The world’s largest hard disk manufacturer will offer customers 5% cash back on disk drives bought over the last six years in order to settle a legal action over the measurement of hard drive capacity.
But the real story starts way back, when marketers decided 24 bytes didn’t mean much. In modern terms, it’s equivalent to a fraction of a cent, or the weight of a feather atop a two tonne truck.
Story at http://apcmag.com/7449/seagate_offers_cash_to_customers_for_missing_megabytes via CoU.
You can file your claim at http://www.harddrive-settlement.com/
Calendar of Updates thanks ESET for donating 10 e-license of NOD32 antivirus!
Kittycard.exe is now of one the filename use by this Storm Worm.
Email received today:
The new filename is Kittycard.exe:
Half of malware scanners via VirusTotal.com will detect it while half did not:
For you… to read:
The Storm Worm: http://www.schneier.com/blog/archives/2007/10/the_storm_worm.html
Just How Bad Is the Storm Worm:
My previous blog entries on Kitty (Storm Worm) :
2 more Kitty, Kitty Detection Improving, Norton blocked Kitty, Kitty Kitty
the PDF file will download ldr.exe file
The PDF is spiced with CVE-2007-5020 exploit that downloads ms32.exe that downloads more components.
So I grab both .exe files (ms2.exe and ldr.exe) and uploaded it to Virustotal.com. The AVs should protect and detect users from it if it failed to detect and block the malicious PDF file.
Only 50% of malware scanners will detect the ms2.exe as malicious.
71.88% of malware scanners will detect the ldr.exe as malicious.
Screenshots of the result at http://www.dozleng.com/updates/index.php?showtopic=16119
Security experts are saying that a well-intentioned effort by the New Jersey Office of the Attorney General to combat phishing may backfire.
Earlier this week, State Attorney General Anne Milgram called on four banks — Bank of America, Citibank, Washington Mutual, and New Jersey-based Sun National Bank — to provide her with details on how they respond to phishing incidents.
we are looking for examples of the PDFs being sent out
I send one copy of the PDF file to you guys and the IP info where the email was sent out. Hope you got it 🙂
If you haven’t update your Adobe Reader to v8.1.1, you better to do it NOW.
The vulnerability is being exploited now and yup, it’s in the wild because I received copies already. Screenshots at http://www.dozleng.com/updates/index.php?showtopic=16119
Adobe fixed the security issue by releasing v8.1.1. See their advisory here and please update NOW.
Microsoft updated their security advisory on the above due to increased of threat level.
Read the write-up of Symantec on what they detected and blocked in the email I received : Bloodhound.Exploit.163 – Bloodhound.Exploit.163 is a heuristic detection for PDF files attempting to exploit the Adobe Acrobat Mailto Unspecified PDF File Security Vulnerability
See also: http://blogs.technet.com/robert_hensing/archive/2007/10/26/it-begins-pdf-spam-run.aspx (Thanks to MVP Susan Bradley for the link)
Update: Go to http://www.dozleng.com/updates/index.php?showtopic=16119 to see the VirusTotal.com scan result to find out which malware scanners is FAST in detecting malicious files that is IN THE WILD.
Symantec blog today on how rogue applications infiltrate user’s machine to earn money.
It’s done by rogue apps thru System tray, Active Desktop, Dialogue box.
Symantec provided some screenshots including a misleading application with a Windows Vista look.
PineApp has released a free zombie test that can instantly discover whether an organization’s computer network might be an unwitting spamming machine — a “zombie” or “bot” — that can send thousands of infected spam messages to other networks—without its knowledge.
As a global provider of appliance-based solutions for email and network security, PineApp Corporation (http://www.pineapp.com) has created the free diagnostic tool—Zombie Detection System™ (ZDS™)—to determine if a network is infected. Organizations can simply go to http://www.rbltest.com/, enter the IP address and get an instant analysis.