Nanoscan+TotalScan+ActiveScan 1 = Panda ActiveScan 2.0

Panda Research is planning to release today or tomorrow a new version of Panda ActiveScan. It will be version 2.0.  They integrated their online scanners (ActiveScan 1.0, NanoScan & TotalScan) into a single new scanner. Panda ActiveScan 2.0 is also integrated with: Genetic Heuristics Engine to detect unknown malware and new variants. Specialized heuristics for cybercrime and identity theft trojans. Anti-rootkit technology for detecting acitvely running rootkits. Scanning from the cloud uses Collective Intelligence community detections of malware & goodware processes loaded in memory. More info with screenshot at http://research.pandasecurity.com/archive/Panda-ActiveScan-2.0.aspx

avast! Home/Professional aavmker4.sys Privilege Escalation

Tobias Klein has reported a vulnerability in avast! Home/Professional, which can be exploited by malicious, local users to gain escalated privileges. An input validation error within the 0xb2d60030 IOCTL handler of the aavmker4.sys driver can be exploited e.g. to overwrite arbitrary kernel memory via a specially crafted IOCTL request. The vulnerability is reported in version 4.7. Other versions may also be affected. Solution: Update to version 4.8.1169.http://www.avast.com/eng/download.html http://secunia.com/advisories/29605/

Euro 2008 sales site in drive-by download attack

Hackers have successfully planted malware on a website selling tickets for the upcoming Euro 2008 Championships. The site of European ticket re-sale firm euroticketshop.com was infected by Trojan horse malware in a bid to infect soccer-loving surfers with insecure PCs. This drive-by malware style of attack is growing increasingly popular. Visitors attempting to purchase tickets through the site were exposed to a malicious script which is embedded on some of its web pages. This malware (detected by net security firm Sophos as ObfJS-R) then attempts to download further items of malware from another remote website. It’s unclear at the time … Continue reading Euro 2008 sales site in drive-by download attack

Adware slips between pages of e-book

Iliad reader carries unwelcome surpriseAn adware package has turned up on the latest e-book devices from iRex, and will install itself automatically onto a connected PC if it gets the chance. The infection appears to be the imgInSOY worm, which copies itself between removable media and uses autorun.inf to infect any Windows system it comes across. In addition to copying itself onto any more removable devices the worm operates as adware. The Iliad is a Linux-based e-ink device which synchronises with a desktop PC to download books or other documents the user wants to read, as well as uploading sketches … Continue reading Adware slips between pages of e-book

Uninstaller’s boo-boos

Some vendors need to fix their uninstallers. Not only their application’s using more hard-disk space but it might put the user’s systems at risk. Check this topic at Calendar of Updates…to see examples of software uninstallers who made boo-boos.

IE7 Popup Window Address Bar URI Spoofing Vulnerability

Internet Explorer 7 is affected by a URI-spoofing vulnerability. An attacker may leverage this issue by inserting strings to spoof the source URI of a file presented to an unsuspecting user. This may lead to a false sense of trust because the user may be presented with a source URI of a trusted site while interacting with the attacker’s malicious site. Internet Explorer 7 is affected by this issue. Reports indicate that unspecified versions of Firefox are also prone to this issue, but that has not been confirmed. http://www.securityfocus.com/bid/28498/discuss

Mac OS X Trojan horse aims to make money off Macintosh users

Imunizator makes bogus claims that Apple Macs have privacy problems Sophos’s global network of virus, spyware and spam analysis centers, have advised the Apple Macintosh community not to panic following the discovery of another Trojan horse Mac OS X platform. Instead, Apple Mac lovers are advised to ensure that they continue to take personal computer security seriously and have a secure defense in place. The Trojan, named Troj/MacSwp-B (also known as Imunizator), tries to scare Mac users into purchasing unnecessary software by claiming that privacy issues have been discovered on the computer. http://www.sophos.com/pressoffice/news/articles/2008/03/imunizator.html

IRS warns of new online tax scams; protect yourself

Scam artists exploiting tax season have devised a range of new online cons: fake tax documents that contain malicious surprises; mass distribution of keyloggers aimed at snatching the identity of PC-based tax filers; and e-mail messages containing links to Web sites that promise new tax code information but instead push malware onto your PC. That’s not all, according to the Internal Revenue Service. This year, identity thieves are not just trying to gain access to your bank account or to open lines of credit in your name. Scammers are on the prowl for ordinary citizens’ identities that they can they … Continue reading IRS warns of new online tax scams; protect yourself