Search results for 'app:weblogs' matching tag 'General Security News'

Seagate settles class action: cash back over misleading hard drive capacities

donna — Mon, 29 Oct 2007 05:00:00 GMT

The world's largest hard disk manufacturer will offer customers 5% cash back on disk drives bought over the last six years in order to settle a legal action over the measurement of hard drive capacity.

But the real story starts way back, when marketers decided 24 bytes didn't mean much. In modern terms, it's equivalent to a fraction of a cent, or the weight of a feather atop a two tonne truck.

Story at http://apcmag.com/7449/seagate_offers_cash_to_customers_for_missing_megabytes via CoU.

You can file your claim at http://www.harddrive-settlement.com/

10 CoU Members will receive ESET's NOD32 antivirus

donna — Mon, 29 Oct 2007 05:00:00 GMT

Calendar of Updates thanks ESET for donating 10 e-license of NOD32 antivirus!

http://www.dozleng.com/updates/topic16139

Storm Worm variant now using Kittycard.exe as filename

donna — Sat, 27 Oct 2007 05:00:00 GMT

Kittycard.exe is now of one the filename use by this Storm Worm.

Email received today:

The new filename is Kittycard.exe:

Half of malware scanners via VirusTotal.com will detect it while half did not:

For you... to read:

The Storm Worm: http://www.schneier.com/blog/archives/2007/10/the_storm_worm.html

Just How Bad Is the Storm Worm:

http://blog.washingtonpost.com/securityfix/2007/10/the_storm_worm_maelstrom_or_te.html

My previous blog entries on Kitty (Storm Worm) :

2 more Kitty, Kitty Detection Improving, Norton blocked Kitty, Kitty Kitty

What's with the malicious PDF file?

donna — Sat, 27 Oct 2007 05:00:00 GMT

Symantec wrote:

the PDF file will download ldr.exe file

F-Secure reports:

The PDF is spiced with CVE-2007-5020 exploit that downloads ms32.exe that downloads more components.

So I grab both .exe files (ms2.exe and ldr.exe) and uploaded it to Virustotal.com. The AVs should protect and detect users from it if it failed to detect and block the malicious PDF file.

Scan results:

Only 50% of malware scanners will detect the ms2.exe as malicious.

71.88% of malware scanners will detect the ldr.exe as malicious.

Screenshots of the result at http://www.dozleng.com/updates/index.php?showtopic=16119

Security experts blast New Jersey AG

donna — Sat, 27 Oct 2007 05:00:00 GMT

Security experts are saying that a well-intentioned effort by the New Jersey Office of the Attorney General to combat phishing may backfire.

Earlier this week, State Attorney General Anne Milgram called on four banks -- Bank of America, Citibank, Washington Mutual, and New Jersey-based Sun National Bank -- to provide her with details on how they respond to phishing incidents.

http://www.networkworld.com/news/2007/102607-security-experts-blast-new-jersey.html

SANS Internet Storm Center: Request for info, IPs, exploit examples on PDF mailto documents

donna — Sat, 27 Oct 2007 05:00:00 GMT

we are looking for examples of the PDFs being sent out

http://isc.sans.org/diary.html?storyid=3566

I send one copy of the PDF file to you guys and the IP info where the email was sent out. Hope you got it :)

In the wild: Malicious PDF files; Which AV will detect it?

donna — Fri, 26 Oct 2007 05:00:00 GMT

If you haven't update your Adobe Reader to v8.1.1, you better to do it NOW.

The vulnerability is being exploited now and yup, it's in the wild because I received copies already. Screenshots at http://www.dozleng.com/updates/index.php?showtopic=16119

Adobe fixed the security issue by releasing v8.1.1. See their advisory here and please update NOW.

Microsoft updated their security advisory on the above due to increased of threat level.

Read the write-up of Symantec on what they detected and blocked in the email I received : Bloodhound.Exploit.163 - Bloodhound.Exploit.163 is a heuristic detection for PDF files attempting to exploit the Adobe Acrobat Mailto Unspecified PDF File Security Vulnerability

See also: http://blogs.technet.com/robert_hensing/archive/2007/10/26/it-begins-pdf-spam-run.aspx (Thanks to MVP Susan Bradley for the link)

Update: Go to http://www.dozleng.com/updates/index.php?showtopic=16119 to see the VirusTotal.com scan result to find out which malware scanners is FAST in detecting malicious files that is IN THE WILD.

Fake IRS page and email, See which browser will protect user from phished site

donna — Fri, 26 Oct 2007 05:00:00 GMT

See http://www.dozleng.com/updates/index.php?showtopic=16115 for screenshots.

Result:

Opera: 2
Firefox: 1 and 1
Internet Explorer: 2

Symantec took a closer look on rogue applications

donna — Fri, 26 Oct 2007 05:00:00 GMT

Symantec blog today on how rogue applications infiltrate user's machine to earn money.
It's done by rogue apps thru System tray, Active Desktop, Dialogue box.

Symantec provided some screenshots including a misleading application with a Windows Vista look.

http://www.symantec.com/enterprise/security_response/weblog/2007/10/we_pwn_your_desktop.html

Free Software Tests for Bot Infections

donna — Fri, 26 Oct 2007 05:00:00 GMT

PineApp has released a free zombie test that can instantly discover whether an organization’s computer network might be an unwitting spamming machine -- a “zombie” or “bot” -- that can send thousands of infected spam messages to other networks—without its knowledge.

As a global provider of appliance-based solutions for email and network security, PineApp Corporation (http://www.pineapp.com) has created the free diagnostic tool—Zombie Detection System™ (ZDS™)—to determine if a network is infected. Organizations can simply go to http://www.rbltest.com/, enter the IP address and get an instant analysis.

http://www.darkreading.com/document.asp?doc_id=137353