Oct 30, 2007

Cracker site infects for money

PC World has interviewed researchers who have found a East European site which asks 0,2 $ / infected computer. Prepayment is also possible; you can buy eg. for 10000 infections for 2000 $.

After infection site sends purchaser IP addresses of infected machines that cracker knows where to attack. That site doesn't offer exploits or viruses but cracker can choose means freely.

Researchers believe that botnet can have millions of computers inside.

PC World warns that you shouldn't visit loads.cc as it might log IP addresses. There was found no malicious code on front page but that doesn't guarantee that also other pages there are clean.

Source: PC World

Labels: , ,

Oct 27, 2007

Gozi trojan comes with pdf file

Dangerous Gozi trojan is back and now it is bundled with pdf file.

It activates when user opens infected pdf file and after that it tries to steal information typed in ssl-protected sites (like online bank data).

Gozi comes from Russian Business Network servers like earlier and uses a week ago fixed vulnerability in Adobe Acrobat products.

Most common pdf file names have been BILL.pdf and INVOICE.pdf, sender name Gilbert and header "STATEMET indigene" but they can vary.

Source: eWeek

Labels: , ,

Oct 21, 2007

Vulnerability in RealPlayer fixed

Symantec
reported earlier this week an unknown vulnerability in RealPlayer.

That aims to cause buffer overflow that could make possible for an attacker to run malicious code on a user’s PC.

It's highly recommendable for RealOne Player, RealOne Player v2 and RealPlayer 10 users to upgrade to RealPlayer 10.5 or RealPlayer 11 beta and install available patch, same for RealPlayer 10.5 or RealPlayer 11 beta users.

Source

Labels: ,

Oct 19, 2007

Firefox 2.0.0.8 released

In new Firefox version there have been fixed 8 vulnerabilities, two of them classified as critical, four of them as moderate and other two as low.

One of the moderate vulnerabilities is related to URIs with invalid %-encoding mishandled by Windows. This has already been fixed in 2.0.0.6 version. However, that patch didn't prevent the incorrect file-handling programs from launching which cause some risk.

2.0.0.8 has also support for Mac OS X 10.5 (Leopard) with some known issues affecting some media plugins.

Download latest version of Firefox

Labels: ,

Oct 18, 2007

Opera fixed 3 vulnerabilities

Opera fixed in latest version (9.24) three vulnerabilities, two of them being critical.

First of them is about that external news readers and e-mail clients can be used to execute arbitrary code.

Second one is related to how Opera handles forms. If a web site is formulated in certain way it can execute html- and javascript code in another website's context.

Third is for Apple Mac OS X only. It applies if there is Opera installed with Adobe Flash Player 9.0.47.0 and earlier. No details were published.

More info about vulnerabilities:

Link 1
Link 2
Link 3

Labels: , ,

Oct 17, 2007

Skype Defender steals passwords

There is a new malware spreading which pretends to be Skype login screen and tries to steal sensitive information such as login credentials.

After user has entered username and password, malware displays a message saying that the name and password were unrecognized. Skype Defender collects the entered username and password and also all usernames and passwords which are saved in Internet Explorer, and sends them over to a website for collection.

Skype Defender can be removed by manually deleting 65404-SkypeDefenderSetup.exe. Eg. F-secure, Trend Micro and Symantec products should be already able to recognize and delete Skype Defender.

Source

Labels: ,

Oct 15, 2007

Use Parental Control feature in Vista

Did you know that Vista has Parental Control?

That's right and you can use it for filtering certain websites that your children can't access them.

See more here

Remember that user account has to be non-administrator so that changes can't be reversed.

More nice Vista tips can be found here

Source: howtogeek.com

Labels: ,

Oct 13, 2007

Research reveals - over half of Europeans use same password everywhere

McAfee published results of the new research which pointed out that almost quarter of Europeans use weak passwords and that's why risk for identity theft and online frauds is high.

According to research almost 25 percent of Europeans use always same password for all accounts and almost 25 percent never changes it. This adds risk of password stealing/breaking and that's why risk of loosing all personal information to wrong hands is greater, too.

Research also reveals that people don't believe in experts advise to use longer and more complex passwords. Almost third uses
passwords that are 1-6 character long and almost quarter uses only letters in password.

59 percent of people who responded to research used always or in most cases same password everywhere. In addition to those 43 percent which never change their passwords, McAfee reveals that 16 percent changes password once a year and only 11 percent changes it three times a year as suggested.

It's not surprising that we have only one password because the amount of the services needing passwords has hugely increased within the last few years. That results in that more and more of us leaves "digital DNA trace" available for others, too.

41 percent of people who responded to research claimed that they use their personal information in online services at least once a day and 20 percent told that they use password 10-30 times a day.

Because we need a lot of passwords that means that many of us use only a few and easy passwords.

22 percent of users use simple passwords and password which contain only letters. Most popular passwords were pet names. After that most popular ones were hobbies and mothers maiden name. This is not surprising but it is alarming that social web services (eg. Facebook and MySpace) have that kind of information.

Top ten passwords:

1. Pet name
2. Hobby
3. Mothers maiden name
4. Family member birthday
5. Own birthday
6. Partner name
7. Own name
8. Favourite football team
9. Favourite color
10. First school

Source: McAfee

Labels:

Oct 12, 2007

Tracking cookies - what they are and how to get rid of them

Tracking cookies are cookies that track your web browsing habits.

They are browser settings which create a unique ID for the user for certain websites. The tracking cookies are recreated again and again when you browse the web.

In general, a tracking cookie is not dangerous.

It's more handy to prevent them coming than just keeping to remove them again and again.

Here are some useful settings for more common browsers:

Internet Explorer: Open "Internet Options..." from the "Tools" menu. Choose the "Privacy" tab, and raise the Settings to at least Medium; or use the "Advanced..." button to enabled "Override automatic cookie handling" and set "Third-party Cookies" to "Block".

Firefox 2.0: Type "about:config" into Firefox's address bar, then type "network.cookie.cookiebehavior" in the "Filter" box. That will leave one settings line visible; double-click it, type "1" in the "Enter integer value" box, then click OK.

Opera: Open "Preferences" from the "Tools" menu. Click on "Privacy" in the list on the left, then open the pull-down list about "Third party cookies" on the right and set it to "Refuse all cookies".

Opera 9: Open "Preferences" from the "Tools" menu, go to "Advanced" → "Cookies" and select "Accept cookies only from the site I visit.".

Source

Labels: ,