Donna's SecurityFlash : General Security News

Seagate settles class action: cash back over misleading hard drive capacities

donna — Mon, 29 Oct 2007 07:37:26 GMT

The world's largest hard disk manufacturer will offer customers 5% cash back on disk drives bought over the last six years in order to settle a legal action over the measurement of hard drive capacity. But the real story starts way back, when marketers...(read more)

10 CoU Members will receive ESET's NOD32 antivirus

donna — Mon, 29 Oct 2007 07:29:02 GMT

Calendar of Updates thanks ESET for donating 10 e-license of NOD32 antivirus! http://www.dozleng.com/updates/topic16139...(read more)

Storm Worm variant now using Kittycard.exe as filename

donna — Sat, 27 Oct 2007 16:45:00 GMT

Kittycard.exe is now of one the filename use by this Storm Worm. Email received today: The new filename is Kittycard.exe: Half of malware scanners via VirusTotal.com will detect it while half did not: For you... to read : The Storm Worm: http://www.schneier...(read more)

What's with the malicious PDF file?

donna — Sat, 27 Oct 2007 11:58:50 GMT

Symantec wrote: the PDF file will download ldr.exe file F-Secure reports: The PDF is spiced with CVE-2007-5020 exploit that downloads ms32.exe that downloads more components. So I grab both .exe files (ms2.exe and ldr.exe) and uploaded it to Virustotal...(read more)

Security experts blast New Jersey AG

donna — Sat, 27 Oct 2007 10:03:55 GMT

Security experts are saying that a well-intentioned effort by the New Jersey Office of the Attorney General to combat phishing may backfire. Earlier this week, State Attorney General Anne Milgram called on four banks -- Bank of America, Citibank, Washington...(read more)

SANS Internet Storm Center: Request for info, IPs, exploit examples on PDF mailto documents

donna — Sat, 27 Oct 2007 08:42:50 GMT

we are looking for examples of the PDFs being sent out http://isc.sans.org/diary.html?storyid=3566 I send one copy of the PDF file to you guys and the IP info where the email was sent out. Hope you got it :)...(read more)

In the wild: Malicious PDF files; Which AV will detect it?

donna — Fri, 26 Oct 2007 19:32:29 GMT

If you haven't update your Adobe Reader to v8.1.1, you better to do it NOW. The vulnerability is being exploited now and yup, it's in the wild because I received copies already. Screenshots at http://www.dozleng.com/updates/index.php?showtopic...(read more)

Fake IRS page and email, See which browser will protect user from phished site

donna — Fri, 26 Oct 2007 14:18:18 GMT

See http://www.dozleng.com/updates/index.php?showtopic=16115 for screenshots. Result: Opera: 2 Firefox: 1 and 1 Internet Explorer: 2...(read more)

Symantec took a closer look on rogue applications

donna — Fri, 26 Oct 2007 12:44:29 GMT

Symantec blog today on how rogue applications infiltrate user's machine to earn money. It's done by rogue apps thru System tray, Active Desktop, Dialogue box. Symantec provided some screenshots including a misleading application with a Windows...(read more)

Free Software Tests for Bot Infections

donna — Fri, 26 Oct 2007 11:37:15 GMT

PineApp has released a free zombie test that can instantly discover whether an organization’s computer network might be an unwitting spamming machine -- a “zombie” or “bot” -- that can send thousands of infected spam messages to other networks—without...(read more)

Phoenix Partners With Rutkowska in Securing Hypervisor

donna — Fri, 26 Oct 2007 09:54:25 GMT

Phoenix Technologies has teamed up with researcher and stealth malware expert Joanna Rutkowska and her company, Invisible Things Lab, to help secure an ultra-thin hypervisor that the firmware company is currently building. The company also plans to support...(read more)

America continues to spam the world

donna — Fri, 26 Oct 2007 09:52:44 GMT

The United States remains the world's biggest spammer, according to security firm Sophos, which today released its quarterly report on the world's top spam-offending countries--dubbed the "Dirty Dozen". The United States came in streaks...(read more)

Verizon Wireless Drops FCC Open Access Suit

donna — Thu, 25 Oct 2007 19:16:32 GMT

The company filed a notice in the U.S. Court of Appeals for the District of Columbia on Tuesday to drop the appeal. This is the same court that had previously turned down Verizon Wireless' effort to have its suit considered on a fast track so it could...(read more)

Content filtering predicted to boom

donna — Thu, 25 Oct 2007 19:11:45 GMT

Due to the amount of spam and spyware being proliferated around the internet, the need for content filtering will rise substantially, according to analyst group Frost & Sullivan. Currently, content filtering solutions are much more efficient and versatile...(read more)

University of British Columbia tracked his 'theft of time'

donna — Thu, 25 Oct 2007 19:09:05 GMT

The University of B.C. wants the right to keep using "spyware" to monitor its employees' Internet use. And the university -- which used the software to fire a worker who surfed non-work-related websites for hours a day -- has gone to court...(read more)

RSA 2007: Spyware cashes in quietly

donna — Thu, 25 Oct 2007 19:05:58 GMT

Spyware is the most rapidly evolving threat on the threat landscape at the moment, and it will continue this way into 2008, said Gerhard Eschelbeck, chief technology officer of Webroot Software, at RSA Europe in London on 23 October. Spyware is software...(read more)

ICANN investigates domain name sharp practice

donna — Thu, 25 Oct 2007 18:22:59 GMT

Internet oversight agency ICANN has launched an investigation into the possibility that insider information is being used to snap up desirable domain names before the person or organisation likely to be interested in them has had a chance to buy. ICANN's...(read more)

Notorious spyware purveyor shuts down

donna — Wed, 24 Oct 2007 17:48:54 GMT

Less than a year after successfully negotiating a US$1.5 million wrist-slap to to settle charges that it used sneaky tactics to install spyware on millions of computers, DirectRevenue (also known as Best Offers) has shut down operations. The notorious...(read more)

Spammers turn to web redirection to avoid detection

donna — Wed, 24 Oct 2007 16:24:21 GMT

Spammers are ramping up their use of redirection techniques to try to get around many anti-spam filters, a security firm warned today. The latest flurry started about 10am Tuesday morning and by 11am represented an estimated 4.3 per cent of the spam on...(read more)

The Top 20, fake anti-spyware and anti-malware Tools

donna — Wed, 24 Oct 2007 15:45:08 GMT

In a continuation of the discovery of the RBN's "Retail Division" one of the most important exploit delivery methods is the fake; anti-spyware and anti-malware for PC hijacking and personal ID theft, this is a source of revenue for the RBN...(read more)