1c86f Zero Day | ZDNet.com
On BNET: Cure a bad mood with YouTube
BNET Business Network:
BNET
TechRepublic
ZDNet

ZDNet Must Read:

Google fixes critical XSS vulnerability

Hours after a proof of concept example detailing a XSS vulnerability at Google's account login page was posted at the XSS Project's clearing house, the company quickly took notice and... Continued »

November 20th, 2008

Under worm attack, US Army bans USB drives

Posted by Ryan Naraine @ 10:34 am

Categories: Browsers, Rootkits, Spyware and Adware, Exploit code, Viruses and Worms, Data theft, Locally Running Web Servers, Anti Virus, Malware

Tags: Malware, USB Flash Drive, Worm Attack, USB, Cyberthreats, Spyware, Adware & Malware, E-mail, Viruses And Worms, Security, Online Communications

Under worm attack, US Army bans USB drivesUnder sustained attack from what is described as a rapidly spreading network worm, the U.S. army has banned the use of USB sticks, CDs, flash media cards, and all other removable data storage devices, according to internal e-mail messages seen by Wired’s Noah Shachtman.

According to the article, service members have been ordered to “cease usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware.”  Eventually, some government-approved drives will be allowed back under certain “mission-critical,” but unclassified, circumstances. “Personally owned or non-authorized devices” are “prohibited” from here on out, according to the e-mails.

Read the rest of this entry »

November 19th, 2008

What does the spam ISP shutdown really mean?

Posted by Adam O'Donnell @ 4:49 pm

Categories: Punditocracy, Spam and Phishing, Research

Tags: Internet Service Provider, Cyberthreats, Internet Service Providers (ISPs), Spam, Security, Internet, Spam And Phishing, Adam O'Donnell

It has been over a week since the takedown of an ISP responsible for directing a large portion of Internet’s spam. While many groups immediately hailed a massive drop in spam, the true story was more nuanced.
Read the rest of this entry »

November 19th, 2008

Malware found in Lenovo software package

Posted by Ryan Naraine @ 11:07 am

Categories: Microsoft, Browsers, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Data theft, Anti Virus, Malware, Research

Tags: Lenovo Group Ltd., Malware, Microsoft Windows, Spyware, Adware & Malware, Cyberthreats, Microsoft Windows XP, Tools & Techniques, Viruses And Worms, Security, Operating Systems

Malware found in Lenovo ThinkCenter driverComputer maker Lenovo is shipping a malware-infected software package to Windows XP users, according to warning from anti-virus researchers at Microsoft.

The malicious file was identified by Microsoft as Win32/Meredrop, a Trojan dropper that is used to install and execute multiple malicious executables on an infected computer. Other anti-virus vendors are detecting the threat as a ‘hooligan’ virus or a porn dialer. It was found the Lenovo Trust Key software for Windows XP, a digitally signed driver package available to Windows XP SP2 users.

Read the rest of this entry »

November 18th, 2008

Fake Windows XP activation trojan goes 2.0

Posted by Dancho Danchev @ 7:23 pm

Categories: Hackers, Microsoft, Browsers, Botnets, Privacy, Passwords, Anti Virus, Malware

Tags: Security, Cybercrime, Crimeware, Social Engineering, Windows XP, Dancho Danchev

Fake Windows XP activation trojanKnown as Kardphisher and “in the wild” since April, 2007, last week the malware author of this trojan horse mimicking the Windows XP activation interface while collecting the credit card details the end user has submitted, has made significant changes to visual interface and usability of the trojan, consequently improving its authenticity. Guess what happens when a gullible end user falls victim into this social engineering attack?

Read the rest of this entry »

November 18th, 2008

Commercial vendor of spyware under legal fire

Posted by Dancho Danchev @ 3:37 pm

Categories: Hackers, Browsers, Spyware and Adware, Data theft, Privacy, Passwords, Anti Virus, Malware

Tags: Security, Keylogging, CyberSpy Software LLC, RemoteSpy, Surveillance, Dancho Danchev

RemoteSpy SoftwareJust like every decent marketer out there, vendors of commercial malware tools are very good at positioning their tools. However, their pitches often contradict with themselves in a way that what’s promoted as a Remote Administration Tool, has in fact built-in antivirus software evading capabilities, rootkit functionality and tutorials on how to remotely infect users over email.

This fake positioning is finally receiving the necessary attention. CyberSpy Software LLC, a popular vendor of such commercial spyware tools has been recently targeted by the U.S Federal Trade Commission, with the company’s sites shut down already. Wish it was that simple.

Read the rest of this entry »

November 18th, 2008

What really happened to the candidates’ computers?

