DP's Security Bits : News

DDoS Attack Briefly Interrupts Online Holiday Shopping

Don — Tue, 29 Dec 2009 18:07:00 GMT

A distributed denial-of-service (DDoS) attack on a major DNS service provider caused a brief hiccup in online shopping last week at some of the Web's biggest online destinations.

UltraDNS, which counts such giants as Amazon and Wal-Mart among its customers, was DDoS'd after business hours on Dec. 23, according to Amazon Web Services and other reports from victims and news outlets.

Story continues at darkreading.com

How The Koobface Worm Gang Makes Money

Don — Tue, 22 Dec 2009 12:47:00 GMT

Chances are you know someone who has been hit by Koobface, one of the first successful social networking worms. But there are many faces to Koobface, and many ways its authors make money from it.

New research from Trend Micro details how Koobface's creators monetize the worm through scareware or fake antivirus, click fraud, information-stealing malware, and online dating services. "Unlike in the past when we always thought of malware as one piece of malware, like Melissa or Lovebug, in today's world Koobface is an ongoing criminal enterprise using hundreds and thousands of pieces of code," says David Perry, global director of education for Trend Micro. "That makes it more difficult to describe to the public at large. It's not just one file."

Continues at darkreading.com

Lab Test Results: Symantec, Kaspersky Lab, PC Tools, AVG, Detect The Most Zero-Day Attacks

Don — Fri, 18 Dec 2009 11:02:00 GMT

Top Internet security suite products scored high when detecting zero-day attacks during a three-month period, according to new data released today from independent German lab AV-Test, with Symantec and Kaspersky Lab finding 98 and 97.5 percent, respectively.

AV-Test tested 10 zero-day threats during a three-month period on Windows XP SP3 machines running Symantec Norton Internet Security 2010, Kaspersky Internet Security 2010, PC Tools Internet Security 2010, AVG Internet Security 9.0, G Data Internet Security 2010, Panda Internet Security 2010, Avira Premium Security Suite 9.0, McAfee Internet Security 2010, CA Internet Security 2010, F-Secure Internet Security 2010, BitDefender Internet Security 2010, and Trend Micro Internet Security 2010.

AVG caught 92.2 percent of the threats, followed by G Data, 90 percent; Panda, 90 percent; Avira, 87.7 percent; McAfee, 87.2 percent; CA, 86.7 percent; F-Secure, 85.8 percent; BitDefender, 84.3 percent; and Trend Micro, 83.3 percent.

Story continues at darkreading.com

Mozilla Releases Firefox 3.5.6

Don — Wed, 16 Dec 2009 13:13:00 GMT

Get it at http://www.mozilla.com/en-US/firefox/all.html

What’s New in Firefox 3.5.6

Firefox 3.5.6 fixes the following issues:

Adobe Reader and Acrobat Remote Code Execution Vulnerability

Don — Tue, 15 Dec 2009 23:11:00 GMT

US_CERT Reports:

Adobe has stated that they are investigating public reports of a vulnerability affecting Adobe Reader and Acrobat. Public reports indicate that exploitation of this vulnerability may occur when a user opens a specially crafted PDF file. Exploitation of this vulnerability may result in arbitrary code execution. Public reports currently indicate active exploitation of this vulnerability.

US-CERT encourages users and administrators to do the following to help mitigate the risks until the vendor is able to provide an update:

Review the Adobe blog entry regarding this issue.

Use caution when opening PDF files from untrusted sources.

Disable JavaScript in Adobe Acrobat and Reader. To do this, click "Edit," then "Preferences" and then "JavaScript," and uncheck "Enable Acrobat JavaScript."

US-CERT will provide additional information as it becomes available.

SQL attacks take off in last year

Don — Tue, 15 Dec 2009 13:02:00 GMT

Online attacks against databases have taken off in the past 18 months, according to data released by IBM’s X-Force security team.

In May 2008, IBM’s customers encounters about 2,500 SQL injection attacks every day. By midsummer 2009, the technology giant’s product were seeing 600,000 database attacks per day on average, said Tom Cross, a security researcher at IBM. The attacks attempt to inject legitimate structured query language (SQL) commands into whichever database software runs a particular Web site.

http://www.securityfocus.com/brief/1048

TechNet Webcast: Information About Microsoft December Security Bulletins

Don — Tue, 08 Dec 2009 18:55:00 GMT

Language(s):	English.
Product(s):	Security.
Audience(s):	IT Generalist.


