Nov 13
This is big folks. I recommend getting firefox’s “no script” add-on right away.
Firefox Security Flaw Affecting Gmails Users - The Firefox JAR vulnerability still there!
Last week, security companies around the world spotted a new vulnerability in Mozilla Firefox which could allow the attackers to use a malicious JAR file to harm users computers. The security flaw is still there and moreover, it seems it affects most websites on the Internet including the super search giant Google.
GnuCitizien wrote that Michal Zalewski from Google you know, that famous hacker who joined Googleplex required additional information about a potential exploitation over the companys technologies. In addition, beford.org discovered a way to steal the Gmail contact list using a malicious JAR file especially created to take advantage of the Firefox vulnerability.
Im not going to offer you more details about it but Ill give you a tip on how to remain protected against attacks. You can always install the NoScript extension which was already updated to provide protection for this exploit. In case you never tried it, NoScript is an add-on designed to work with Mozilla Firefox which is supposed to disable the webscripts included on the websites you choose.
More at Softpedia
Oct 10
‘Storm worm’ exploits YouTube | Tech News on ZDNet
Spammers are exploiting YouTube’s “invite your friends” function to send spam containing a variant of the “Storm worm.”Bradley Anstis, director of product management at security firm Marshal, said that spammers are taking advantage of the YouTube function that lets people invite friends to view videos that they have viewed or posted. The function allows someone to e-mail any address from an account.
The scam on Google’s video-sharing site is targeting Xbox owners, urging recipients to collect a prize version of the popular game Halo 3. Anstis said clicking on the link to “winhalo3″ leads to a file containing a Storm trojan.
To date, Marshal has tracked around 150,000 of the spam e-mail messages thought to have originated from YouTube accounts.
Jul 14
There are a growing number of reports that this is a false positive within AGV.
I’ll update you with more soon, but for now check out this excellent post on the topic (translated to English here). Complete with screen shots and search engine analysis.
Please leave a comment if you have any information to share. Unlike the AVG Forum, stupid questions will not be deleted nor the questioners abused. We were all stupid at some point so, chill-out folks.
Update: I have found AVG to do find this with multiple PCs in separate locations. It’s definitely a false positive (misreading from the AVG software). (A note to AVG users, don’t let this bother you, I’ve been using AVG for years and I think this is only the 2nd time Its found a false positive.)
Another Update: AVG will not quarantine Quickbooks files, but it will quarantine Quicken files automatically (in many cases). If you get a message that says the files were deleted you can get them out of AVG’s Virus Vault.
Update #3: I see that the folks at Quickbooks are aware of the issue and are working with AVG to repair it.
Apr 11
MSN messenger users are seeing this message sent to people on thier contact list:
Hey, I get my MSN Names from http://www.IM-Names.com
Remove the malware with your favorite spyware killer (like Ad-aware)
If you have questions or comments you are welcome to leave them in the comments section.
Ron’s Note: Good fix from Dave below:
Feb 02
Experts at SophosLabsâ„¢, Sophos’s global network of virus, spyware and spam analysis centers, have warned users not to panic over the threat posed by the Nyxem-D worm (also known as Blackworm, Email-Worm.Win32.VB.bi, Win32/Mywife.e or W32.Blackmal.E@mm), which is programmed to wipe data on infected computers on Friday 3 February, but to take calm action.
“When you panic, you make mistakes,” said Graham Cluley, senior technology consultant for Sophos. “Sit down, have a cup of tea, and work out if you have done everything you should have done to ensure your computer isn’t at risk from the Nyxem worm, and indeed any of the other 120,000 pieces of malware in existence.”
The W32/Nyxem-D worm, which can pose as pictures of the Kama Sutra, has a destructive payload, which triggers half an hour after a computer is booted on the third day of any month, destroying DOC, XLS, MDB, MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP files by replacing their contents with the phrase:
DATA Error [47 0F 94 93 F4 K5]
The Nyxem worm overwrites files with a bogus error message
Sophos automatically updated customers with protection against the W32/Nyxem-D Windows worm, which does not infect Macintosh computers, at 16:03 GMT on 16 January 2006. Experts believe that home users may be at more risk than businesses because typically they take security issues less seriously.
Need Antivirus?
I recommend Bsafe Online’s Security Suite. A 10-day FREE trial is available here.
Read More here:
Sophos urges calm as panic over Friday’s Nyxem worm attack spirals
Dec 21
VIRUS ALERT!
A Santa Claus worm is attempting to trick America Online, Microsoft MSN and Yahoo instant-messaging users into clicking on a file that delivers unwanted software to a victim’s computer.
The IM.GiftCom.All worm attempts to dupe IM users into thinking an acquaintance has sent them a link to a harmless Santa Claus file, according to a security advisory issued Tuesday by IMlogic.
People who click on the file will see an image of Santa, but what they are less likely to notice is a so-called rootkit being installed onto their system. A rootkit is a tool designed to go undetected by the security software used to lock down control of a computer after an initial hack. The malicious attacker can then distribute messages to the user’s IM contacts, using a similar technique to lure the unsuspecting acquaintance to click on the link.
The Santa worm is the latest tactic to be used on IM networks. Past tricks have included offers of movie clips to the latest release of “Star Wars” that instead led to an infected computer.
Full story here:
http://news.zdnet.com/2100-1009_22-6002790.html
Recent Comments