Virus News
Welcome to our RSS – Virus and Spyware Related News Feed section. This page might take some time loading up as it has to extract and load data from other sources.
Microsoft – Security at Home
Microsoft security updates for July 2009 - Learn about and download the latest computer security updates for July 2009. Read tips on protecting your computer by using anti-spyware and anti-spam programs. Microsoft security updates for June 2009 - Learn about and download the latest computer security updates for June 2009. Read tips on protecting your computer by using anti-spyware and anti-spam programs. Microsoft security updates for May 2009 - Learn about and download the latest computer security updates for May 2009. Read tips on protecting your computer by using anti-spyware and anti-spam programs. What is a botnet? - Basic definition of botnets, and links to how to recognize and avoid computer infection. Keep your computer from becoming a zombie by installing a firewall, keeping your antivirus, antispyware, and software up-to-date What is spam? - Basic definition of spam and how to prevent it, recognize identity theft spams, and avoid phishing. What are Internet filters? - Basic definition of internet filters, and links to where to download Microsoft filtering services and programs. What is identity theft? - See a basic definition of identity theft and links to in-depth information about how to recognize and prevent it. Microsoft security updates for April 2009 - Learn about and download the latest computer security updates for March 2009. Read tips on protecting your computer by using anti-spyware and anti-spam programs. Protect yourself from the Conficker computer worm - Learn about the Conficker worm, how it spreads, and how to remove it from your computer if you're infected. How to prevent a computer worm - Find information on how to prevent computer worms and viruses and to improve your computer's security. Follow some best practices to keep your system up-to-date by maintaining an up-to-date antivirus software subscription
PCAdvisor – Security News
Computerworld – Viruses News
'Here you have' e-mail worm spreads quickly - Security experts warned Thursday of a fast-spreading e-mail worm, the first large outbreak of this type in nearly a decade. Microsoft plans double-sized Patch Tuesday next week - Microsoft plans to issue nine security updates to patch 13 bugs in Windows, Office and its Web server software next week. Cloudmark DesktopOne Basic Stops Spam - Tired of getting e-mail from Nigerian strangers offering to help you claim several million dollars? Don't want your inbox littered with offers to enlarge private body parts? Try Cloudmark DesktopOne Basic (free), which does an excellent job of killing spam before you ever read it. Even if you have a spam filter on your e-mail software, you'll find it useful. Hackers exploit new PDF zero-day bug, warns Adobe - Adobe today warned users that attacks have begun exploiting an unpatched bug in its popular Reader and Acrobat PDF viewing and creation software. Apple matches Mozilla, patches DLL hijacking bug in Safari - Apple yesterday patched three vulnerabilities in Safari, including one in the Windows version that quashed a bug Microsoft said individual developers had to fix themselves. Mozilla fixes Firefox's DLL load hijacking bug - Mozilla on Tuesday patched 15 vulnerabilities in Firefox, 11 of them labeled critical. More Viruses News - View more Viruses news and analysis from Computerworld.com
Kaspersky – Virus News
Popular Porn Sites Distribute a New Trojan Targeting Android Smartphones - Kasperksy Lab, a leading developer of secure content management solutions, has detected a second piece of malware, categorized as a Trojan-SMS, which targets smartphones running on the Android platform The Perils of the Internet: who profits from millions of online attacks? - Kaspersky Lab has released an article entitled “The Perils of the Internet” authored by malware analyst Eugene Aseev. As the title suggests, this article looks at the threats which make web surfing risky. Windows vulnerabilities prove a popular target for cybercriminals in August - Kaspersky Lab announces the publication of its Monthly Malware Statistics for August 2010. Kaspersky Lab detects new IM worms capable of spreading via almost all instant messengers - Kaspersky Lab announces the detection of a new family of computer worms that are spreading via numerous instant messaging clients Kaspersky PURE Receives Gold Award in Parental Control Systems Testing - Kaspersky Lab announces that Kaspersky PURE, its comprehensive home network protection solution, came first in tests designed to measure the effectiveness of the parental control modules of ten of the industry's leading security solutions Kaspersky Lab detects new IM worms capable of spreading via almost all instant messengers - Kaspersky Lab announces the detection of a new family of computer worms that are spreading via numerous instant messaging clients Q2 2010: more than half a billion infection attempts - Kaspersky Lab, a leading developer of secure content management solutions, has released its report on information security threats in the second quarter of 2010 First SMS Trojan Detected for Smartphones running Android - Kaspersky Lab announces that the first malicious program classified as a Trojan-SMS has been detected for smartphones running on Google’s Android operating system. First SMS Trojan detected for smartphones running Android - Kaspersky Lab announces that the first malicious program classified as a Trojan-SMS has been detected for smartphones running on Google’s Android operating system. TDSS: Rootkit Technologies at the Heart of Cybercrime - TDSS is the most powerful and complex rootkit to date. This universal malware can hide its own presence and that of other malware on an infected system while offering enhanced opportunities.
