3 Different Security Warnings


Recommended Posts

Symantec Sees Spike in Dangerous Microsoft Attacks

Robert McMillan, IDG News Service

Friday, November 21, 2008 4:20 PM PST

"Symantec is warning of a sharp jump in online attacks that appear to be targeting a recently patched bug in Microsoft's Windows operating system, an analysis that some other security companies disputed Friday.

Symantec raised its Threat Con security alert level from one to two because of the attacks, with two denoting "increased alertness." But other vendors, including Arbor Networks and McAfee, said they were seeing no such activity.

The attacks spotted by Symantec target a flaw in the Windows Server Service that Microsoft says could be exploited to create a self-copying worm attack. Late last month, Microsoft took the unusual step of rushing out an emergency patch for the bug after it saw a small number of online attacks that took advantage of it.

Since then, security experts and Microsoft have said that the attacks have not been widespread, but that may now be changing, according to Symantec. "

Read here: http://www.pcworld.com/businesscenter/arti...ft_attacks.html

>>>>>>>>>>>>>>>>>>

IBM Warning: Holidays To Bring Blizzard Of New Attacks on Consumers

IBM Internet Security Systems warns against a new wave of security threats during the holidays and provides guidance on how consumers and businesses can protect themselves

Nov 21, 2008 | 02:52 PM

By IBM

DarkReading

"ATLANTA - Based on both current and historical security trends, IBM Internet Security Systems (ISS) today announced five major areas of holiday security risk for consumers and businesses, along with four suggestions for avoiding these risks during the holiday season.

The risks include:

* A new wave of malcode-carrying spam - Throughout the year, the IBM ISS X-Force security research team has observed a growing wave of "parasitic" malcode. These are malicious email payloads that bypass end-user security software (anti-virus, personal firewalls, etc.) and compromise the target computer. Once compromised, the computer comes under the remote control of criminals. This holiday shopping season, the X-Force team expects a wave of socially engineered "holiday cheer" emails that pack a malicious punch.

* New phishing theme: Bank merger mania - As banks continue to struggle and merge, the X-Force believes criminals will exploit shaky consumer confidence in the banking industry with a wave of phishing attacks designed to fool banking customers into revealing personal information such as account numbers and passwords.

* Spoofed online portals - As Black Friday approaches, IBM ISS expects to see phishing gangs launch a new generation of fake online shopping portals that spoof well-known brands, in an effort to steal credit card information. They also will likely promote these counterfeit sites with emails, offering steep discounts or "special sales."

* Tainted toys and gadgets - Every Christmas brings an abundance of electronic gadgets, smart-phones and auto-play DVDs. Past X-Force research has shown that some of these toys are loaded with malware and can be used by cybercriminals as a backdoor for entry into corporate networks."

More here: http://www.darkreading.com/internet/securi...ttacks/breaches

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

PandaLabs Warns 'High School Musical' Fans to Watch Out for Virus-Laden Downloads

November 21, 2008

Cybercrooks targeting younger audiences by disguising malware as files related to hit movie

By PandaLabs

DarkReading

"GLENDALE, Calif., Nov. 21, 2008 - PandaLabs, Panda Security's malware analysis and detection laboratory, has reported that numerous downloadable songs and videos related to the hit movie "High School Musical" are being used by cyber-crooks to disguise malware (viruses, worms, Trojans, etc.). The infected files are distributed through popular peer-to-peer (P2P) file sharing networks such as eMule, eDonkey, etc. and when users search for files related to "High School Musical" using these programs, some of the results include files infected with malware.

When users run one of these fake files they may expect to hear songs from the film or see a video clip, yet all that will happen is that the computer will be infected by VB.ADQ, the Agent.KGR Trojan, the adware Koolbar, or another strain of malicious code. Some of these might display images related to the film when they are run, but this is just to avoid arousing suspicion.

"Cyber-crooks are exploiting the interest of the numerous fans of these films, by hiding their creations in files with names related to 'High School Musical,'" explains Luis Corrons, technical director of PandaLabs. "An added danger is that many of these fans are very young and as such are more likely to fall into the trap. It is important that safeguards and appropriate parental monitoring solutions are put into place to protect consumer's PCs."

http://www.darkreading.com/security/antivi...ttacks/breaches

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...