Alerts
Feb 24, 2009 (17 hours ago)
New Excel Trojan Hits the Net
from McAfee Avert Labs by Shinsuke Honjo, Geok Meng Ong
– Update Feb 24, 10:15 PDT –
Microsoft has released a security advisory for this issue (CVE-2009-0238):
http://www.microsoft.com/technet/security/advisory/968272.mspx
Many versions of Excel are vulnerable, including 2000, 2002, 2003, 2007, 2004/2008 for Mac, Excel Viewer/Excel Viewer 2003.
–
A trojan exploiting an unpatched Microsoft Excel vulnerability has been reported from the field. McAfee Avert Labs has confirmed that Microsoft Excel 2007 and 2003 are affected. Other versions may also be impacted.
McAfee DAT files identify known malicious Excel spreadsheet files as Exploit-MSExcel.r trojan, and dropped files as BackDoor-DUE trojan in the 5534 DATs.
As with the initial Exploit-PDF.i threat, current attacks are very targeted and limited. When succesfull, it installs a backdoor that attempts to connect a remote site port 80 and waits for commands.
The mitigation for this infection is to block unknown TCP connections. However, one of the best protection methods is to remain vigilant against Excel files from untrusted sources or sent at an unexpected time until a security update is available.
4:52 AM (1 hour ago)
After CERT warning, Microsoft delivers AutoRun fix
from Network World on Security by Robert McMillan
Microsoft is pushing out a software update to some Windows users that fixes a bug in the Windows AutoRun software, used to automatically launch programs when DVDs or USB devices are introduced to the PC.
Feb 24, 2009 (18 hours ago)
Attackers targeting unpatched vulnerability in Excel 2007
from Network World on Security by Jeremy Kirk
Microsoft's Excel spreadsheet program has a 0-day vulnerability that attackers are exploiting on the Internet, according to security vendor Symantec.
4:34 AM (2 hours ago)
Preview/Iphone/Linux pdf issues, (Wed, Feb 25th)
from SANS Internet Storm Center, InfoCON: green
ISC had a few readers write in to let us know that the recent PDF/JBIG issues were cropping up on ot ...(more)...
10:02 PM (8 hours ago)
Adobe flash player patch, (Wed, Feb 25th)
from SANS Internet Storm Center, InfoCON: green
A few readers wrote in to point out the fact that adobe released a new flash update today. It ...(more)...
10:02 PM (8 hours ago)
Adobe Acrobat pdf 0-day exploit, No JavaScript needed!, (Wed, Feb 25th)
from SANS Internet Storm Center, InfoCON: green
So there is a brief blog post linked below that highlights the fact that the new adobe PDF vulnerabi ...(more)...
Feb 24, 2009 (16 hours ago)
Microsoft Releases Security Advisory 968272 Relating To A Vulnerability In Office Excel, (Tue, Feb 24th)
from SANS Internet Storm Center, InfoCON: green
This day just keeps getting better and better. ...(more)...
Feb 24, 2009 (21 hours ago)
Gmail Access Issues Early This AM, (Tue, Feb 24th)
from SANS Internet Storm Center, InfoCON: green
Greetings and welcome to Tuesday, Feb 24th. A number of our readers have written in to repo ...(more)...
Feb 24, 2009 (12 hours ago)
Brief: Attacks prompt Microsoft to fix Excel flaw
from SecurityFocus News
Attacks prompt Microsoft to fix Excel flaw
Security News
Feb 24, 2009 (17 hours ago)
What Have We Learned From Past Virus Infections?
from McAfee Avert Labs by Vinoo Thomas
The year 2009 has so far have a been hectic one for anti-virus vendors and IT administrators alike, “thanks” to two prolific malware families: W32/Conficker and W32/Virut. Malware researchers and field engineers have literally burned the midnight oil to ensure networks are protected against these threats.
Some of the organizations that were hit with these infections had the latest Microsoft updates installed but still got infected. During the post-mortem of the outbreaks, one glaring mistake stood out.
Administrators routinely attend to distress calls from users whenever they have an issue with their machines. By habit, the admins tend to log onto the affected workstation using their own accounts—which have domain-administrator privileges. For a moment, let us assume the suspicious user’s workstation was infected with W32/Conficker. What could possibly go wrong from here?
Feb 24, 2009 (15 hours ago)
Malware Riding On The Tides Of The Economic Crisis
from McAfee Avert Labs by Micha Pekrul
A new spam run is on the loose, misusing the global Economic Crisis as its social-engineering vector. Consumers looking for a bargain should take care, since the bad guys exactly want to fool people trying to save some money these days. Spam mails promoting bargains, which could help in the recession, are hitting the inboxes right now.
6:31 AM (15 minutes ago)
Excel Trojan targets unpatched flaws
Another day, another zero-day threat
Virus authors have reportedly created a Trojan that exploits an unpatched vulnerability in a range of versions of Excel.…
12:30 AM (6 hours ago)
Banking app vuln surfaces 18 months after discovery
Patch procrastination bares 24 sites
As a security auditor for 11 years, Adriel Desautels has written his share of vulnerability advisories, but never one like the one he issued Tuesday for a software package made by a small Vermont company called Cambium Group.…
Feb 24, 2009 (14 hours ago)
Adobe Flash vulnerable to remote-execution exploit
Attack of the killer Shockwaves
Updated Already under the gun for a critical hole in its ubiquitous Acrobat Reader, Adobe's security team has pushed out a fix for another serious vulnerability, this one in the company's Flash animation software.…
Feb 24, 2009 (15 hours ago)
Google's DoubleClick spreads malicious ads (again)
Lingering threat still not contained
Google's DoubleClick ad network has once again been caught distributing malicious banner displays, this time on the home page of eWeek.…
Feb 24, 2009 (17 hours ago)
Auction tools firm roots out malware infection
Trojan goes under the hammer at Auctiva.com
Auction tools site Auctiva.com has cleaned up its systems after it became the unwitting participant in a malware attack late last week.…
Feb 24, 2009 (19 hours ago)
Unofficial patch plugs 0-day Adobe security vuln.