Duration:	90 Minutes
Start Date:	Wednesday, December 09, 2009 11:00 AM Pacific Time (US & Canada)


Event Overview
Join us for a brief overview of the technical details of the December security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts. Presenters: Jerry Bryant, Senior Security Program Manager Lead, Microsoft Corporation and Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation

Microsoft warns of IE exploit code in the wild

Don — Mon, 23 Nov 2009 20:56:00 GMT

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

Microsoft confirmed that the exploit code affects IE 6 and IE 7, but not IE 8, and it said it is "currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," according to a statement.

CNet News

Facebook beats the 'spam king'

Don — Wed, 18 Nov 2009 16:50:00 GMT

Facebook was awarded $711m in a judgement on Thursday against self-described 'spam king' Sanford Wallace.

Judge Jeremy Fogel of the US District Court of the Northern District of California granted Facebook's application for a default judgement against Wallace for violating the Can-Spam Act, which bans "false and misleading" marketing emails. Fogel also found that Wallace "wilfully violated" a temporary restraining order and preliminary injunction issued in the case and referred the matter to the US Attorney's Office for prosecution of criminal contempt.

"The record demonstrates that Wallace wilfully violated the statutes in question with blatant disregard for the rights of Facebook and the thousands of Facebook users whose accounts were compromised by his conduct," Fogel wrote in his judgement order, which also permanently prohibits Wallace from accessing the Facebook website or creating a Facebook account, among other restrictions.

For more, read "Facebook awarded $711 million in spam lawsuit on CNET News.

Apple Releases Safari 4.0.4

Don — Fri, 13 Nov 2009 10:05:00 GMT

Apple has released Safari 4.0.4 to address multiple vulnerabilities in a number of components. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, conduct cross-site request forgery, or obtain sensitive information. These vulnerabilities affect Safari running on both the Mac OS X and Windows platforms.

US-CERT encourages users and administrators to review Apple article HT3949 and upgrade to Safari 4.0.4 to help mitigate the risks.

http://www.us-cert.gov/current/index.html#apple_releases_safari_4_03

TechNet Webcast: Information About Microsoft November Security Bulletins

Don — Tue, 10 Nov 2009 18:04:00 GMT

Language(s):	English.
Product(s):	Security.
Audience(s):	IT Generalist.


Duration:	90 Minutes
Start Date:	Wednesday, November 11, 2009 11:00 AM Pacific Time (US & Canada)


Event Overview
On November 11, 2009, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the November security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts. Presenters: Jerry Bryant, Senior Security Program Manager Lead, Microsoft Corporation and Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation

Mozilla Firefox 3.5.5 Released

Don — Fri, 06 Nov 2009 10:00:00 GMT

v.3.5.5, released November 5th, 2009

Fixes in this version

Sun Releases JRE Update v1.6.0_17 - November 3, 2009

Don — Tue, 03 Nov 2009 22:55:00 GMT

Available at: »java.sun.com/javase/downloads/index.jsp

Release notes: »java.sun.com/javase/6/webnotes/R···tes.html

Microsoft Security Intelligence Report (SIR)

Don — Mon, 02 Nov 2009 19:06:00 GMT

The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows computers, and some of the busiest online services on the Internet, this report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications. The seventh volume of the report is now available:

http://www.microsoft.com/security/portal/Threat/SIR.aspx

Mozilla Releases Firefox 3.5.4

Don — Wed, 28 Oct 2009 09:20:00 GMT

Firefox 3.5.4 is available for download.

Fixed in Firefox 3.5.4:

MFSA 2009-64 Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15)
MFSA 2009-63 Upgrade media libraries to fix memory safety bugs
MFSA 2009-62 Download filename spoofing with RTL override
MFSA 2009-61 Cross-origin data theft through document.getSelection()
MFSA 2009-59 Heap buffer overflow in string to number conversion
MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS()
MFSA 2009-56 Heap buffer overflow in GIF color map parser
MFSA 2009-55 Crash in proxy auto-configuration regexp parsing
MFSA 2009-54 Crash with recursive web-worker calls
MFSA 2009-53 Local downloaded file tampering
MFSA 2009-52 Form history vulnerable to stealing

TechNet Webcast: Information About Microsoft October Security Bulletins

Don — Tue, 13 Oct 2009 17:52:00 GMT

Language(s):	English.
Product(s):	Security.
Audience(s):	IT Generalist.


