Thread: Security News

Instant messaging-based attacks soar

A new study by instant messaging security vendor IMlogic reported that hackers and virus writers are recognizing and exploiting the opportunities presented by IM-based attacks, PC World reports.

The number of IM attacks such as viruses, worms, and phishing scams has increased from 20 for all of 2004 to 571 in the second quarter of 2005 alone, representing an increased threat to both enterprise users and the average consumer, the study said.

The study reported that 70 percent of IM-based attacks target public IM networks and 30 percent target enterprises.

"IM usage has reached critical mass, and virus writers have now recognized it as a mostly undefended medium," said Francis deSouza from IMlogic.

Read the full story:
http://www.pcworld.com/news/article/0,aid,121711,00.asp

Microsoft offers temporary fix for 'extremely critical' flaw
Online July 7, 2005

Microsoft has updated a security advisory published in June, offering users a way to become immune to a highly critical flaw in Internet Explorer, IT Week reports.

The flaw causes IE to crash or could allow hackers to take control of a user's system by placing specially created code on a website.

It affects current versions of IE on fully patched systems, and has been rated 'extremely critical' by security website Secunia.

Microsoft has confirmed that the flaw and exploit code is publicly available, but claimed that it is not aware of any attacks using the exploit.

The workaround requires users to manually prevent a .dll file from running, or to set the Windows internet security settings to 'high' to prevent ActiveX commands from being executed.

Read the full story:
http://www.itweek.co.uk/vnunet/news/...-temporary-fix

Read the updated security advisory:
http://www.microsoft.com/technet/sec...ry/903144.mspx





Sasser author confesses in trial
Online July 6, 2005

The man on trial for writing the Sasser computer worm which wreaked havoc in big businesses and homes across the world last year has confessed to all the charges against him, Reuters reports.

Katharina Kruetzfeldt, judge at the court in the German town of Verden, said Sven Jaschan, 19, admitted to data manipulation, computer sabotage and interfering with public corporations in one of the biggest Internet attacks of its kind.

After emerging around May last year, versions of the Sasser worm went on to knock out an estimated one million computer systems among home users and companies.

State prosecutor Silke Streichsbier said she was "highly satisfied" with progress made at the trial, which is closed to the public as Jaschan was still a minor when some of the offences took place. A verdict is expected on Thursday.

Jaschan could face a maximum sentence of five years in prison as well as having to pay compensation to his victims.

Read the full story:
http://today.reuters.com/news/newsAr...-SASSER-DC.XML





Organised criminals send malware levels soaring
Online July 5, 2005

Security firm Sophos has seen a dramatic rise in the number of viruses, worms and Trojan horses this year as more organised criminals turn to cybercrime, ZDNet UK reports.

The firm reported last week that it had detected 7,944 new pieces of such malware in the first six months of this year ? almost 60 percent more than the same time last year.

The biggest growth was in Trojan horses ? programs that can damage a user's files, steal information, or even create a backdoor that can be used to compromise that PC.

Trojans cannot self-propagate in the same way as viruses, so they have typically been less prevalent. According to Sophos, their increased popularity shows the extent to which the creation of malware is increasingly becoming the preserve of professional criminals.

Read the full story:
http://news.zdnet.co.uk/internet/sec...9207187,00.htm

Read more news at http://www.bullguard.com/news
'till next week


The BullGuard Team

BullGuard Limited, 823 Salisbury House, 29 Finsbury Circus, EC2M 5QQ London, United Kingdom

Get spywared up people!! 8) And change from IE to Firefox. Since done this there has been no spyware on my laptop, would have been a load from IE.

:lol:

Yes, I gradually began appreciating Firefox but remember, it can be a little slow with connection but that gives you some extra time to rethink some other issues in the meantime... like go get a drink for instance...hehe!

YB.

And order the takeaway!!

Security News


Beware of those family postcards
Online June 30, 2005

A new spam campaign claiming to be a postcard from a family member is weaving its way through the internet, SC Magazine reports.

When opened the postcard unleashes the Clsldr.D and Divo.A trojan viruses, the latter capable of stealing personal details from online bank transactions.

"Because this email doesn't arrive with an attached file, some may believe it is harmless. But just visiting the web link on an unprotected computer puts it at risk of infection," said Graham Cluley from antivirus company Sophos.

"The message is simple, don't trust everything you read on the internet, and ensure you are not putting your computer and its data in danger."

The email is getting through the filters of at least one major email services company and is a particular danger because of the increasing popularity of e-cards.

Read the full story:
http://www.scmagazine.com/news/index...=Latest%20News





New Trojan masquerades as Microsoft patch
Online June 29, 2005

A newly discovered Trojan is being spread by spam posing as an urgent Microsoft security update, vnunet.com reports.

Web monitoring company Websense has issued a warning about the infected spam mails, which claim to protect against worm attacks.

If unwary users click on the link at the bottom of the email a new variant of the SDBot Trojan is downloaded onto their PCs.

The email header is as follows: 'Microsoft Security Bulletin MS05-039: New patch against W32/Sober, W32/Zafi, W32/Mytob'.

Read the full story:
http://www.vnunet.com/vnunet/news/21...icrosoft-patch





?6.5m phishing duo jailed for 10 years
Online June 28, 2005

Two men have been jailed for a total of ten years for stealing up to ?6.5m through an online identity scam, Computing reports.

The two men ran a UK syndicate which cloned credit cards using stolen financial information gained through email phishing scams, which trick online banking customers into giving out usernames and passwords.

The duo admitted to Leeds Crown Court that they received batches of credit card details and passwords from unnamed Russian individuals.

Phishing victim's identities and bank account details were then used to steal money from cash machines and buy and sell goods online, says the National Hi-Tech Crime Unit which arrested the pair earlier this month.

Read the full story:
http://www.computing.co.uk/computing...g-jailed-years


Read more news at http://www.bullguard.com/news
'till next week


The BullGuard Team


BullGuard Limited, 823 Salisbury House, 29 Finsbury Circus, EC2M 5QQ London, United Kingdom