Mind the gap
Updated Security researchers have developed an unofficial patch for a zero-day Adobe Acrobat and Reader vulnerability that's become the subject of hacker attacks.…
Feb 24, 2009 (21 hours ago)
Lads from Lagos crack cabinet minister's webmail account
Person in peril scam follows mystery Hotmail hack
Advanced fee fraudsters have broken into the webmail account of UK Justice Secretary Jack Straw to mount an audacious, and potentially politically embarrassing, scam.…
Feb 24, 2009 (19 hours ago)
Rogue Facebook app creates malign buzz
Sting in the tail
A Facebook application using misleading messages spread quickly over the weekend. The application itself did no harm beyond making a mess but may be part of an indirect attempt to attract surfers towards sites promoting scareware packages.…
Feb 24, 2009 (18 hours ago)
Remove a Virus or Other Malicious Infection
from Network World on Security by Lincoln Spector
A particularly malicious program infected Kentuckyearl's computer. He asked the Answer Line forum how to get rid of it.
4:52 AM (1 hour ago)
Laid-off Workers as Data Thieves?
from Network World on Security by Bill Brenner
When the depths of the economic crisis became clear last September, public relations firms started using it as an opportunity to drum up publicity for their security vendor clients. One PR flak even started her e-mail pitch to me with an admission that the IT angle was a stretch.
4:52 AM (1 hour ago)
Gov't CIO survey: Cybersecurity still needs work
from Network World on Security by Grant Gross
Cybersecurity continues to be a top concern among U.S. government CIOs, but agencies are still falling short of achieving good security results, according to a new survey of top government IT officials.
4:52 AM (1 hour ago)
VeriSign: We will support DNS security in 2011
from Network World on Security by Carolyn Duffy Marsan
VeriSign has promised to deploy DNS Security Extensions – known as DNSSEC – across all of its top-level domains within two years.
Feb 24, 2009 (22 hours ago)
WMAT Released - Web Mail Auth Tool For Testing Web Mail Logins
from Darknet - The Darkside by Darknet
WMAT is Web Mail Auth Tool that provide some essential functions for testing web mail logins, written in python with support of pyCurl. How it works? It is very simple, You give WMAT file with usernames, file with passwords, URL of web mail app and chose pattern for attack. Patterns are XML files that define post/get fields, [...]
Read the full post at darknet.org.uk
Feb 24, 2009 (13 hours ago)
Hackers Exploit Excel 'Zero-Day' Flaw
from PC World Latest Technology News
Microsoft confirms critical bug as attacks target Asian government offices, corporations.
Feb 24, 2009 (18 hours ago)
Are Alternative PDF Readers Vulnerable to Acrobat Exploit?
from PC World Latest Technology News
Symantec discovered a vulnerability in Adobe Acrobat Reader that can be exploited by specially targeted Trojans.
Feb 24, 2009 (22 hours ago)
Attackers Targeting Unpatched Vulnerability in Excel 2007
from PC World Latest Technology News
Microsoft's Excel spreadsheet program has a 0-day vulnerability that attackers are already exploiting on the Internet...
Other News
'Plug Computers' May Web-Enable Hard Drives
from PC World Latest Technology News
Marvell Technology touts a computer that is smaller and cheaper than a netbook.
Feb 24, 2009 (22 hours ago)
VMware Adds to Cloud Strategy
from PC World Latest Technology News
VMware has security for its cloud OS, an API for integrating internal and external clouds, and improved management features in...
8:59 PM (10 hours ago)
Marvell Plans $100 Computer Inside a Wall Plug
from Wired Top Stories by Priya Ganapati
Marvell is planning a new category of computers called plug computers that resemble cellphone chargers but pack a hefty punch. They won't have a display but can be used as a home server or a network-attached storage device.
Feb 24, 2009 (14 hours ago)
Marvell's SheevaPlug Linux PC fits in its power adapter
from Engadget by Joseph L. Flatley
Marvell has the technology and the vision, and if the company gets its way the world will soon be overrun by lilliputian Linux machines. Hiding in wall warts and the like, these guys will begin quietly taking over tasks that we once relegated to servers and desktop machines. To this end, the company has just announced that they'll be making the SheevaPlug dev kit available. This is the platform that PogoPlug is based on, consisting of a 1.2GHz Kirkwood processor, 512MB flash storage, 512MB DRAM, a Gigabit Ethernet port, and USB 2.0. This bad boy supports many standard Linux 2.6 kernel distributions, and the whole thing plugs directly into a standard wall socket, drawing "less than one tenth of the power of a typical PC" while in use. Currently available for $99, the company says that it anticipates a price drop to $49 "in the near future."
No comments:
Post a Comment