Norton Security Articles
Microsoft Security Bulletins advance notification - Information about Microsoft's upcoming security bulletins. Critical vulnerability in Adobe Reader and Acrobat - A critical vulnerability has been discovered in Adobe Reader version 9.3.4, Acrobat 9.3.4 and earlier versions. Update to Mozilla Firefox solves several critical vulnerabilities - A new version of the popular web browser Mozilla Firefox is available. This version corrects several critical vulnerabilities. Number of vulnerabilities on the rise - In August IBM Security X-Force published its Mid-Year Trend and Risk Report. The X-Force reports are always interesting reading, and this latest addition maintains the high standards. Lots of topics are discussed in the report. In our security article, we shall however focus on one particular finding. Old vulnerability in Apple's QuickTime Player allows remote code execution for Windows systems - Yesterday a Spanish security researcher posted Proof-of-Concept exploit code for a vulnerability in Apple's QuickTime Player. He demonstrated how a nine year old unused parameter in QuickTime Player, could be used to take full control over Windows-based system with Live Messenger installed, and execute program code remotely. Mandatory electronic identification card with RFID chip - Last week it was announced that the Dutch company NXP was selected to produce the new identification (ID) card for Germany. Starting from the beginning of November this year, 60 million mandatory cards will replace the older ID cards. Several Windows applications vulnerable due to Insecure Library Loading - During the latest days several security resources on the Internet have published information about a vulnerability in Windows applications, which when exploited, might allow remote execution of program code in certain circumstances. Note that this may affect third-party Windows applications, as well as (potentially) applications developed by Microsoft. Complete access to all information - Most people would agree with both the following statements. A plethora of malware for mobile phones to be expected soon (?) - In later years dangerous malicious software for mobile phones and other handheld devices has been predicted and expected by several analysts. Norman, however has traditionally been among those more reluctant in predicting that the explosion of if malicious software for mobile devices is imminent. In retrospective it seems safe to say that our view has proven correct (so far). Critical udates for Adobe Flash Player - Critical vulnerabilities have been identified in Adobe Flash Player 10.1.53.64 and earlier versions.
Trend Micro malware Blog
Be Careful What You Reveal Online - In this YouTube video, Trend Micro CTO Raimund Genes discusses how an attacker can use information from social networks such as LinkedIn and Facebook to hack into a corporate network. The picture Raimund paints shows how attackers can get publicly available email addresses on social networks and send a customized targeted email to the person [...] Post from: TrendLabs | Malware Blog - by Trend Micro
Be Careful What You Reveal OnlineOld Malware Out of its Shell - Trend Micro received several reports of a spammed message containing a link that leads to the download of a malware detected as WORM_MEYLME.B. The spammed message bears the subject, Here you have and informs users of a certain PDF document. When the users point the mouse in the URL, hxxp://www.{BLOCKED}ocuments.com/library/PDF_Document21.025542010.pdf or hxxp://www.{BLOCKED}ovies.com/library/SEX21.025542010.wmv, it indicates a [...] Post from: TrendLabs | Malware Blog - by Trend Micro
Old Malware Out of its ShellNew Zero-Day Adobe Acrobat Vulnerability Exploited - Adobe has issued a new security advisory concerning Adobe Acrobat, its line of PDF software. All current versions of Reader and Acrobat are known to be vulnerable across all supported platforms—Windows and Mac for Acrobat and Windows, Mac, and Unix for Reader. According to the advisory, an attacker could use the vulnerability to “to take [...] Post from: TrendLabs | Malware Blog - by Trend Micro
