A fledgling Swansea company claims to have made a breakthrough in the fight against spam e-mail.
NetBop Technologies says its new filter has so far proved effective in stopping 99.5% of junk messages.
Founder Andrew Downie, a graduate of the city’s university, says his BopSpam filter operates differently to many of the competitors on the market.
Email title: ‘Citibank Security Update’
Scam target: Citibank customers
Email format: A HTML email
Sender: citibank.com <firstname.lastname@example.org>
Sender spoofed? Yes
Scam call to action: “Due to technical update we recommend you to
reactivate your account.”
Scam goal: Getting victim’s Citibank website account/password and ATM PIN
Call to action format: URL link
Visible link: http://web.da-us.citibank.com
Called link : http://citibank-validate.info/
Resolved site: http://citibank-validate.info/, along with http://www.citibank.com (the legitimate Citibank site)
Two anti-spyware bills are being readied in time for a hearing Thursday in the U.S. House of Representatives.
The measures, one sponsored by a California Republican and the other by a Washington Democrat, take different approaches toward software that lurks on a computer and serves pop-up ads or transmits personal information. But both make the same point: Official Washington is becoming officially fed up with the proliferation of spyware and adware. The new attention paid to malicious software follows last fall’s unprecedented focus on unsolicited commercial e-mail.
Anti-virus company Symantec backtracked on Wednesday after claiming that it captured an example of a new Internet worm that takes advantage of a recently disclosed hole in Windows machines running Secure Sockets Layer (SSL).
Yesterday, was 5.17 AM, one of many Lycos’s sub-domains has been defaced: https://insite.lycos.com
The Brazilian Crew named data Cha0s, has probably taken advantage of the recent SSL vulnerability that affects IIS.
Microsoft plans to use more dialog boxes and other messages in future software releases to educate people on ‘safe’ computing.
At the InfoSecurity trade show in London, Microsoft said Tuesday that new versions of its Windows and Office products will educate customers about security via dialog boxes, warning messages and offers to automatically configure security settings.
Symantec late Tuesday afternoon captured a sample of malicious code that spreads by exploiting one of the many vulnerabilities in Windows disclosed this month by Microsoft.
The vulnerability stems from a flaw in Windows Protected Communications Technology (PCT) v. 1.0, a packet protocol within Microsoft’s SSL library. SSL is an encryption technology typically used to secure communications with Web sites — such as those for processing credit card orders — and for locking down e-mail. The vulnerability was made public on April 13 as part of the month’s security bulletins from Microsoft.
On Monday, several security analysts noted that although exploit code was in the wild, a worm hadn’t yet appeared.
Symantec’s DeepSight Threat network — a global group of sensors that tracks up-and-coming exploits — snagged a copy of the code Tuesday afternoon, said Alfred Huger, the senior director of engineering with Symantec’s security response team.
Date: Apr 27 2004
Impact: User access via network
Exploit Included: Yes
Description: A vulnerability was reported in McAfee VirusScan. A remote user may be able to access a target user’s system.
Jonathan Payne reported that the software appears to install several non-secure ActiveX controls. A remote user can reportedly create HTML that, when loaded by the target user, will invoke the ActiveX controls and access the target user’s system.
A demonstration exploit that accesses the target user’s Windows registry is provided in the Source Message.
Impact: A remote user can create HTML that, when loaded by the target user, will be able to access the target user’s system.
Solution: No solution was available at the time of this entry.
Vendor URL: www.mcafee.com/
Cause: Access control error
Underlying OS: Windows (Any)
Summary: Longhorn promises to be a great platform for least privileged applications. Get started today by writing managed code, first of all. When building desktop applications, make them LUA-compliant (and use the Windows Application Verifier to help check your work)
Source: Jerry’s Security Weblog
Failure to centralise antivirus software management exhausts IT workers
Companies that have yet to centralise the management of their antivirus software are exhausting their IT staff.
While the majority of firms have taken users out of the loop of updating antivirus software, those that have not are unable to cope due to the sheer volume of viruses, according to application switching vendor Radware.
“Users can’t be trusted to do it themselves,” said Tony Crowley, Radware’s regional director for northern Europe.