Peaches

Good links to the Symantec Info and tools to clean and decrypt https://forums2.symantec.com/t5/blogs/bloga.../article-id/255 http://www.symantec.com/security_response/...-032402-1233-99 http://www.symantec.com/content/en/us/glob.../FixXrupter.exe

Vulnerable To Tax-, Employment-Related Identity Theft Phishing, vishing, and unscrupulous tax preparers pose increasing threats Mar 24, 2009 | 03:00 PM By Affinion Security Center NORWALK, Conn., March 24 -- Tax time will unfortunately bring more than a refund check to many taxpayers this year. Affinion Security Center, a leading provider of identity theft protection, detection and resolution services, recently conducted a survey of 1,000 adults to determine the level of awareness and concern that exists for tax- and employment-related identity theft. Overall, the findings revealed that tax

Panda Releases Free Security Tool for Autorun Erik Larkin Panda, an antivirus software company, has a new free Panda USB Vaccine available for download that can disable the Windows Autorun feature for an entire PC or a particular USB drive. The Autorun feature in Windows can make it easier to install software - and it can also be exploited by malware like the Conficker worm, which co-opts the feature to spread itself. I've previously written about the risk, and turning off Autorun can be a good idea for better computer security. To download this small tool you'll have to first give Panda your

Vundo malware now encrypts users' files and then charges a fee to decrypt them Mar 25, 2009 | 05:10 PM By Tim Wilson DarkReading Researchers at security vendor FireEye have discovered that malware formerly used to push "scareware" is now being used to push "ransomware." According to a "Vundo has fundamentally altered its criminal business model from 'scareware' tactics to 'ransomware' extortion," blogs Alex Lanstein of FireEye's Malware Intelligence Lab. "While a user may be 'silly' to buy into scareware, they have little choice but to purchase the decryption software once the ransomware d

GDC 09: 6 Reasons OnLive Could Be a Bust Matt Peckham Are Microsoft, Sony, and Nintendo in deep doo-doo when you can click an "on" button and instantly play the latest video games through a browser or set top box near your TV? That's the promise entrepreneur Steve Perlman (WebTV, Contour) is making with his new "microconsole" service. The idea? Take the processing and configuration headaches entirely out of your hands, then beam pictures at you over your broadband hookup, those pictures amounting to streaming interactive images of the latest top-end games. No muss, no fuss. You tap "Start Crys

Retired people Working people frequently ask retired people what they do to make their days interesting. Thought you might like to see what happened last week. A retiree went to the store the other day. He was only in there for about 5 minutes. When he came out there was a city cop writing out a parking ticket. He went up to him and said, Come on, buddy, how about giving a senior a break? He ignored the retiree and continued writing the ticket. The retiree called him a %$#@^& The officer glared at him and started writing another ticket for having worn tires.So the retiree called the

Newfangled rootkits survive hard disk wiping BIOS attack targets PC nether region By Dan Goodin in San Francisco Posted in Anti-Virus, 24th March 2009 22:17 GMT Researchers have demonstrated how to create rootkits that survive hard-disk reformatting by injecting malware into the low-level system instructions of a target computer. The researchers, from Core Security Technologies, used the techniques to inject rootkits into two computers, one running the OpenBSD operating system and the other Windows. Because the infection lives in the computer's BIOS, or basic input/output system,

Mar24 E-cards Used to Advertise Adult Dating Site by Aljerro Gabon (Anti-spam Research Engineer) img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; } The misuse of legitimate services continue as after recent reports of cybercriminals exploitng the redirecting service TinyURL to slip past spam filters, legitimate e-card services are now being used. We have received email samples that arrive as ecards with the subject header “Regards From Secret Admirer”. The greeting cards were from Regards.com, the web’s largest collection of free gree

Mar24 Data-for-ransom Syndicates Strike Online by Jonathan Leopando (Technical Communications) img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; } How much is your data worth? A great deal, perhaps, for most of us. Naturally, cybercriminals keep coming up with new ways to exploit this. The new attack? Taking a page out of offline criminal syndicates, now your data is being held for ransom–literally. This latest bit of malware, detected by Trend Micro as TROJ_FAKEALE.BG, is yet another variant of the notorious fake antivirus malware th

Penguin-free Linux 2.6.29 kernel released Tasmanian devil gives Tux the boot (for now) By Kelly Fiveash Posted in Operating Systems, 24th March 2009 15:53 GMT Linus Torvalds has released a new version of Linux that temporarily kills off Tux, the cutesy Penguin mascot. Yesterday the big daddy of Linux announced the availability of Linux kernel 2.6.29, which comes with support for a preliminary version of the Btrfs filesystem. More of a surprise was the arrival of what Torvalds described as a “(temporary) change of logo to Tuz, the Tasmanian Devil” for the latest Linux kernel. Why

How to Tell the Sex of a Fly A woman walked into the kitchen to find her husband stalking around with a fly swatter 'What are you doing?' She asked. 'Hunting Flies' He responded. 'Oh. ! Killing any?' She asked. 'Yep, 3 males, 2 Females,' he replied. Intrigued, she asked. 'How can you tell them apart?' He responded, '3 were on a beer can, 2 were on the phone.

Sun Java System Identity Manager Multiple Vulnerabilities Highly critical Description: Some vulnerabilities and security issues have been reported in Sun Java System Identity Manager, which can be exploited by by malicious users to bypass certain security restrictions, and by malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, manipulate certain data, or potentially compromise a vulnerable system. 1) An unspecified error can lead to unencrypted communication between clients and the IDM server. 2) An unspec

Priceless!!

