Virus Information News

  1     2     3     4     5     6     7     8     9     10    | [Next]  [Last] of 172 page(s)

Hackers Break Into Computer-Security Firm's Customer Database

Washington Post

by Brian Krebs

December 19, 2005

Guidance Software -- the leading provider of software used to diagnose hacker break-ins -- has itself been hacked, resulting in the exposure of financial and personal data connected to thousands of law enforcement officials and network-security profession

Guidance alerted customers to the incident in a letter sent last week, saying it discovered on Dec. 7 that hackers had broken into a company database and made off with approximately 3,800 customer credit card numbers. The Pasadena, Calif.-based company said the incident occurred sometime in November and that it is working with the U.S. Secret Service on a more detailed investigation. Michael G. Kessler, president of New York City-based computer-forensics investigative firm Kessler International, received a letter notifying him that the company's American Express card was among those compromised by the attackers. Kessler received the notice from Guidance at the same time that a company credit-bill arrived with what he said were $20,000 in unauthorized charges for pay-per-click advertising at Google.com.

FTC: Computer users seeing less spam; law helped

computerworld.com

by Grant Gross

December 20, 2005

While the CAN-SPAM Act has helped the FTC and law enforcement agencies fight spam, computer users are seeing less spam largely because they're using blocking software and services, the agency reported today.

The antispam law, called the CAN-SPAM Act, has provided the FTC and law enforcement agencies a new weapon to fight spam, but much of the reason computer users are seeing less spam is because they're using blocking software and services, said the FTC in a 116-page report to Congress. The volume of spam seems to be leveling off, and blocking technologies are keeping most spam messages away from inboxes, the FTC said. "The e-mail landscape has changed significantly, largely for the better," the report said. "In essence, these developments suggest that spam has not, as once feared, destroyed the promise of e-mail." Some in the technology community have questioned

Sober virus scares up child-porn confession

securityfocus.com

by Robert Lemos

December 23, 2005

A 20-year-old German man turned himself in to authorities after receiving a copy of the mass-mailing virus, which arrives attached to an e-mail message claiming that law enforcement is investigating the recipient.

The Sober.X, also known as Sober.Y, virus attempts to fool computer users into running the malicious program by attaching itself to an e-mail that seems to come from the FBI or its German counterpart, known as the Federal Criminal Investigation Office or Bundeskriminalamt (BKA). The message implies that the law enforcement agency is investigating the recipient and asks the user to open up an attachment and answer questions. In reality, the attachment is the Sober virus, which quickly takes control of the victim's PC to send more copies of itself, said Mikko Hyppönen, chief research officer for antivirus firm F-Secure.

Beware of Strange iTunes/QuickTime Movies

eWeek

by Ryan Naraine

December 23, 2005

A private security researcher publishes a proof-of-concept exploit for a potentially serious bug in Apple's popular iTunes and QuickTime media players.

A heap overflow vulnerability in Apple Computer Inc.'s iTunes and QuickTime media players could put millions of PC and Mac users at risk of malicious hacker attacks, security experts warned Wednesday. In an advisory posted on Security-Protocols.com, researcher Tom Ferris warned that attackers can rig QuickTime movie files to trigger a denial-of-service crash that may lead to malicious code execution. In an interview with eWEEK, Ferris said he flagged the issue to Apple more than a month ago but only received a cursory confirmation that the bug was being investigated. As per policy, Apple does not comment on security issues until a patch is available.

Santa IM worm hits AOL, MSN and Yahoo

CNET News.com

by Dawn Kawamoto

December 23, 2005

A Santa Claus worm is attempting to trick America Online, Microsoft MSN and Yahoo instant-messaging users into clicking on a file that delivers unwanted software to a victim's computer.

The IM.GiftCom.All worm attempts to dupe IM users into thinking an acquaintance has sent them a link to a harmless Santa Claus file, according to a security advisory issued Tuesday by IMlogic. People who click on the file will see an image of Santa, but what they are less likely to notice is a so-called rootkit being installed onto their system. A rootkit is a tool designed to go undetected by the security software used to lock down control of a computer after an initial hack. The malicious attacker can then distribute messages to the user's IM contacts, using a similar technique to lure the unsuspecting acquaintance to click on the link.

