Firm claims e-mail spam success

A fledgling Swansea company claims to have made a breakthrough in the fight against spam e-mail. NetBop Technologies says its new filter has so far proved effective in stopping 99.5% of junk messages. Founder Andrew Downie, a graduate of the city’s university, says his BopSpam filter operates differently to many of the competitors on the market. http://news.bbc.co.uk/1/hi/wales/south_west/3669653.stm

Anti-Phishing: Citibank Security Update

Summary Email title: ‘Citibank Security Update’ Scam target: Citibank customers  Email format: A HTML email  Sender: citibank.com <csupport6@citibank.com> Sender spoofed? Yes Scam call to action: “Due to technical update we recommend you toreactivate your account.” Scam goal: Getting victim’s Citibank website account/password and ATM PIN Call to action format: URL link  Visible link: http://web.da-us.citibank.com Called link : http://citibank-validate.info/Resolved site:  http://citibank-validate.info/, along with http://www.citibank.com (the legitimate Citibank site) http://www.antiphishing.org/phishing_archive/29-04-04_Citibank_(Citibank_Security_Update).html

Washington wakes up to spyware, adware

Two anti-spyware bills are being readied in time for a hearing Thursday in the U.S. House of Representatives. The measures, one sponsored by a California Republican and the other by a Washington Democrat, take different approaches toward software that lurks on a computer and serves pop-up ads or transmits personal information. But both make the same point: Official Washington is becoming officially fed up with the proliferation of spyware and adware. The new attention paid to malicious software follows last fall’s unprecedented focus on unsolicited commercial e-mail. http://news.com.com/2100-1023_3-5201819.html

Microsoft hole spawns real attacks, false alarm

Anti-virus company Symantec backtracked on Wednesday after claiming that it captured an example of a new Internet worm that takes advantage of a recently disclosed hole in Windows machines running Secure Sockets Layer (SSL). http://www.nwfusion.com/news/2004/0428microhole.html?fsrc=rss-security

Zone-H: Lycos defaced by Data Cha0s

Yesterday, was 5.17 AM, one of many Lycos’s sub-domains has been defaced: https://insite.lycos.com The Brazilian Crew named data Cha0s, has probably taken advantage of the recent SSL vulnerability that affects IIS. http://www.zone-h.org/en/news/read/id=4200/

Microsoft to create pop-up safety lessons

http://news.com.com/2100-1002_3-5201585.html Microsoft plans to use more dialog boxes and other messages in future software releases to educate people on ‘safe’ computing. At the InfoSecurity trade show in London, Microsoft said Tuesday that new versions of its Windows and Office products will educate customers about security via dialog boxes, warning messages and offers to automatically configure security settings.

Symantec May Have Found Windows SSL Worm Already

Symantec late Tuesday afternoon captured a sample of malicious code that spreads by exploiting one of the many vulnerabilities in Windows disclosed this month by Microsoft. The vulnerability stems from a flaw in Windows Protected Communications Technology (PCT) v. 1.0, a packet protocol within Microsoft’s SSL library. SSL is an encryption technology typically used to secure communications with Web sites — such as those for processing credit card orders — and for locking down e-mail. The vulnerability was made public on April 13 as part of the month’s security bulletins from Microsoft. On Monday, several security analysts noted that although … Continue reading Symantec May Have Found Windows SSL Worm Already

McAfee VirusScan ActiveX Controls Let Remote Users Access the Target User’s System

Date:  Apr 27 2004  Impact:  User access via network Exploit Included:  Yes    Description:  A vulnerability was reported in McAfee VirusScan. A remote user may be able to access a target user’s system. Jonathan Payne reported that the software appears to install several non-secure ActiveX controls. A remote user can reportedly create HTML that, when loaded by the target user, will invoke the ActiveX controls and access the target user’s system. A demonstration exploit that accesses the target user’s Windows registry is provided in the Source Message.  Impact:  A remote user can create HTML that, when loaded by the target user, will … Continue reading McAfee VirusScan ActiveX Controls Let Remote Users Access the Target User’s System

Security in Longhorn: Focus on Least Privilege

Summary: Longhorn promises to be a great platform for least privileged applications. Get started today by writing managed code, first of all. When building desktop applications, make them LUA-compliant (and use the Windows Application Verifier to help check your work) http://msdn.microsoft.com/longhorn/default.aspx?pull=/library/en-us/dnlong/html/leastprivlh.asp Source:  Jerry’s Security Weblog

‘Burnt out’ IT staff losing virus battle

Failure to centralise antivirus software management exhausts IT workers Companies that have yet to centralise the management of their antivirus software are exhausting their IT staff.While the majority of firms have taken users out of the loop of updating antivirus software, those that have not are unable to cope due to the sheer volume of viruses, according to application switching vendor Radware. “Users can’t be trusted to do it themselves,” said Tony Crowley, Radware’s regional director for northern Europe. http://www.vnunet.com/News/1154643