Thread: Security News-4/09/05

Microsoft adds antiphishing to IE toolbar

Microsoft has released a pair of add-ins to its MSN Search Toolbar with Windows Desktop Search, including one that detects Web sites that cybercriminals may be using to carry out phishing scams, PC World reports.

Microsoft's antiphishing add-in is in beta test form. It is based on the same technology that the upcoming Internet Explorer 7 browser will use for antiphishing. Releasing this add-in before IE 7 becomes generally available will extend the protection to users of IE 6 in the meantime.

"If the add-in suspects that the Web site a user is visiting is a phishing site, it flashes a bright yellow bar under the toolbar with a message warning that the site is suspicious and that the user should proceed with caution," a Microsoft spokesman said. The add-in determines whether a site is suspicious by analyzing various site characteristics to see if they match those commonly found on phishing sites, he said.

The Microsoft Phishing Filter beta has only been made available to Internet users based in the US. A Microsoft UK spokeswoman said on Wednesday that the company will "introduce the technology in additional markets over the coming year".

Read the full story:
http://www.pcworld.com/news/article/0,aid,122378,00.asp

Read ZDNet UK's story on the subject:
http://news.zdnet.co.uk/internet/sec...9215897,00.htm

Get the Microsoft Phishing Filter (beta):
http://addins.msn.com/


Zotob highlights how worm writers and Web gangs work together
Online August 31, 2005

According to security experts, the expanding investigation into this month's Zotob worm outbreak is uncovering evidence of the growing nexus between worm writers and gangs looking to profit from cybercrime, PC World reports.

The FBI this week confirmed that Turkish law enforcement officials are investigating 16 more suspects in connection with the Zotob worm and its variants.

The news is further evidence of the growing alliance between hackers and those seeking to profit from cybercrime, says Graham Cluley, a senior technology consultant at antivirus firm Sophos.

"It is certainly something that we thought has been happening for some time," Cluley says. "What you are likely to see here over the next few days is the unraveling of an entire identity fraud gang."

Malware such as Zotob and Mytob are used by hackers to download so-called bot programs that allow remote servers to take control of compromised systems and steal information from them. The communication between an infected system and remote server is often done using the Internet Relay Chat (IRC) messaging protocol.

Read the full story:
http://www.pcworld.com/news/article/0,aid,122369,00.asp


Malware could be lurking undetected in your Windows Registry
Online August 31, 2005

Security experts have found a vulnerability in the Windows operating system that could allow malware to lurk undetected in long string names of the Windows Registry, PC World reports.

According to a security advisory by Denmark-based IT security company Secunia, the weakness is caused by an error in the Windows Registry Editor Utility's handling of long string names. A malicious program could hide itself in a registry key by creating a string with a long name, which would allow the malicious string and any created after it in the same key to remain hidden.

Secunia has confirmed that the vulnerability affects the "Run" registry key. Malicious strings in this key will be executed when a user logs in to the PC.

Microsoft issued a statement on the vulnerability saying it is investigating the weakness and is not aware of any malicious attacks that have exploited it.

Read the full story:
http://www.pcworld.com/news/article/0,aid,122347,00.asp


Read more news at http://www.bullguard.com/news
'till next week


The BullGuard Team

BullGuard Limited, 823 Salisbury House, 29 Finsbury Circus, EC2M 5QQ London, United Kingdom

Thanks again rahly
8)