Critical Symantec bug hits 40 products

The Register

by John Leyden

December 23, 2005

Critical Symantec bug hits 40 products

A flaw affecting many Symantec security products - both consumer and enterprise - has been discovered. Users of Symantec's Norton Internet Security 2005, Norton AntiVirus 2005, Norton Antivirus for Macs, corporate anti-virus apps and Brightmail anti-spam software (among others) all need to apply patches following the discovery of the "critical" security bug. In all 40 packages are affected. The vulnerability stems from a flaw in an library component (called Dec2Rar.dll) involving the processing of RAR archives. This vulnerability can be exploited as a means to inject hostile code onto vulnerable systems when a malicious RAR file is scanned. The flaw affects Dec2Rar.dll version 3.2.14.3 and potentially hits all Symantec products that use the library file, hence the large number of affected packages.

Sony settles 'rootkit' class action lawsuit

CNET News.com

by Ingrid Marson

December 29, 2005

Sony BMG has struck a deal with the plaintiffs in a class action lawsuit over copy-restriction software it used in music CDs, according to a settlement document filed at a New York court Wednesday.

The record label has agreed to compensate buyers of CDs that contained the XCP and MediaMax DRM programs and to provide software utilities to allow consumers to uninstall both types of software from their computer. The furor over Sony's DRM software began at the end of October when a U.S. programmer discovered that XCP software on a Sony music CD had installed copy-restriction software on his computer that was hidden using a rootkit. Antivirus companies later discovered Trojan horses that exploited this software to avoid detection and found that another type of Sony DRM, MediaMax, also posed a security risk.

Malware in the Air?

Unstrung

by Richard Martin

March 15, 2006

For the first time, researchers have raised the possibility of RFID tags being infected by viruses and worms.

In a paper being presented today at the Pervasive Computing and Communications Conference in Pisa, Italy, sponsored by the Institute of Electrical and Electronics Engineers Inc. (IEEE), a group of computer scientists show just how susceptible radio-frequency tags may be to malware. "Up until now, everyone working on RFID technology has tacitly assumed that the mere act of scanning an RFID tag cannot modify backend software, and certainly not in a malicious way," the paper's authors write. "Unfortunately, they are wrong."

Malicious-software spreaders get sneakier, more prevalent

USA Today

by Byron Acohido and Jon Swartz

April 24, 2006

From his home in Downey, Calif., the then-19-year-old high school dropout controlled thousands of compromised PCs, or "bots," that helped him earn enough cash in 2004 and 2005 to drive a souped-up 1993 BMW and spend $600 a week on new clothes and car part

But Ancheta got caught. In the first case of its kind, he pleaded guilty in January to federal charges of hijacking hundreds of thousands of computers and selling access to others to spread spam and launch Web attacks. In separate cases, federal authorities last August also assisted in the arrest of Farid Essebar, 18, of Morocco, and last month indicted Christopher Maxwell, 19, of Vacaville, Calif., on suspicion of similar activities. The arrests underscore an ominous shift in the struggle to keep the Internet secure: Cybercrime undergirded by networks of bots â€" PCs infected with malicious software that allows them to be controlled by an attacker â€" is soaring.

Are you still not backing up your data?

microsoft.com

by Kim Komando

April 26, 2006

You should know this by now: Computers can and do fail. And nasty viruses can take down your system by creeping through your antivirus software and firewall.

The problem is that you usually get no warning before it's too late. Puff! Your data is gone. This has happened to more than a few businesspeople. In extreme cases, it has put companies out of business. And the worst part is this: It's completely avoidable. By backing up your data, you can retrieve all or most of what you lose. Yes, yes, I hear some of you snickering about the hassle involved. Indeed, there is a hassle involved. But you owe it to yourself -- and your business -- to take stock of your backup plan (or lack thereof) by reviewing these tips.

  1     2     3     4     5     6     7     8     9     10    | [Next]  [Last] of 172 page(s)