Month: September 2009

A recently identified BlackBerry Browser bug that affects the vast majority of RIM smartphones makes BlackBerry owners more vulnerable to phishing attacks. BlackBerry maker RIM claims to have released new software to address the issue to carriers, yet most of those updated builds are not yet publicly available via U.S. carrier sites. Here’s how to stay safe, now and later. BlackBerry smartphone users who frequently surf the Web via handheld will want to keep checking with their wireless carriers for BlackBerry Handheld Software updates in the coming weeks. That’s because a new bug found in most current versions of Research … Continue reading Beware BlackBerry Browser Bug Until Carriers Offer Updates

Still room in the anti-malware market Kaspersky’s David Emm has admitted that Microsoft’s free Security Essentials package will have a big effect on the anti-malware market but insisted that there is still room for companies to produce quality security software. Microsoft Security Essentials is likely to have a huge impact, allowing people to install a free piece of software which will provide top-level security against malware such as viruses and Trojans. This is likely to pinch the market for traditional PC Security companies such as Kaspersky, but Emm is upbeat about the new arrival and insists that people will still … Continue reading Kaspersky pragmatic about Microsoft’s free security

Netherlands ISPs last month launched a joint effort to fight malware-infected computers and botnets — fondly described by locals as a "treaty." The effort involves 14 ISPs, 98 percent of the consumer market, and will include: – Exchange of relevant information among the cooperating ISPs – Quarantine of infected computers – Notification of end-users by their ISP This way, information-sharing will lead to better coverage of the issues and a faster response time, quarantine will ensure that the infected no longer participate in criminal activity nor infect others, and most importantly, the ISPs take responsibility to notify their victimized users … Continue reading Dutch ISPs Sign Anti-Botnet Treaty

A security researcher at the University of Michigan has released a tool that help Chinese computers users disable the censorship functionality of the controversial Green Dam Youth Software. The Dam Burst utility, created by researcher Jon Oberheide, works by by injecting code into a running application and removing the Green Dam hooks that enable it to monitor and block user activity. This effectively restores the running application to its original uncensored state, Oberheide explained. http://blogs.zdnet.com/security/?p=4471

According to an assessment published by the Information Warfare Monitor, Chinese hacktivists (politically motivated hackers) have recently launched a targeted malware attack against foreign news correspondents attempting to trick them into executing a malware-embedded PDF attachment (Interview list.pdf), coming from a non-existent editor working for The Straits Times. http://blogs.zdnet.com/security/?p=4476

Microsoft Security Essentials Version:  1.0.1611.0 has been released by Microsoft.  Note:  This is not beta but final version.  Available to all.  Discussion is in http://www.calendarofupdates.com/updates/index.php?showtopic=23488 Download:  http://www.microsoft.com/Security_essentials/ My review on Microsoft Security Essential is in http://www.brighthub.com/computing/smb-security/reviews/39342.aspx You might want to see also:  AntiVir PE vs Microsoft Security Essentials

That appears to be the conclusion of a pair of independent tests recently released by NSS Labs. Back in June of 2008 you may remember there was some noise in the IT press, as Trend Micro was declining to participate in some of the well known anti-malware tests, such as VB100. Our argument at the time, and this still stands today, was that those tests simply do not accurately reflect the threat as our customers encounter it, and as such the results may offer a false sense of security. The internet has emerged as the most abused attack vector, attacks … Continue reading Trend Micro: In Security, Reputation Is Key

The U.S. Federal Bureau of Investigation is probing a rash of reported online computer intrusions that have resulted in hundreds of thousands of dollars being stolen from school districts in Illinois. FBI investigators are working on a computer intrusion case at the Crystal Lake School District in Crystal Lake, Illinois, said Ross Rice, a spokesman with the FBI’s Chicago office. But several other school districts also believe that they have been hit by the same malicious software, Rice said. The FBI believes that the Clampi virus, already associated with a rash of banking thefts throughout the U.S., may be to … Continue reading School boards hit with cash-stealing Trojan

Trend Micro researchers discovered another wave of mass compromised websites involving several Thai government agencies’ sites. One of the compromised sites, the Thai Police site, was injected with malicious codes to redirect users to several malicious sites. One of the landing pages, http://{BLOCKED}t.ru/ip/bchqu1.exe served a downloader detected by Trend Micro as TROJ_DLOADER.DNG. This Trojan downloader is responsible for downloading several malware (detected as TROJ_FAKEREAN.BW, TROJ_CUTWAIL.GQ, and TSPY_ZBOT.ACH). http://blog.trendmicro.com/several-compromised-thai-sites-serve-malware/ Fake Windows Live Malware Spreads via Email Trend Micro threat analysts recently snagged an email pushing a bogus Windows Live Messenger residing in http://{BLOCKED}s-live-msn.serveftp.com/Windows_Live_9.0_beta.exe (detected as WORM_VB.PAB). The .EXE file is, of … Continue reading Several Compromised Thai Sites Serve Malware;Fake Windows Live Malware Spreads via Email

Hackers have publicly released new attack code that exploits a critical bug in the Windows operating system, putting pressure on Microsoft to fix the flaw before it leads to a worm outbreak. The vulnerability has been known since Sept. 7, but until today the publicly available programs that leverage it to attack PCs haven’t been able to do more than crash the operating system. A new attack, developed by Harmony Security Senior Researcher Stephen Fewer, lets the attacker run unauthorized software on the computer, in theory making it a much more serious problem. Fewer’s code was added to the open-source … Continue reading Pressure on Microsoft, as Windows attack now public