March 2005 - Posts
According to AOL Canada's Phishing Study, almost one out of every three Canadians surveyed have received an email from a company seeking confirmation of their account information. Alarmingly, 12 per cent surveyed admitted to clicking through an email link or URL to "confirm" their account information.
http://www.technologynewsdaily.com/node/439
Postini announced that the number of directory harvest attacks (DHAs) by spammers against corporate email dropped in March for the first time in seven months. In March, Postini protected its customers from more than 26 million DHAs, or an average of 843,157 per day. This is an eight percent decrease compared to February's average of 919,963 per day.
DHAs are brute force attempts by spammers to find valid email addresses where the spammer connects to a business' email server and guesses addresses, building a database of legitimate email addresses. Those addresses are then harvested for use in later spam campaigns.
The amount of spam and virus-ridden emails decreased slightly in March despite a spike in Bagle worm traffic early in the month. Postini processed 14.6 billon messages this month and 87 percent of them were spam, including phishing, viruses, and other email threats. Only 13 percent of all messages were legitimate email. Last February 88 percent of all email was malicious.
More in PRNewswire
In sharp contrast to the harmless pranks that will be played on April Fools' Day, deceptive phishing schemes are no laughing matter. To strike a blow against criminals who prey on Internet users, the U.S. Federal Trade Commission (FTC), National Consumers League and Microsoft Corp. today urged consumers to beware of phishing schemes aimed at stealing their identities.
PRNewswire
90% of computers in companies are affected by spyware, informs Panda Software
Spyware is one of the most common security risks and directly affects user privacy. What’s more, it is one of the main reasons why users call internal technical support centers in companies. The data is surprising: according to a recent report compiled by the companies Webroot and Earthlink, 9 in 10 computers have spyware installed. This means that 90 percent of computers are affected by this type of malware. What’s more, an average of 25 spyware programs were installed on the computers studied. Similarly, data collected by Panda Software’s free online antivirus solution, Panda ActiveScan -the new version of which also detects spyware-, shows that 84 percent of the malware installed on computers is spyware.
http://www.pandasoftware.com/about/press/viewNews.aspx?noticia=6067
MailFrontier published an online phishing test - 10 suspect phish emails are listed which you will read and decide if it is legitimate or a phish (fraudulent) message.
I got 9 out of 10 correct, or 90 % :-) Get Your Score now in http://survey.mailfrontier.com/survey/phishing_uk.html
“The Mozilla Foundation has awarded bug bounties to Michael Krax of Germany. Krax found five security bugs relating to chrome privileges, meaning that he received US$2,500 ($500 for each individual bug)...“
http://mozillazine.org/talkback.html?article=6314
Experts at SophosLabs, Sophos's global network of virus and spam analysis centres, have discovered a worm which plays upon the public's interest in movie stars Brad Pitt and Angelina Jolie, as well as celebrities such as Britney Spears, Pamela Anderson and Paris Hilton.
The W32/Ahker-F worm spreads via email using messages such as:
Watch Angelina Jolie and Brad Pitt cought on TAPE! SEXY CLIP! WATCH IT!
Sophos believes the worm's author (who calls himself "Agent Hacker") is capitalising on media interest in Brad Pitt and Angelina Jolie's possible friendship. There has been speculation that the film stars' relationship may have contributed to the recent breakdown of Pitt's marriage with ex-Friends' actress Jennifer Aniston.
If the attached file, Clip.zip, is opened and executed the worm will attempt to spread to other email users.
More in http://www.sophos.com/virusinfo/articles/ahkerf.html
A coalition of telcos, network providers, hosting companies and educational institutions have formed the Fingerprint Sharing Alliance, an industry initiative aimed at helping network operators share internet attack information automatically.
The Fingerprint Sharing Alliance marks the first time companies are able to share detailed attack profiles in real-time and aims to block attacks closer to the source.
http://enterprise-security-today.newsfactor.com/story.xhtml?story_id=32036
"File-sharing technology is a popular way for users to exchange, or "share," files. However, using this technology makes you susceptible to risks such as infection, attack, or exposure of personal information.“
What is file sharing?
File sharing involves using technology that allows internet users to share files that are housed on their individual computers. Peer-to-peer (P2P) applications, such as those used to share music files, are some of the most common forms of file-sharing technology. However, P2P applications introduce security risks that may put your information or your computer in jeopardy.
Visit http://www.us-cert.gov/cas/tips/ST05-007.html to find out the following:
What risks does file-sharing technology introduce?
How can you minimize these risks?
Expanding its measures to combat software piracy, Microsoft will require users who want to download local language add-ons to Windows to first validate their copy of the operating system as legitimate.
http://www.infoworld.com/article/05/03/30/HNmicrosoftpiracy_1.html
Computer Associates acquired an identity management tool for mainframes that removes outdated and foreign access rights. CA said it bought eTrust Cleanup software from security provider InfoSec for an undisclosed sum.
The purchase gives CA another weapon in the fight against Web-based hacking and virus attacks. The tool should also help the Islandia, N.Y., company's customers better meet government regulations and requirements for consumer privacy.
http://www.internetnews.com/security/article.php/3493796
This article provides a case study of digital forensics, and investigates incriminating evidence using a user's web browser history.
