Basic Virus Course

Panda Software offers free “Basic Virus Course”.  It is a two-hour basic course, through which you will acquire a basic knowledge on viruses and on how to be protected against them.  You can read it at your own pace: you can stop and start again where you left off. Repeat it completely, or just those chapters you liked the most.

The course consists of twelve chapters:

  1. The beginning

  2. Basics

  3. Viruses and their effects

  4. Types of virus

  5. Example of virus

  6. Example of hoaxes

  7. Virus entry-points

  8. What is an antivirus program?

  9. How to combat viruses?

  10. Is my computer protected?

  11. Suspected virus infection?

  12. Some tips

Trillian saves email acct. password in plain text

Suramya Tomar discovered an issue with Trillian application (by Cerulean Studios) in which a temp file is created in the <Install Directory>usersdefaultcache with a random name that contains the password in *clear text* if the user will try to check web-based email account (e.g. Yahoo email account) and this file is world readable. The said file is not deleted after the session or existing the program Trillian.

Read his report in SecurityFocus Bugtraq

Windows Vista, IE7 Betas Leak to Web

Less than 24 hours after Microsoft announced the release of Windows Vista Beta 1 and Internet Explorer 7 Beta 1 to testers and MSDN subscribers, both betas have leaked to Internet sites and newsgroups along with a crack for Windows Product Activation, according to BetaNews sources.

The Vista download weighs in at close to 2.5GB, but the operating system’s heft did not keep the pirates away. The next-generation Windows beta likely uses the same activation technology found in Windows XP, which was compromised long ago.

Beta News


Virus Writer Targets AV Vendors

A virus writer apparently seeking notoriety instead of financial gain has released malicious code that ridicules anti-virus vendors and Sasser worm author Sven Jaschan, a security firm said Friday.

The Lebreat-D virus, which is rated a low threat, creates in infected computers a JPEG image file of Jaschan, a German teenager recently convicted of authoring the widespread Sasser and Netsky worms, Sophos Plc said.

The Lebreat worm, which is spread through email attachments and exploits a Microsoft security vulnerability, opens a backdoor to an infected Windows computer, enabling a hacker to gain control. The virus indicates that a denial of service attack could be planned against security vendors Symantec Corp. and McAfee Inc., but doesn’t say when, Sophos said.


Worm poses as pirated ‘Grand Theft Auto’

A worm that targets gamers is making the rounds, tapping into popular titles and peer-to-peer file sharing, a security company has warned.

The worm, Hagbard.A, tries to disguise itself on peer-to-peer networks as pirated downloads of the popular games titles “Grand Theft Auto: San Andreas,” “Need for Speed Underground 2” and 400 other programs, Sophos said in an advisory released on Friday.


W32/Hagbard-A copies itself to a number of locations on the hard drive, including shared folders for various peer-to-peer applications. The worm also installs a web server, allowing a remote user access to files on the infected system. The installed file is also detected as W32/Hagbard-A.

W32/Hagbard-A may send messages to other users of Windows Messenger, containing a link and the following text:

please download this…its only small brb

The link points to a copy of the worm stored on the infected system.

The worm may change the Start Page in Internet Explorer.


The hunt is on for file format bugs

iDefense has released new tools to discover flaws in popular file formats. File formatting flaws have become a common exploit, allowing attackers to run malicious code when a user simply views an image or reads an e-mail. Two of three critical updates released by Microsoft dealt with file format flaws. FileFuzz for Windows and SpikeFile and NotSpikeFile for Linux enable a researcher to manipulate single bits within a file and check the file for potential exploits. The tools do not find the exploits but point researchers to areas for further examination. While iDefense admits the tools could be used by malicious hackers to find vulnerabilities, Joshua Feldman, a security engineer at Science Applications International, thinks they will only appeal to researchers. The tools are available as open source and can be downloaded from the iDefense website.


Phishers Steal Trust from eBay Sign In Pages

Fraudsters have exploited a flaw in the eBay web site that allows them to orchestrate phishing attacks using eBay’s own Sign In page.

Registered users of eBay’s popular online auction web site must sign in using a username and password in order to participate in bidding and listing of items. A new style of phishing attack reported through the Netcraft Toolbar community shows fraudsters exploiting flaws on the Sign In page and on another ancilliary page which results in victims being redirected to the fraudster’s phishing site after they have logged in.

This particular attack starts off like many others, by sending thousands of emails that instruct victims to update their eBay account details by visiting a URL. However, that is where the similarity ends, because the URL in this case actually takes the victim to the genuine eBay Sign In page, hosted on