- http://www.darkreading.com/database_security/security/client/showArticle.jhtml?articleID=220300592&subSection=End+user/client+security
- http://www.scmagazineus.com/URLZone-touted-as-most-sophisticated-banking-trojan-yet/article/151096/
- http://news.cnet.com/8301-27080_3-10363836-245.html?part=rss&subj=news&tag=2547-1009_3-0-20
- http://www.wired.com/threatlevel/2009/09/rogue-bank-statements/
lunes, 5 de octubre de 2009
New Sophisticated URLZone Trojan
New, sophisticated malware is making it harder to detect some fraudulent online bank transactions. The URLZone Trojan horse program communicates with a command server to find out precisely how much money to take from the accounts it is plundering to evade detection and where to send the money; the Trojan also alters users' online bank statements so the fraudulent transactions do not show up. The Trojan exploits a vulnerability in Firefox, Opera, Internet Explorer 6, IE 7, and IE 8.
Security Essentials. Newly Released Security Tools Form Microsoft
Microsoft Security Essentials Not Available to Pirates.
Users running unlicensed or improperly licensed copies of Microsoft Windows will not be able to install the company's newly-released Security Essentials antivirus software. To install the software, users will be required to validate their copies of Windows operating systems.
Microsoft does allow users running pirated copies of Windows to download Internet Explorer 8 (IE 8), touted as the company's most secure browser yet. Microsoft also allows patches to be downloaded to pirated copies of Windows through Windows Update. There are other free anti-virus alternatives available, but the patches are available only from Microsoft.
Users running unlicensed or improperly licensed copies of Microsoft Windows will not be able to install the company's newly-released Security Essentials antivirus software. To install the software, users will be required to validate their copies of Windows operating systems.
Microsoft does allow users running pirated copies of Windows to download Internet Explorer 8 (IE 8), touted as the company's most secure browser yet. Microsoft also allows patches to be downloaded to pirated copies of Windows through Windows Update. There are other free anti-virus alternatives available, but the patches are available only from Microsoft.
martes, 25 de agosto de 2009
Microsoft Suspend Hotmail Attach-Photo Feature
Microsoft Suspends Hotmail Attach-Photo Feature
Microsoft has temporarily suspended the Attach-Photo feature in Hotmail because of security issues. The problem lies in the way the feature interacts with Internet Explorer (IE). Hotmail users can still attach photos to their messages through other methods. Attach-Photo was disabled in late July; Microsoft plans to restore the feature by the end of September. Users complained because they were not notified that the feature would be removed.
http://www.theregister.co.uk/2009/08/21/hotmail_attach_photo_pulled/
http://www.computerworld.com/s/article/9136958/Microsoft_Hotmail_users_angry_over_pulled_photo_feature?source=rss_news
Microsoft has temporarily suspended the Attach-Photo feature in Hotmail because of security issues. The problem lies in the way the feature interacts with Internet Explorer (IE). Hotmail users can still attach photos to their messages through other methods. Attach-Photo was disabled in late July; Microsoft plans to restore the feature by the end of September. Users complained because they were not notified that the feature would be removed.
http://www.theregister.co.uk/2009/08/21/hotmail_attach_photo_pulled/
http://www.computerworld.com/s/article/9136958/Microsoft_Hotmail_users_angry_over_pulled_photo_feature?source=rss_news
US Firms. Taget for Criminals
Cyber Criminals Targeting Smaller US Firms; Get Millions
Organized cyber-gangs in Eastern Europe are increasingly preying on small and mid-size companies in the United States, setting off a multimillion-dollar online crime wave that has begun to worry the nation's largest financial institutions.
The attacks are amazingly simple and the amount of money taken is large. The firms do not know how to protect themselves. In some cases where credit card theft has occurred, they have had to shut down because they lost the ability to process credit cards. Small businesses are being affected greatly by poor security practices. It isn't a risk issue. It is a survival one.
http://www.washingtonpost.com/wp-dyn/content/article/2009/08/24/AR2009082402272.html?hpid=topnews
Organized cyber-gangs in Eastern Europe are increasingly preying on small and mid-size companies in the United States, setting off a multimillion-dollar online crime wave that has begun to worry the nation's largest financial institutions.
The attacks are amazingly simple and the amount of money taken is large. The firms do not know how to protect themselves. In some cases where credit card theft has occurred, they have had to shut down because they lost the ability to process credit cards. Small businesses are being affected greatly by poor security practices. It isn't a risk issue. It is a survival one.
http://www.washingtonpost.com/wp-dyn/content/article/2009/08/24/AR2009082402272.html?hpid=topnews
miƩrcoles, 12 de agosto de 2009
Last Week Attack on Facebook and Twitter
The denial-of-service attacks that hobbled Twitter and Facebook last week were not conducted through botnets, but instead were the result of a spam campaign aimed at a taking out accounts that belong to a pro-Republic of Georgia blogger. The social networking and blogging sites suffered deteriorating service as spam recipients clicked on links that pointed to accounts belonging to the blogger known as Cyxymu. The links pointed to Cyxymu's accounts on YouTube and LiveJournal as well. The blogger has written an open letter asking Russian President Dmitry Medvedev to launch an investigation to find the culprits.
http://www.theregister.co.uk/2009/08/07/twitter_attack_theory/
http://www.computerworld.com/s/article/9136379/Security_researchers_zero_in_on_Twitter_hackers
http://www.theregister.co.uk/2009/08/10/cyxymu_letter_to_medvedev/
http://news.bbc.co.uk/2/hi/technology/8194395.stm
http://voices.washingtonpost.com/securityfix/2009/08/twitter_facebook_google_attack.html
http://www.theregister.co.uk/2009/08/07/twitter_attack_theory/
http://www.computerworld.com/s/article/9136379/Security_researchers_zero_in_on_Twitter_hackers
http://www.theregister.co.uk/2009/08/10/cyxymu_letter_to_medvedev/
http://news.bbc.co.uk/2/hi/technology/8194395.stm
http://voices.washingtonpost.com/securityfix/2009/08/twitter_facebook_google_attack.html
Suscribirse a:
Entradas (Atom)