E-mail Scammers Target Microsoft Users

October 16, 2008 – 7:10 AM

Microsoft users are being targeted again by malware via e-mail, scammers/spammers never give up and for once the e-mail looks fairly legitimate.

Usually this kind of ‘baitware’ is riddled with terrible grammar and horrible spellings, do make sure you brief the less security aware friends you have about this though just in case.

Source:
http://www.darknet.org.uk/2008/10/e-mail-scammers-target-microsoft-users/

AVG flags ZoneAlarm as malware

October 16, 2008 – 5:57 AM

Grisoft, makers of AVG antivirus, on Wednesday released a new update addressing a false positive in another security product.

On Tuesday, AVG users reported desktops warnings that their desktop was infected with something called Trojan Agent r.CX. Some files within zlsSetup_70_483_000_en[1].exe, a compressed file containing dormant set-up files for Check Point’s ZoneAlarm, apparently set off the alarm. The ZoneAlarm user forum soon filled with concerned users.

Grisoft did not respond to a request for comment.

Laura Yecies, vice president and general manager of Check Point’s ZoneAlarm consumer division said, “as soon as Check Point learned that AVG’s recent antivirus update was mistakenly flagging a ZoneAlarm file as a virus, we contacted AVG and they issued an update within hours that corrected the problem. AVG users will automatically get the update that corrects the issue.”

Source:
http://news.cnet.com/8301-1009_3-10067148-83.html?part=rss&subj=news&tag=2547-1009_3-0-20

Adobe fixes clickjacking flaw

October 16, 2008 – 5:35 AM

Adobe Systems has released a new version of its Flash Player software, fixing a critical security bug that could make the Internet a dangerous place for Web surfers.

The new Flash Player 10 software, released Wednesday, fixes security flaws in Adobe’s multimedia software including bugs that could allow hackers to pull off what’s known as a clickjacking attack, wrote Adobe spokesman David Lenoe in a blog posting.

For those who can’t update to this new version of Flash, a Flash 9 security patch is still about a month off, he added. Adobe rates the clickjacking bug as ‘critical.’

Although not widely used by criminals, clickjacking has received a lot of attention since it was first discussed a month ago. Flash isn’t the only software that is vulnerable to a clickjacking attack, but Flash attacks have been considered among the most dangerous.

Source:
http://www.computerworld.com.au/index.php/id%3b1720950319%3bfp%3b4%3bfpid%3b16

New Google bugs empower phishermen

October 11, 2008 – 8:07 AM

Google’s Gmail service suffers from security flaws that make it trivial for attackers to create authentic-looking spoof pages that steal users’ login credentials, a security expert has demonstrated. Google Calendar and other sensitive Google services are susceptible to similar tampering.

A proof-of-concept (PoC) attack, published by Adrian Pastor of the GNUCitizen ethical hacking collective, exploits a weakness in the google.com domain that allows him to inject third-party content into Google pages. The result is this page, which allowed him (at time of writing, anyway) to display a fraudulent Gmail login page that displayed mail.google.com in the browser’s address bar.

“The previous PoC URL will cause the entered credentials to be submitted to www.gnucitizen.org when clicking on the Sign in, so please do NOT submit any real credentials,” Pastor warns here.

A Google spokesman said company security pros were looking into the reports.

The attack is another cautionary reminder to designers of websites and software of the importance of fixing vulnerabilities even when they may at first appear inconsequential.

Source:
http://www.theregister.co.uk/2008/10/10/google_cross_domain_bug/

Exploit code loose for six-month-old Windows bug

October 10, 2008 – 12:33 PM

Microsoft Corp. yesterday acknowledged that exploit code is circulating for a vulnerability it acknowledged six months ago, but has yet to patch.

It’s not clear whether Microsoft intends to fix the flaw next week.

On Thursday, Microsoft revised a security advisory it first posted April 19 about a bug in Windows XP, Vista, Server 2003 and Server 2008 that could be exploited to gain additional privileges on vulnerable machines. “Exploit code has been published on the Internet for the vulnerability addressed by this advisory,” confirmed Bill Sisk, a communications manager at Microsoft’s Security Response Center in a post to the MSRC blog.

The vulnerability has a convoluted history.

In late March, Argentinean security researcher Cesar Cerrudo announced he had found a bug that could let attackers bypass some of the security schemes in the newest versions of the operating system, including Windows Server 2008. At the time, Sick called Cerrudo’s bug a “design flaw” rather than a vulnerability, and downplayed the threat.

Source:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9116924&source=rss_topic17