New Zero-Day Adobe Acrobat Vulnerability ExploitedNew Fake Facebook Spam Waves Sent Through Cutwail/Pushdo Botnet - Who said that Cutwail/Pushdo botnet is dead? The recent Cutwail/Pushdo takedown was a great help in stopping this huge botnet in sending out spammed messages all over the world. Yesterday, however, a new wave of approximately 5,000 fake Facebook messages was sent through some Cutwail zombies for about 30 minutes. The spammed message informs users [...] Post from: TrendLabs | Malware Blog - by Trend Micro
New Fake Facebook Spam Waves Sent Through Cutwail/Pushdo BotnetUncovered Spyeye C&C Server Targets Polish Users - All of us have heard about SpyEye, a malware family comprising information/data stealers like ZeuS/ZBOT. This malware is sometimes known as a “ZeuS killer,” as it stops ZeuS malware from running on affected systems, assuming that the latter is already present. This topic was discussed before in the blog post, “Keeping an Eye on the [...] Post from: TrendLabs | Malware Blog - by Trend Micro
Uncovered Spyeye C&C Server Targets Polish UsersCybercriminals Hone in on Critical Systems - Any regular reader of this blog knows that malware can infect a system in several ways—email, browser exploits, instant-messaging applications, peer-to-peer (P2P) networks, and others. Even organizations that take great lengths to secure their Internet gateways have found themselves compromised via one of the oldest infection methods—physical media attacks with USB flash drives taking the [...] Post from: TrendLabs | Malware Blog - by Trend Micro
Cybercriminals Hone in on Critical SystemsPushdo Takedown Damages Botnet - Last week it was reported that the Pushdo botnet, used to send spam using the Cutwail spamming module, was taken down, thanks to the efforts of several security researchers. Thirty command-and-control (C&C) servers of the Pushdo/Cutwail botnet were identified, almost 20 of which were taken down after their Internet hosting providers were notified. So far, [...] Post from: TrendLabs | Malware Blog - by Trend Micro
Pushdo Takedown Damages Botnet“IQ Test” Spam Proliferating via Instant Messages - I recently came across a round of spammed instant messages that arrived via my Yahoo! Messenger account. These messages were supposedly sent from my cousin’s account, and used the following format and were sent to everyone on her friends list: The familiar message format told me that I was chatting with a bot that wanted [...] Post from: TrendLabs | Malware Blog - by Trend Micro
“IQ Test” Spam Proliferating via Instant MessagesTDSS Pretending to Be TweetDeck Update - Timing is everything, especially if you’re trying to spread malware. Last week, the developers of the popular Twitter application TweetDeck notified users that due to changes in the authentication protocols Twitter supports, users of older versions will have to upgrade. Naturally, cybercriminals latched onto this bit of news and sent out their own Tweets saying [...] Post from: TrendLabs | Malware Blog - by Trend Micro
TDSS Pretending to Be TweetDeck UpdateNew Zero-Day Vulnerabilities Imminent - An independent group of security researchers has announced that they will be releasing zero-day vulnerabilities, Web application vulnerabilities, and proof-of-concept (POC) exploits for patched vulnerabilities throughout the month of September. Many high-profile vendors such as Adobe, Apple, Microsoft, and Mozilla are among those whose products will apparently have vulnerabilities revealed during the month. According to [...] Post from: TrendLabs | Malware Blog - by Trend Micro
New Zero-Day Vulnerabilities Imminent
Washington Post Security Fix
Farewell 2009, and The Washington Post - This will be the last post for the Security Fix blog. Dec. 31 marks my final day at The Washington Post Company. Over the last 15 years, I've reported hundreds of stories for washingtonpost.com and the paper edition. I have authored more than 1,300 blog posts since we launched Security Fix back in March 2005. Dozens of investigative reports that first appeared online later were "reverse published" in the newspaper, including eight front-page stories and a Post Magazine cover. Through it all, you - the reader - have been my most valuable source, most reliable critic, and most persistent muse. Loyal readers are the reason Security Fix has consistently been among the most-visited blogs on washingtonpost.com. Thank you. I will continue to remain engaged in this increasingly vital news beat. Please stay in touch for updates in the New Year. I can be reached directly at this e-mail address.