Posted by Adam O'Donnell @ 3:11 pm

Categories: Data theft, Governments, United States of America, Complex Attacks

Tags: BusinessWeek, Computer, Attack, Government, E-mail, Vertical Industries, Security, Online Communications, Enterprise Software, Software

Now that two weeks have passed since the end of the presidential campaigns, it is worthwhile to take a look at what I think should have one of the biggest cybercrime stories of the year. As Ryan blogged the day after the election, both the McCain and the Obama campaigns’ systems were compromised by an external party, and this compromise lead to a massive data exfiltration. If these reports turn out to be true, the attack is a huge coup for the attacking party.
Read the rest of this entry »

November 18th, 2008

Microsoft kills OneCare, replaces it with freebie ‘Morro’

Posted by Ryan Naraine @ 2:17 pm

Categories: Browsers, Rootkits, Exploit code, Viruses and Worms, Data theft, Arbitrary Code Execution, Anti Virus, Malware

Tags: PC, Microsoft Windows Live, Malware, Microsoft Corp., Microsoft Windows Live OneCare, Microsoft Windows, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security

Microsoft kills OneCare, pushes ‘free’ anti-malware toolMicrosoft today announced plans to kill its Windows Live OneCare PC care and security suite and replace it with a free anti-malware utility.

The new product, code-named “Morro,” will be designed for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios or less powerful PCs, Microsoft said its surprise announcement.

Retail sales of Windows Live OneCare, which offered non-security PC care features such as printer sharing, data backup and automated PC tune-up, ends on June 30, 2009.

Read the rest of this entry »

November 17th, 2008

Anti fraud site hit by a DDoS attack

Posted by Dancho Danchev @ 4:01 pm

Categories: Hackers, Botnets, Pen testing, Denial of Service (DoS), Russia, Malware

Tags: Security, Cybercrime, DDoS, Fraud, Bobbear, BlackEnergy, Dancho Danchev

Bobbear DDoS AttackThe popular British anti-fraud site Bobbear.co.uk is currently under a DDoS attack (distributed denial of service attack) , originally launched last Wednesday, and is continuing to hit the site with 3/4 million hits daily from hundreds of thousands of malware infected hosts mostly based in Asia and Eastern Europe, according to the site’s owner. Targeted DDoS attacks against anti-fraud and volunteer cybercrime fighting communities clearly indicate the impact these communities have on the revenue stream of scammers, and with Bobbear attracting such a high profile underground attention, the site is indeed doing a very good job.

Read the rest of this entry »

November 17th, 2008

Adobe AIR hits ‘critical’ security turbulence

Posted by Ryan Naraine @ 1:59 pm

Categories: Patch Watch, Browsers, Responsible disclosure, Exploit code, Data theft, Passwords, Java, Adobe, Flash, Arbitrary Code Execution, Malware, Web 2.0

Tags: Adobe Systems Inc., Adobe AIR, Macromedia Flash Player, Scripting Languages, Security, Software/Web Development, Web Development, Ryan Naraine

Adobe Air update fixes critical vulnerabilityBuried in today’s flurry of feel-good Adobe news is this less flattering nugget:  Adobe AIR is vulnerable to several critical vulnerabilities that could expose users to code execution attacks.

The company released AIR 1.5 with fixes for previously discussed flaws in Flash Player (which is embedded into AIR) and a patch for a separate issue that allows the execution of untrusted JavaScript with elevated privileges.

As this bulletin explains, the issues are all remotely exploitable:

Read the rest of this entry »

November 17th, 2008

Apple turns to Google for Safari anti-phishing

Posted by Ryan Naraine @ 9:58 am

Categories: Apple, Microsoft, Browsers, Spam and Phishing, Spyware and Adware, Data theft, Mozilla, Google, Firefox, Passwords, eBay, Phishing, Arbitrary Code Execution, Malware

Tags: Google Inc., Apple Safari, Apple Inc., Phishing, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Ryan Naraine

Apple finally goes phishing on SafariApple has quietly teamed up with Google to add anti-phishing features into the latest version of the Safari browser.

The feature, turned on by default in Safari 3.2, displays a warning page (see screenshots below) when Safari users surf to a fraudulent Web site.  It is powered by Google’s blacklist of fake Web sites that are used to steal user credentials for banking and other finance-related Web sites.

Read the rest of this entry »

Ryan Naraine is a security evangelist at Kaspersky Lab, an anti-malware company with operations around the world. See his full profile and disclosure of his industry affiliations.

Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Essential Topics Click Here

advertisement

Recent Entries

Most Popular Posts

advertisement

Archives

ZDNet Blogs

Fusion

advertisement
Click Here