Inside Snow Leopard’s hidden malware protection

While malicious software has long been a near-daily annoyance for Windows PCs, Mac users have become accustomed to not worrying about malware. Threats arise from time to time—in January of this year, for example, a Trojan horse made the rounds in pirated copies of Apple’s iWork software—but most Mac users these days are probably running computers without antivirus software. Apple has encouraged that habit, too, by frequently touting the Mac’s resistance to malware in its advertising materials, especially when compared to Windows. But with the release of Mac OS X 10.6 (Snow Leopard), Apple has finally decided to subtly step … Continue reading Inside Snow Leopard’s hidden malware protection

New Version of Download Manager for Adobe Reader Available

A new version of the download manager for Adobe Reader is live. This new version resolves the Moderate local privilege escalation issue discussed in an Adobe PSIRT blog post on July 22. No action is required for users downloading Adobe Reader from http://get.adobe.com/reader/. Users who previously downloaded Adobe Reader for Windows from http://get.adobe.com/reader/ can verify they are not vulnerable to this download manager issue by checking the following: Ensure that the C:Program FilesNOS folder and its contents are not present on your system. Click "Start" > "Run" and type "services.msc". Ensure that "getPlus(R) Helper" from the list of services. If … Continue reading New Version of Download Manager for Adobe Reader Available

Symantec Advisory SYM09-012 on Norton and Symantec Client Security

Security Advisories Relating to Symantec Products – Norton AntiVirus and Symantec Client Security Email Denial of Service Vulnerability Risk Impact:  Low Overview Norton AntiVirus and Symantec Client Security are susceptible to an email denial of Service (DoS) attack which could be triggered by a specially crafted email message. Affected Products Norton AntiVirus    2005 through 2008 Norton Internet Security    2005 through 2008 Symantec AntiVirus Corporate Edition 9.0 MR6 and earlier, 10.0 all versions, 10.1 MR7 and earlier, 10.2 MR2 and earlier Symantec Client Security 2.0 MR6 and earlier, 3.0 all versions, 3.1 MR7 and earlier Details Next Generation Security Software notified … Continue reading Symantec Advisory SYM09-012 on Norton and Symantec Client Security

Windows Server Update Services 3.0 SP2 released

The new version of WSUS is out – it’s v3.0 SP2.  Release notes is in Release Notes WSUS 3.0 SP2 or read http://support.microsoft.com/?kbid=972455.  It’s available for download at http://www.microsoft.com/downloads/details.aspx?FamilyId=a206ae20-2695-436c-9578-3403a7d46e40&displaylang=en Microsoft Update Team blog last month the we’ll be getting new version of Windows Update Agent this month.  For admins, who want the new version, they can grab it now from download center of Microsoft. http://blogs.technet.com/mu/archive/2009/07/10/upcoming-update-for-windows-update.aspx http://blogs.technet.com/mu/archive/2009/08/17/reminder-on-upcoming-update-for-windows-update.aspx

WPA data is gone in 60 seconds

Japanese boffins took time out from fighting giant moths to work out how to break the WPA encryption system used in wireless routers in just sixty seconds. Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University plan to tell the world plus dog how to do it at a technical conference set for September 25 in Hiroshima. The attack gives hackers a way to read encrypted traffic sent between computers and certain types of routers that use the WPA or WiFi Protected Access encryption system. http://www.theinquirer.net/inquirer/news/1531702/wpa-gone

New ‘rogueware’ variants spotted: SaveKeep, SaveSoldier and TrustNinja

Security researchers have discovered several new variants of malware which pose as legitimate anti-virus solutions. Security researchers have warned of three new variants of fake anti-virus programs, also known as ‘rogueware’, in circulation. The malware attempts to convince anyone unwise enough to install it on their system that they should hand over money in order to wipe non-existent viruses from their system. The three programs use different names but look very similar. "Three of the new families we’ve seen this week, called SaveKeep, SaveSoldier and TrustNinja are at the end the same rogueware but rebranded, which is one of the … Continue reading New ‘rogueware’ variants spotted: SaveKeep, SaveSoldier and TrustNinja

Banks face legal challenge to disclose phished account details

In a move that could see banks forced to hand over greater information on data breaches, a US anti-spam outfit has filed a lawsuit against unnamed "John Does" accused of using malware to steal money from business bank accounts. Unspam Technologies, which uses volunteers and software to track down information about spammers, has filed the complaint against "John Does stealing money from US businesses through unauthorized electronic transfers made possible by computer viruses transmitted in spam". Unspam’s lawyer, Jon Praed, told the New York Times that it is often difficult to track perpetrators of these crimes because banks are reluctant … Continue reading Banks face legal challenge to disclose phished account details

Cyber-gangs are raiding U.S. companies’ bank accounts

Scammers from Eastern Europe typically install malware and pull money out in increments, a financial industry group says. One Texas firm lost $1.2 million, and a school district had $700,000 stolen. Organized cyber-gangs in Eastern Europe are increasingly preying on small and mid-size companies in the United States, setting off a multimillion-dollar online crime wave that has begun to worry the nation’s largest financial institutions. A task force representing the financial industry sent out an alert last week outlining the problem and urging its members to implement many of the precautions now used to detect consumer bank and credit card … Continue reading Cyber-gangs are raiding U.S. companies’ bank accounts

Malicious CD ROMs mailed to banks

From Internet Storm Center’s Handler’s Diary: The National Credit Union Administration (NCUA) published an interesting advisory here: http://www.ncua.gov/news/press_releases/2009/MR09-0825a.htm Member credit unions evidently are reporting receiving letters which include two CDs. The letters claim to originate form the NCUA and advertises the CDs as training materials. However, it appears that the letter is a fake and the CDs include malware. http://isc.sans.org/diary.html?storyid=7024

Apple confirms malware protection in Snow Leopard

Although it’s not advertised on any of its Snow Leopard pages (1, 2, 3) Apple has confirmed a report by Ryan Naraine on his Zero Day blog that Mac OS 10.6 includes malware protection. As it turns out, it’s not entirely new though. Yesterday The Loop confirmed that Snow Leopard uses Apple’s File Quarantine technology to check for known malware signatures in files downloaded by Safari, iChat and Mail and that it first appeared in Mac OS X Tiger (Mac OS 10.4). When malware is found, Snow Leopard will recommend moving the file to the trash, as seen the the … Continue reading Apple confirms malware protection in Snow Leopard