Hackers exploit Adobe Reader flaw via comic strip syndicate - Hackers broke into an online comic strip syndication service Thursday, embedding malicious code that sought to exploit a newly discovered security flaw in Adobe Reader and Acrobat, Security Fix has learned. On Monday, Adobe Systems Inc. said it was investigating reports that criminals were attacking Internet users via a previously unknown security flaw in its Adobe Reader and Acrobat software. Experts warned that the flaw could be used to foist software on unsuspecting users who visit a hacked or booby-trapped Web site. Albany, N.Y.-based Hearst publication Timesunion.com now reports that on Thursday readers of its comics section began complaining of being prompted to download malicious software. In an update posted to its site, Timesunion.com said the attack took advantage of the recently disclosed Adobe flaw. The news outlet said it had traced the attack back to a problem at King Features, which serves comics on its Web site, and that
Twitter.com hijacked by 'Iranian cyber army' - Hackers hijacked the Web site of micro-blogging community Twitter.com early Friday, briefly redirecting users to a Web page for a group calling itself the "Iranian Cyber Army." The attackers apparently were able to redirect Twitter users by stealing the credentials needed to administer the domain name system (DNS) records for Twitter.com. DNS servers act as a kind of phone book for Internet traffic, translating human-friendly Web site names like "Twitter.com" into numeric Internet addresses that are easier for computers to handle. "Twitter's DNS records were temporarily compromised but have now been fixed," the company said in a brief statement on its Web site. "We are looking into the underlying cause and will update with more information soon." Twitter's DNS service is provided by Manchester, N.H. based Dyn Inc. Tom Daly, chief technology officer at Dyn, said the incident was not the result of a security failure on its services. Daly
Group IDs hotbeds of Conficker worm outbreaks - Internet service providers in Russia and Ukraine are home to some of the highest concentrations of customers whose machines are infected with the Conficker worm, new data suggests. The report comes from the Shadowserver Foundation, a nonprofit that tracks global botnet infections. Shadowserver tracks networks and nations most impacted by Conficker, a computer worm that has infected more than 7 million Microsoft Windows PCs since it first surfaced last November. "Conficker has managed to infect, and maintain infections on more systems than any other malicious vector that has been seen before now," Shadowserver stated on its Web site. Shadowserver's numbers indicate that the largest numbers of Conficker-infested PCs are in the East, more specifically China, India and Vietnam. For example, Chinanet, among the nation's largest ISPs, has about 92 million routable Internet addresses, and roughly 950,000 -- or about 1 percent of those addresses -- appear to be sickened with
Hackers target unpatched Adobe Reader, Acrobat flaw - Adobe Systems Inc. said Monday it is investigating reports that attackers are exploiting a previously unidentified security hole in its Acrobat and PDF Reader software to break into vulnerable computers. The acknowledgment coincided with an alert published by the Shadowserver Foundation, a nonprofit group that tracks the spread of malicious programs that criminals use to control infected systems remotely. Shadowserver member Steven Adair said the flaw is present in the most recent versions of Adobe Acrobat and Reader. Adair warned that security experts have observed cyber crooks using the vulnerability in targeted attacks since at least Dec. 11, but that more widespread attacks are likely to emerge over the next few weeks. In addition, few anti-virus vendors currently detect malicious PDF files harboring this exploit. At the moment, there is no patch available for this flaw, and Adobe's brief advisory offers little in the way of mitigation advice. However, Internet
Check your Facebook 'privacy' settings now - If you use Facebook and care about your privacy, take a moment to read this blog entry. Facebook has made some major changes that may allow a great deal more people to see your personal photos and videos, date of birth, family relationships, and other sensitive information. While logged in to Facebook, click the "Settings" link and you should see a box that looks like the one pictured below. You may see that Facebook has reset your privacy settings, so that the everyone can now see the information on your "About Me" page, as well as your "Family and Relationships" data; "Work and Education"; and most importantly "Posts I Create," which includes status updates, links, photos, videos and notes. Below is a screen shot of what my privacy settings looked like when I recently logged in. The new privacy settings instituted across the Facebook network may also expose your birthday,
Paper-based data breaches on the rise - More than one quarter of data breaches so far this year involved consumer records that were jeopardized when organizations lost control over sensitive paper documents. Experts say those incidents came to light in large part due to a proliferation of state data breach notification laws, yet current federal proposals to preempt those state measures would allow paper-based breaches to go unreported. According to the Identity Theft Resource Center, a San Diego based nonprofit, at least 27 percent of the data breaches disclosed publicly in 2009 stemmed from collections of sensitive consumer information printed on paper that were lost, stolen, inadvertently distributed or improperly disposed of. Some 45 states and the District of Columbia have enacted laws requiring companies that lose control over sensitive consumer data such as Social Security or bank account numbers to alert affected consumers, and in some cases state authorities. Concerned about the mounting costs of complying
