F-Secure highlights new removal process used by ZeroAccess malware

ZeroAccess malware – deletes itself using an innovative technique
http://www.f-secure.com/weblog/archives/00002385.html

QUOTE: We normally see malware developing and evolving over the years. One particular malware we’ve been following is ZeroAccess, which has been continuously improving which we first detected it in late 2010. Case in point: in the latest samples, its self-deletion routine has changed.  This is a simple Windows batch file ZeroAccess used to use to remove itself after execution, as a fast and simple way to hide any traces of its presence from the user. Lots of other malware use this batch file self-deletion method. Recently though, it looks like ZeroAccess wants to be a bit more different and make things more complicated for analysts.

Facecrooks Security notes this recent development is a legitimate link where Facebook is sharing basic security tips with it’s user community.

Facebook – Simple Security Tips now highlighted for Users
http://facecrooks.com/Internet-Safety-Privacy/facebook-is-rolling-out-security-tips-to-users.html

Facebook – More details on Security settings
https://www.facebook.com/help?page=203917589649396

QUOTE: If you see a link at the top of your Facebook page to ‘simple security tips,’ don’t be surprised or alarmed that it could be a scam. Facebook has created a page with some common sense security tips, very much like the ones we often release. The resource page contains a short video from a member of Facebook’s Security team, and the following top three tips shown below:

1.Know how to spot a scam — If an offer looks too good to be true, it probably is. Think twice before you click on a link for free airline tickets or other common scams.

2.Choose a one-of-a-kind password — Is your Facebook password different than your email password? If not, please reset your password today.For more password related security tips see our article: The Top Ten Commandments of Password Protection.

3.Confirm your mobile number — If you forget your password, we’ll be able to text you a new one. To make sure we can reach you, confirm your mobile number. We often encourage our readers to enable login approvals, so that even if your Facebook password is compromised the hacker will need a code sent via text message to access your account.

Please note that the Internet Explorer MS12-037 update is rated as “PATCH NOW” by the ISC and is being actively exploited in the wild. 

Microsoft Security Updates – June 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-jun

Microsoft Security Updates – June 2012
(excellent analysis by ISC)
https://isc.sans.edu/diary.html?storyid=13453