[ UPDATE: Facebook has reversed itself and fixed this vulnerability ]
ZDNet.com reports:
The Register’s Dan Goodin has the scoop on an obvious security vulnerability that’s being ignored by the powers at Facebook.
The issue, as demonstrated by this proof-of-concept, shows how a social network application can be rigged to hijack a Facebook user’s session identification cookies, deliver pop-up messages or change the color of Facebook pages. Continue reading »
This is mostly a geek-read, so let me sum it up for you. The more apps you add to facebook and myspace, the less safe you are. Don’t add people you don’t know well (ouch, log in my own eye) and use unique passwords for each account. This or this may help.
“A quick (and very much incomplete) hall of shame here includes MySpace, LiveJournal, and Hi5, all of which we’re surprised haven’t sunk into the East Bay under the weight of their own pwnability.”
More here >> The ugly truth: Satan, social networks and security.
We thought it might be an AVG false positive, but thanks to a helpful comment from Martyn (here) we now know that’s not the case.
SHeur.bzpu is a backdoor trojan
http://www.microsoft.com/security/portal/SearchResults.aspx?query=SHeur.bzpu
Backdoor:Win32/Nuwar.gen!D
Aliases: SHeur.BCFX (AVG)
Description: Backdoor:Win32/Nuwar.gen!D is a generic detection for a backdoor trojan that allows unauthorized access to an infected computer. The trojan receives commands indirectly from a remote attacker via its connection to a malicious peer-to-peer network. This trojan also contains advanced stealth…
Published Date: 06/16/2008
Severity Rating: Medium
The Federal Bureau of Investigation and its partner, the Internet Crime Complaint Center (IC3), have received reports of recent spam e-mails spreading the Storm Worm malicious software, known as malware. These e-mails, which contain the phrase “F.B.I. vs. facebook,” direct e-mail recipients to click on a link to view an article about the FBI and Facebook, a popular social networking website. The Storm Worm virus has also been spread in the past in e-mails advertising a holiday e-card link. Clicking on the link downloads malware onto the Internet connected device, causing it to become infected with the virus and part of the Storm Worm botnet.
“The spammers spreading this virus are preying on Internet users and making their computers an unwitting part of criminal botnet activity. We urge citizens to help prevent the spread of botnets by becoming web-savvy. Following some simple computer security practices will reduce the risk that their computers will be compromised,” said Special Agent Richard Kolko, Chief, FBI National Press Office.
Everyone should consider the following:
* Do not respond to unsolicited (spam) e-mail.
* Be skeptical of individuals representing themselves as officials soliciting personal information via e-mail.
* Do not click on links contained within an unsolicited e-mail.
* Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.
* Validate the legitimacy of the organization by directly accessing the organization’s website rather than following an alleged link to the site.
* Do not provide personal or financial information to anyone who solicits information.
More here: Optimus Media News » FBI Warns of Storm Worm Virus.
WMA’s (windows media audio) are carrying a trojan/worm. When I have to clean someone PC, it’s usually because they were downloading illegal music downloads. Click here to read the rest of the story.
There are a growing number of reports that this is a false positive within AGV.
I’ll update you with more soon, but for now check out this excellent post on the topic (translated to English here). Complete with screen shots and search engine analysis.
Please leave a comment if you have any information to share. Unlike the AVG Forum, stupid questions will not be deleted nor the questioners abused. We were all stupid at some point so, chill-out folks.
Update: I have found AVG to do find this with multiple PCs in separate locations. It’s definitely a false positive (misreading from the AVG software). (A note to AVG users, don’t let this bother you, I’ve been using AVG for years and I think this is only the 2nd time Its found a false positive.)
Another Update: AVG will not quarantine Quickbooks files, but it will quarantine Quicken files automatically (in many cases). If you get a message that says the files were deleted you can get them out of AVG’s Virus Vault.
Update #3: I see that the folks at Quickbooks are aware of the issue and are working with AVG to repair it.