Malicious PDF file has a variant and it’s undetected by several AV

The first few malicious PDF file that I received 3 days ago was sent from Germany.  Today, I received 4 of the PDF files and it was sent from US and Panama networks. Scanning via VirusTotal resulted to –> only 7 out of 32 scanners will detect the variant which is understandable if they don’t have a copy yet.  I posted the screenshots over at http://www.dozleng.com/updates/index.php?s=&showtopic=16119&view=findpost&p=70086 as my reply to my initial alert.  3 out of 4 has the same file size and checksum. Hopefully the submissions I did thru VirusTotal free online scanner service will be distibuted soon (to … Continue reading Malicious PDF file has a variant and it’s undetected by several AV

Leopard vs. Vista: feature chart showdown

There’s no doubt, Vista and Leopard are both extremely advanced, feature rich consumer operating systems. But way back in January when Vista launched knew we had little choice but pit the two in a head to head chartngraph Thunderdome competition. We know we’re not even going to be able to stop the epic fanboy arguments about break out over this one, so we just ask that you try to keep it fair. Leopard vs. Vista: it’s on. NOTE: This chart is only for out of box features, and does not take into account 3rd party software. http://www.engadget.com/2007/10/27/leopard-vs-vista-feature-chart-showdown/

Apple’s Leopard rejects latest version of Java

Forum overlords delete developer gripes Apple faces yet more flack from the Mac faithful over the discovery that the operating system won’t run the latest version of Java. It’s one of several beefs relating to the OS X upgrade that is sparking vitriol among the normally docile crowd. Leopard may have 300 new features, but it is unable to run Java 1.6, even though that same version is available for both Windows and Linux. That has taken some Mac users by surprise, including some on this user forum on Apple’s website. Several users there say 1.6 is so central to … Continue reading Apple’s Leopard rejects latest version of Java

Seagate settles class action: cash back over misleading hard drive capacities

The world’s largest hard disk manufacturer will offer customers 5% cash back on disk drives bought over the last six years in order to settle a legal action over the measurement of hard drive capacity. But the real story starts way back, when marketers decided 24 bytes didn’t mean much. In modern terms, it’s equivalent to a fraction of a cent, or the weight of a feather atop a two tonne truck. Story at http://apcmag.com/7449/seagate_offers_cash_to_customers_for_missing_megabytes via CoU. You can file your claim at http://www.harddrive-settlement.com/

Malware is Multiplying, Study Warns

Malicious code that installs files such as Trojans, password stealers, keyboard loggers and other malware on users’ systems registered a fivefold increase in the first half of 2007, according to research released by Microsoft at the RSA Security conference in London. And in the same period, 31.6 million phishing scams were detected, an increase of 150 percent over the previous six months. The survey, sponsored by Microsoft and conducted by the Ponemon Institute, interviewed more than 3,600 security, privacy and marketing executives across a variety of industries, such as financial services, healthcare, technology and government, in the U.S., U.K. and … Continue reading Malware is Multiplying, Study Warns

CAPTCHA Wish Your Girlfriend Was Hot Like Me?

When bots started spreading over the Internet scene a few years ago, security experts fought back with a system dubbed as “Completely Automated Public Turing test to tell Computers and Humans Apart,” or more popularly known as the CAPTCHA. The system was aimed at preventing automated submissions/registrations by prompting the user to validate himself as a human, usually requiring the user to input a sequence of alphanumeric characters contained in an image supposedly “unreadable” by a machine. However, some people are really hooked up on defeating the CAPTCHA, and they are literally asking for public help, in a rather discreet … Continue reading CAPTCHA Wish Your Girlfriend Was Hot Like Me?

Malicious IFRAMEs hosted on e-zines: a Media Possibility

A handful of online magazines (e-zines) owned by Possiblity Media, some of which are related to IT, are hosting malicious IFRAMEs. Security Researcher Dancho Danchev shared this discovery with the rest of the security community. Some of the e-zines that are hosting malicious IFRAMEs are: webweekmag.com – Web Week Magazine itweekmagazine.com – IT Week Magazine technologyweekmag.com – Technology Week Magazine theinternetstandardmag.com – The Internet Standard securitystandardmag.com – Security Standard Danchev notes that there are a total of 24 e-zines, all of which are owned by Possibility Media, that have malicious IFRAMEs embedded in them. Trend Micro threat analyst Jonell Baltazar … Continue reading Malicious IFRAMEs hosted on e-zines: a Media Possibility

Storm Worm variant now using Kittycard.exe as filename

Kittycard.exe is now of one the filename use by this Storm Worm. Email received today: The new filename is Kittycard.exe: Half of malware scanners via VirusTotal.com will detect it while half did not: For you… to read: The Storm Worm: http://www.schneier.com/blog/archives/2007/10/the_storm_worm.html Just How Bad Is the Storm Worm: http://blog.washingtonpost.com/securityfix/2007/10/the_storm_worm_maelstrom_or_te.html My previous blog entries on Kitty (Storm Worm) : 2 more Kitty, Kitty Detection Improving, Norton blocked Kitty, Kitty Kitty