Microsoft announced a program to develop cyber forensics tools for law enforcement during The Forensic Computing and Computer Investigations Workshops for Australian police. The workshop is designed to teach law enforcement techniques to track down the culprits of child exploitation, phishing, and cyberattacks against business and government. Microsoft is developing its own internal tools, such as artificial intelligence and data mining tools, for use by "extremely competent individuals."
ZDNet Australia
Affected version: 2002, 2003
Juha-Matti Laurio reported a vulnerability in the Microsoft Outlook Connector for IBM Lotus Domino. A user can choose to store passwords locally in violation of Group Policy. A remote authenticated user can select 'Remember password' when authenticating to a Lotus Domino server, causing the user's password to be cached locally even if there is a Group Policy that prohibits local password caching.
The flaw resides in 'MSOC32.dll' and 'MSOCep.dll'. The system may also store older, previous passwords.
Impact: A user can choose to store passwords locally in violation of Group Policy.
Solution: A hotfix is available from Microsoft Product Support Services, as described in a knowledge base article:
http://office.microsoft.com/en-gb/assistance/HA011364481033.aspx
http://securitytracker.com/alerts/2005/Mar/1013583.html
Petr Matousek has reported a vulnerability in Kerio Personal Firewall, which can be exploited by malicious programs to bypass the firewall rules. The vulnerability affects versions 4.1.2 and prior. Upgrade to Kerio Personal Firewall which fixes the said issue.
http://secunia.com/advisories/14717/
A thief recently walked into a University of California, Berkeley office and swiped a computer laptop containing personal information about nearly 100,000 alumni, graduate students and past applicants, highlighting a continued lack of security that has increased society's vulnerability to identity theft.
http://www.securitypipeline.com/159907438
A $25,000 Mac virus-writing competition has been cancelled - because Apple is worried about the real possibility of people creating one.
The contest, run by DVForge, was intended to undermine recent suggestions by Symantec that threats against OS X were on the rise. But Apple security experts warned that such a virus was possible, and a lawyer warned that encouraging its creation could be regarded as illegal, prompting the company to pull the competition.
http://www.techworld.com/opsys/news/index.cfm?NewsID=3388
Check the newest security tip by US-CERT entitled Recovering from Viruses, Worms, and Trojan Horses
“Unfortunately, many users are victims of viruses, worms, or Trojan horses. If your computer gets infected with malicious code, there are steps you can take to recover.“
How do you know your computer is infected?
What can you do if you are infected?
How can you reduce the risk of another infection?
Read the complete security tip in http://www.us-cert.gov/cas/tips/ST05-006.html
Overview
Symantec responded to two denial of service (DoS) issues identified in the AutoProtect functionality of the Symantec Norton AntiVirus consumer product. The Information-Technology Promotion Agency-Japan, IPA, reported one situation where a real time scan of a specific file type can cause a system crash, Blue Screen of Death (BSOD), with both Symantec Norton AntiVirus 2004 and 2005 Windows applications. This type of file, while not malicious on it’s own, could be maliciously introduced either remotely from outside the system through email or over http, or internally by an authorized user to disrupt service on a targeted system.
Scanning specific file modifications using the “SmartScan” feature of AutoProtect in the Symantec Norton AntiVirus 2005 application can cause the other DoS issue reported by the Japan Computer Emergency Response team, JPCERT. Any malicious use of this DoS would require authorized access to the targeted system to implement.
Affected Products
Symantec Norton AntiVirus 2004
Symantec Norton Internet Security 2004 (Professional)
Symantec Norton System Works 2004 (Professional)
Symantec Norton AntiVirus 2005
Symantec Norton Internet Security 2005
Symantec Norton System Works 2005 (Premier)
Symantec Response
Symantec product engineers confirmed both issues impacting Symantec’s Auto-Protect feature in Symantec Norton AntiVirus and have developed and released a patch for all impacted products through Symantec LiveUpdate. Customers running Automatic LiveUpdate should already be updated.
To manually update via Symantec LiveUpdate, users should:
Open any installed Symantec product
Click on LiveUpdate in the toolbar
Run LiveUpdate until all available Symantec product updates are downloaded and installed
Symantec is unaware of any adverse customer impact from either of these issues.
Complete details in http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html
Start Time: Wednesday, April 27, 2005 11:00 AM (GMT-08:00) Pacific Time (US & Canada)
End Time: Wednesday, April 27, 2005 12:00 PM (GMT-08:00) Pacific Time (US & Canada)
Event Description
Products: Security
Recommended Audience: Business Decision Maker.
Language: English-American
Description:
Do you see pop-up advertisements even when you are not on the Web? Is a new toolbar is installed on your browser that you didn't want and can't get rid of? You may have spyware on your computer. Join us as we talk about spyware and explain how it can harm your system, reduce your resources and affect your business. Learn how Microsoft AntiSpyware can help, as well as other resources that can keep you safe.
Presenter: Neketa Agrow, Technical Evangelist, Microsoft Corporation
Microsoft
More Posts
Next page »