Duration:	90 Minutes
Start Date:	Wednesday, October 14, 2009 11:00 AM Pacific Time (US & Canada)


Event Overview
On October 14, 2009, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the October security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts. Presenters: Christopher Budd, Trustworthy Computing Senior Public Relations Manager, Microsoft Corporation and Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation

AVG Goes Back to Basics with AVG 9.0

Don — Mon, 05 Oct 2009 20:52:00 GMT

AVG Technologies, developers of the world’s most popular free anti-virus software, today announced that its family of free and paid internet security products, AVG 9.0, would be generally available to the market in October 2009. Boosted by significant enhancements in speed and levels of protection, AVG 9.0 is also easier to use and improves end user experience. Additionally, all AVG users in the U.S. will benefit from a groundbreaking identity theft offering, powered by a partnership with Intersections Inc., North America’s leading and most innovative provider of consumer identity theft prevention solutions which has served more than 25 million consumers. AVG’s new technology products ensure that users are safe in whatever online or offline activities they undertake.

“AVG 9.0 will provide home computer users with a more powerful and more streamlined solution that adds protection without impacting user experience, taking us back to our core strength of low impact, high performance security,” said J.R. Smith, CEO, AVG Technologies. “We’ve always believed that everyone has the right to a safe online experience. With AVG 9.0, we are providing first-class assistance to our users in their development of tools and measures for their safety from all of the threats posed by cybercriminals and identity thieves, whether they’re working, playing, banking or shopping on the web.”

Press Release

Firefox feature looks to foil XSS attacks

Don — Fri, 02 Oct 2009 17:44:00 GMT

The Mozilla Foundation released on Wednesday a preview version of the Firefox browser that implements a technology to protect against scripting attacks.

The technology, known as Content Security Policy, allows Web sites to specify restrictions on how they handle scripts. Using CSP, a Web site can create a white list of sites from which the browser should accept scripts as well as mandate that the scripts are labeled as applications and are not obfuscated. A number of other features are also available, all aiming to prevent malicious scripts from executing in the context of the current site.

Story continues at securityfocus.com

Microsoft’s New Tool in the Fight Against Malware Free to Consumers

Don — Tue, 29 Sep 2009 05:11:00 GMT

REDMOND, Wash. — Sept. 28, 2009 — Microsoft Security Essentials, Microsoft Corp.’s new no-cost, core anti-malware service that helps protect consumers against viruses, spyware and other malicious software, will be available tomorrow, Tuesday, Sept. 29. Microsoft Security Essentials, independently certified by West Coast Labs, is backed by the company’s global security response team and is built on the same award-winning core security technology found in the company’s security solutions for businesses. It requires no registration, trials or renewals and will be available for download directly from Microsoft at http://www.microsoft.com/security_essentials.

Press Release

Social-networking sites short on security

Don — Fri, 18 Sep 2009 23:37:00 GMT

Web 2.0 sites that allow user-generated content make up the majority of top distributors of malicious software, stated a report that security firm Websense published this week.

The report, which covers Internet security trends for the first half of 2009, found that a stunning 95 percent of user-generated comments to blogs, chat rooms and message boards are either spam or contain links to malicious programs. In all, the number of malicious sites detected by Websense more than tripled in the last six months, growing almost eight-fold in the last year. The report also found that more than three-quarters of the Web sites hosting some malicious code are legitimate sites that have been compromised.

"The very aspects of Web 2.0 sites that have made them so revolutionary -- the dynamic nature of the content on the the sites, the ability for anyone to easily create and post content, and the trust that users have for others in their online networks -- are the same characteristics that radically raise the potential for abuse," the company stated in the report.

The report echoed a recent survey by researchers from TippingPoint and Qualys, who found that legitimate Web sites are failing to patch significant vulnerabilities, leaving themselves open to compromise.

The Websense report found that 61 of the Top 100 Web sites "either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious content."

SecurityFocus