Critical updates for Adobe Flash, Microsoft Windows - Microsoft released six software updates on Tuesday to fix at least a dozen security vulnerabilities in Windows, Internet Explorer, Windows Server and Microsoft Office. More than half of the flaws earned a "critical" rating, meaning criminals could exploit them to break into vulnerable systems without any help from users. Separately, Adobe Systems Inc. issued critical security updates to its Flash Player and AIR Web-browser plugins. The updates are available from the Windows Update Web site, or via the Automatic Update feature in Windows. Probably the most important update for most users is the one for Internet Explorer, which corrects five critical flaws in IE 6, 7 and 8. These are vulnerabilities that attackers could exploit to quietly install malicious software on your machine if you browse with IE to a hacked or booby-trapped site. A description of the rest of the vulnerabilities patched in this month's release from Microsoft is
Featured Advertiser - Security Fix author named 'cybercrime hero' - Networking equipment maker Cisco Systems Inc this week bestowed a generous honor on the Security Fix author. In its 2009 annual security report released Tuesday, Cisco names Yours Truly as a "cybercrime hero," citing an ongoing investigative series detailing the plight of small businesses that have lost hundreds of thousands of dollars at the hands of malicious software. The mention comes in a section announcing Cisco's first-ever "Cybercrime Showcase," which the company said aims to "shine a spotlight on individuals and entities who have made significant positive contributions during the past year toward helping make the Internet a safer place for all users." Clearly, I am long overdue to design a decent superhero costume. In all seriousness, I am grateful for the mention, and for the recognition of my work. Interestingly, the two families of malicious software also mentioned as "winners" of Cisco's 2009 "Cybercrime Showcase" are malware families whose
La. firm sues Capital One after losing thousands in online bank fraud - An electronics testing firm in Louisiana is suing its bank, Capital One, alleging that the financial institution was negligent when it failed to stop hackers from transferring nearly $100,000 out of its account earlier this year. In August, Security Fix wrote about the plight of Baton Rouge-based JM Test Systems, an electronics testing firm that in February lost more than $97,000 from two separate unauthorized bank transfers a week apart. According to JM Test, Capital One has denied any responsibility for the losses. On Friday, JM Test filed suit in a Louisiana district court, alleging breach of contract and negligence by the bank. The firm says it is still out a total of $89,000, and that it has spent roughly $70,000 investigating and responding to the breaches. "Capital One was not willing to make good on our losses or attempt any type of settlement," said Happy McKnight, JM Test's controller.
Phishers angling for Web site administrators - Scam e-mail artists have launched a massive campaign to trick webmasters into giving up the credentials needed to administer their Web sites, targeting site owners at more than 90 online hosting providers. Experts say the attackers are attempting to build a distributed network of hacked sites through which to distribute their malicious software. The spam e-mails arrive addressed to users of some of the top Web hosting firms, from hostgator.com to yahoo.com and 50webs.com, and bear the same basic message: "Due to the system maintenance, we kindly ask you to take a few minutes to confirm your FTP details." Recipients who click the included link are brought to a Web site made to look like a cPanel page (cPanel is a widely used Web site administration software package). People who fall for the scam and provide their credentials are then forwarded on to the actual site of the Web hosting
Apple issues security updates for Mac OS X - Apple this week pushed an update for Leopard and Snow Leopard systems that plugs a large number of security holes in Apple's version of Java, a package installed by default on those Mac OS X systems that enables a number of multimedia Web applications. The new Java version fixes at least 14 vulnerabilities in the version designed for OS X 10.6 systems; the package put together for 10.5 Macs corrects more than two dozen security flaws. Mac users can grab the patches via Software Update or from Apple Downloads. The patch fun continues into Tuesday of next week, when both Microsoft and Adobe are scheduled to issue updates to plug security vulnerabilities of their own. Microsoft said Thursday that it plans to issue at least six security patches (each patch fixes at least one -- but often multiple -- security flaws). Half of those updates will carry a "critical" rating,
Featured Advertiser
Bit.ly to scour shortened links for badness - Scammers and spammers soon will have a tougher time masking links to their malicious Web sites using bit.ly, one of the more popular link-shortening services out there: The company said this week it is teaming with three security firms to warn users when a shortened link looks like it leads to badness. Criminals increasingly are abusing URL-shortening services to disguise the true destination of both phishing Web sites and those that host malicious software. Some of the most prolific and automated of these attacks take place on social media sites like Facebook and Twitter, networks that are far less useful and fun if users can't feel relatively comfortable clicking links. In response, bit.ly will by the end of the year be working with Sophos, Verisign and Websense to scrub some 40 million shortened links each day for those linking to malware, spam and phishing Web sites, the company said this
DC businessman loses thousands after clicking on wrong e-mail - Pay-per-click revenue in the online advertising business may be diminishing for traditional media publishers, but thieves increasingly are earning five- to seven-digit returns when victims click on a booby-trapped link or attachment sent via e-mail. The latest victim to learn this was Nigel Parkinson, president of D.C.-based Parkinson Construction, a firm with an estimated $20 million in annual revenue that has worked on some of Washington's top gathering places, including the new D.C. Convention Center and the Nationals baseball stadium. Parkinson said he had an expensive crash course in computer security, when on Nov. 24, he clicked a link in an e-mail purporting to be from the Social Security Administration warning him about potential errors on his Social Security statement. Parkinson fell for the ruse and ended up downloading a copy of the Zeus Trojan, a prolific family of malicious software that criminal gangs have used to great effect to
