In the wild: Rogue Antivirus XP 2008 SPAM

The campaign by bad guys to spread their rogue antivirus program’s installer of Antivirus XP 2008 is not only thru trojan infection but also via email SPAM: Going to the bad link will try to auto-download the installer of Rogue antivirus XP 2008’s installer.

In the Wild: UPS Packet Service malware SPAM – ups_invoice.zip

It’s in the wild – SPAM with infected file ups_invoice.zip and my inbox has 4 of it today: 63% of malware scanner will detect the infected file, if user mistakenly download retrieve this unwanted email or save or touch that file: Scan result:  http://www.virustotal.com/analisis/07d607ef1cfcd0b67fe27595a71a9452 NOTE:  If you will google “UPS Packet” or UPS Paket”, you will see the same message posted in newsgroup and forums 🙁 ….really in the wild so be careful guys.

DNS Security Flaw Secretly Patched by Multiple Vendors

Internet vendors have quietly and secretly patched a defect in the Domain Name System that could have let hackers control the Web. Security expert Dan Kaminsky found the problem and quietly alerted CERT, which outlined the problem after patches were released. Hackers could have used cache poisoning to control traffic, e-mail and data. http://www.newsfactor.com/news/DNS-Security-Flaw-Secretly-Patched/story.xhtml?story_id=023000SJUO7U

Security Newsletters by Microsoft July 2008 issue

Security Newsletter For Home Users: Protect yourselfProtect yourself while traveling this summer:  It’s summer! The kids are out of school, and it’s time to travel, right? Just make sure to protect yourself. If you bring your portable computer or mobile phone with you, start with 3 ways to protect your laptop on the road or tips to avoid wireless attacks through your Bluetooth cell phone. If you’re traveling sans mobile devices, you’ll find these other tips helpful: 5 safety tips for using a public computer Use public wireless networks more safely Security updates for July 8, 2008 Protect your computer … Continue reading Security Newsletters by Microsoft July 2008 issue

RealPlayer delisted in Installers Hall of Shame

We found many dodgy installers and the list of has grown from 3 to 39 software installers that adds unwanted add-on and it is pre-checked. Today, we delisted RealPlayer from the dodgy installer listings. See http://www.dozleng.com/updates/calendar50398

Microsoft Security Bulletins MS08-039 & MS08-040 revisions

MS08-040 has been revised to remove erroneous references to SQL Server 2005 Service Pack 1 in the MBSA and  SMS Detection and Deployment tables. Also clarified permissions requirements for vulnerability mitigating factors.  MS08-039 was also revised by changing the information reference link for OWA Premium in the Mitigating Factors sections for both vulnerabilities