the sex offender registries of 46 states.Source: CNET

Ultra-secure USB flash drive


A company called Duck Image has released plans to produce a USB drive that brings new levels of security to the market. Most USB drives can now be secured fairly easily by software, but Duck Image has taken this a step further introducing their 007 USB flash drive that can be physically locked to whatever you chose.
Return to Keyword Browsing