Panda Software offers free “Basic Virus Course”. It is a two-hour basic course, through which you will acquire a basic knowledge on viruses and on how to be protected against them. You can read it at your own pace: you can stop and start again where you left off. Repeat it completely, or just those chapters you liked the most.
The course consists of twelve chapters:
- The beginning
- Viruses and their effects
- Types of virus
- Example of virus
- Example of hoaxes
- Virus entry-points
- What is an antivirus program?
- How to combat viruses?
- Is my computer protected?
- Suspected virus infection?
- Some tips
Suramya Tomar discovered an issue with Trillian application (by Cerulean Studios) in which a temp file is created in the <Install Directory>usersdefaultcache with a random name that contains the password in *clear text* if the user will try to check web-based email account (e.g. Yahoo email account) and this file is world readable. The said file is not deleted after the session or existing the program Trillian.
Read his report in SecurityFocus Bugtraq
Less than 24 hours after Microsoft announced the release of Windows Vista Beta 1 and Internet Explorer 7 Beta 1 to testers and MSDN subscribers, both betas have leaked to Internet sites and newsgroups along with a crack for Windows Product Activation, according to BetaNews sources.
The Vista download weighs in at close to 2.5GB, but the operating system’s heft did not keep the pirates away. The next-generation Windows beta likely uses the same activation technology found in Windows XP, which was compromised long ago.
Eric L. Howes created another interesting page entitled The State of Hotbar Detections by some antispyware programs. It’s in http://www.spywarewarrior.com/elh/hotbar-detections.htm
John Goerzen discovered that gopher, a client for the Gopher Distributed Hypertext protocol, creates temporary files in an insecure fashion. The recommendation is to upgrade to v3.0.3woody3 (woody), v3.0.7sarge1 (sarge) and v3.0.9 (unstable distribution sid). You can get the gopher packages from Debian.org
A virus writer apparently seeking notoriety instead of financial gain has released malicious code that ridicules anti-virus vendors and Sasser worm author Sven Jaschan, a security firm said Friday.
The Lebreat-D virus, which is rated a low threat, creates in infected computers a JPEG image file of Jaschan, a German teenager recently convicted of authoring the widespread Sasser and Netsky worms, Sophos Plc said.
The Lebreat worm, which is spread through email attachments and exploits a Microsoft security vulnerability, opens a backdoor to an infected Windows computer, enabling a hacker to gain control. The virus indicates that a denial of service attack could be planned against security vendors Symantec Corp. and McAfee Inc., but doesn’t say when, Sophos said.
A worm that targets gamers is making the rounds, tapping into popular titles and peer-to-peer file sharing, a security company has warned.
The worm, Hagbard.A, tries to disguise itself on peer-to-peer networks as pirated downloads of the popular games titles “Grand Theft Auto: San Andreas,” “Need for Speed Underground 2” and 400 other programs, Sophos said in an advisory released on Friday.
W32/Hagbard-A copies itself to a number of locations on the hard drive, including shared folders for various peer-to-peer applications. The worm also installs a web server, allowing a remote user access to files on the infected system. The installed file is also detected as W32/Hagbard-A.
W32/Hagbard-A may send messages to other users of Windows Messenger, containing a link and the following text:
please download this…its only small brb
The link points to a copy of the worm stored on the infected system.
The worm may change the Start Page in Internet Explorer.
iDefense has released new tools to discover flaws in popular file formats. File formatting flaws have become a common exploit, allowing attackers to run malicious code when a user simply views an image or reads an e-mail. Two of three critical updates released by Microsoft dealt with file format flaws. FileFuzz for Windows and SpikeFile and NotSpikeFile for Linux enable a researcher to manipulate single bits within a file and check the file for potential exploits. The tools do not find the exploits but point researchers to areas for further examination. While iDefense admits the tools could be used by malicious hackers to find vulnerabilities, Joshua Feldman, a security engineer at Science Applications International, thinks they will only appeal to researchers. The tools are available as open source and can be downloaded from the iDefense website.
The Electronic Frontier Foundation (EFF) warns users that some color laser printers contain code that prints barely perceptible dots on documents to allow the government to track them.
Fraudsters have exploited a flaw in the eBay web site that allows them to orchestrate phishing attacks using eBay’s own Sign In page.
Registered users of eBay’s popular online auction web site must sign in using a username and password in order to participate in bidding and listing of items. A new style of phishing attack reported through the Netcraft Toolbar community shows fraudsters exploiting flaws on the Sign In page and on another ancilliary page which results in victims being redirected to the fraudster’s phishing site after they have logged in.
This particular attack starts off like many others, by sending thousands of emails that instruct victims to update their eBay account details by visiting a URL. However, that is where the similarity ends, because the URL in this case actually takes the victim to the genuine eBay Sign In page, hosted on signin.ebay.com.