Mar20 WALEDAC Spamming Madness by Joey Costoya (Advanced Threats Researcher) img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; } Aside from spamming our mailboxes with dire news of bombings in our local cities, WALEDAC is also very busy filling our mailboxes with more unwanted emails. This time, peddling various pills, meds, and male enhancements. Here’s a gallery of pharma vendors advertised in Waledac spam mails. http://blog.trendmicro.com/

21 March 2009, 11:53 Twitter XSS vulnerability Secure Science Corporation has published a proof of concept XSS vulnerability which it says could be spread virally, similar to a worm, on the popular microblogging service, Twitter. The exploit is similar to the "Don't click" clickjacking exploit found at the end of February. When the users inadvertently clicked the links while logged into their accounts, the embedded script automatically re-posted itself under their Twitter account. The exploit makes use of a web programming error on Twitter's support site, to post the unwanted mes

Attacks on Intel's System Management Mode Joanna Rutkowska and Loic Duflot have simultaneously disclosed details of vulnerabilities in Intel's caching mechanisms, which permit the injection of code into the System Management Mode and ultimately the placing of a virtually invisible rootkit. "System Management Mode (SMM) is a relatively obscure mode on Intel processors used for low-level hardware control", explain Embleton, Sparks and Zou in a paper on SMM rootkits that's well worth reading. "It has its own private memory space [sMRAM], and execution environment which is generally inv

Browser Showdown: IE 8 vs. Firefox Microsoft's newest browser promises faster page load speeds. Does IE 8 deliver? We put it to the test against the latest version of Firefox. Nick Mediati, PC World Microsoft Internet Explorer 8 is here at last--the newest entry into the ongoing browser wars. Microsoft packed a healthy number of new features into IE 8, and made security a top priority in its newest version of this venerable Web browser. But just as important as all that is browsing speed--that is, how quickly can IE 8 render your favorite Web sites? To get an idea of how IE 8 compare

Buy an Antivirus Product and get your Credit Card Ripped Off Overseas credit card scam exposed By Allan Little BBC News Undercover BBC reporters filmed a transaction with Saurabh Sachar A criminal gang selling UK credit card details stolen from Indian call centres has been exposed by an undercover BBC News investigation. Reporters posing as fraudsters bought UK names, addresses and valid credit card details from a Delhi-based man. The seller denied any wrongdoing and Symantec corporation, from whom three victims bought a product via a call centre, called the incident "isolated". Card f

19 March 2009, 11:02 Windows Trojan on Diebold ATMs Vanja Svacjer, a virus expert for Sophos, has reported his latest find in a blog entry: a Trojan that spies on PINs. The difference is that this example specialises in cash dispensers made by Diebold, which run Windows. When Svajcer investigated rumours of malware on automated teller machines (ATMs) and specifically checked the Sophos malware database for samples referencing Diebold, the allegedly targeted ATM manufacturer, he struck oil with three files. Closer analysis then apparently revealed code using undocumented Diebold Ag

19 March 2009, 15:09 Cold call scam warns of virus infection Trading standards organisations are warning of a new cold call scam which attempts to get credit card numbers and other personal information from victims. The scam operates by calling people and telling them that their computer system is infected and that it will be "damaged beyond repair" in fifteen minutes unless they purchase security software and support from the caller. Staffordshire County Council's warning says that the callers claim to be from "www.supportonclick.co.uk", though they have reports of calls claiming

At the annual Pwn2Own competition, where hackers compete to crack software as fast as possible so you don't sleep at night, browsers were on the first day's menu. And Safari went down in seconds. more... Security researcher Charlie Miller hacked Safari in just 10 seconds, then used a remote-execution exploit to take over the up-to-date MacBook and make it do his dirty bidding. Firefox and Internet Explorer 8 (which you can download at noon today) fell within a few hours to Nils, a master's student who busted all three browsers wide open. They each won $5000. Day 2 will offer more $500

Privacy Group Asks FTC to Investigate Google Preston Gralla, Computerworld Wednesday, March 18, 2009 1:40 PM PDT The privacy group Electronic Privacy Information Center (EPIC) has asked the Federal Trade Commission to investigate Google for privacy breaches related to Google Docs and other Google services --- and to ban Google from offering any cloud services, including Gmail, Google Docs and others until the company can prove it is capable of safeguarding people's privacy. The complaint comes as a result of an incident in which people's private documents stored on Google Docs were sh

18 March 2009, 17:28 WordPerfect files cause buffer overflow The WordPerfect office suite the former Microsoft Office competitor, now a quiet sideline product at Corel, has caused a stir: a library for processing and displaying WordPerfect files contains a critical buffer overflow that can be exploited to inject and execute arbitrary code. The SDK Autonomy KeyView library is used by a number of products such as IBM's Lotus Notes and various Symantec email scanners. Ironically, it is also used by several products that are designed for data loss prevention. Attackers can use specially

17 March 2009, 18:54 Dirty bomb mail leads to malware infection Spam emails are being sent out that pose as supposed breaking news about a dirty bomb attack in a recipients city, while providing a link to a 'news' website containing malware. According to Graham Cluley of Sophos, the subject lines of the spam emails include "Why did it happen in your city?", "Take Care!" and "Are you and your friends in good health?" The emails claim that several people have been killed and links recipients to what looks like "a Reuters-related news website." Users who receive the e-mail and click on

Three California Universities Deploy FireEye Security Appliances malware that steals student identity data, misappropriates faculty research, and exploits campus computing resources Mar 17, 2009 | 06:53 PM By FireEye MILPITAS, Calif. " March 16, 2009 " FireEye, Inc., the leader in global anti-malware and anti-botnet protection, today announced that San Francisco State University, Santa Barbara City College and Connecticut College have deployed FireEye appliances to preemptively stop data breaches caused by malware that steals student identity data, misappropriates faculty research