Security threat shifts to the desktop

According to the latest Internet Security Threat Report from Symantec, malicious code targeting confidential information held on desktops is on the rise, Computing reports.

During the first half of 2005, malicious code that exposed confidential information represented 74 percent of the top 50 malicious code samples reported to Symantec, up from 54 percent in the previous six months.

Such threats focus on the theft of funds, particularly when credit card information or banking details are exposed, and are more prevalent due to increased online shopping and internet banking.

"Attackers are moving away from large, multipurpose attacks on network perimeters towards smaller, more targeted attacks directed at web and client-side applications," said a Symantec spokesperson.

Read the full story:
http://www.computing.co.uk/vnunet/ne...shifts-desktop


Bagle variant floods inboxes worldwide
Online September 22, 2005

Two waves of spam were launched this week using a new variant of the Bagle Trojan, ZDNet UK reports.

According to antivirus company Sophos, the BagleDL.U trojan tries to turn off antivirus and security software and block access to security Web sites, in an attempt to strip away a PC's immune system and allow hackers to gain access.

The two series of attacks bore strong similarities: the subject line was blank, the body message text was 'new price', and the malicious file attached could be identified with names such as '09_price.zip', 'price_new.zip', and 'price2.zip'.

"All computer users must avoid opening unsolicited email attachments, and ensure that their antivirus protection is up-to-date," said Carole Theriault, senior security consultant at Sophos.

Read the full story:
http://news.zdnet.co.uk/internet/sec...9220138,00.htm


Fix in for Firefox bugs
Online September 21, 2005

Mozilla has released an update to Firefox to fix several serious security flaws, including a recently disclosed bug that could let attackers secretly run malicious software on PCs, CNET reports.

Firefox 1.0.7 was issued late Tuesday. A new Mozilla Suite 1.7.12, containing the affected Mozilla Web browser and other tools, will follow by the end of the week.

"We're strongly recommending all users upgrade to the latest version," Chris Beard, head of products for Mozilla, said on Wednesday. The organization is not aware of any public exploits for the flaws fixed in the update, he said.

The primary reason for the updates is to patch a vulnerability that was disclosed two weeks ago and that affects all versions of the Firefox and Mozilla browsers, Beard said. The flaw lies in the way the applications handle International Domain Names, or IDNs, which are Web addresses that use international characters. Hackers have apparently been working to exploit the flaw, which could let attackers run code remotely on vulnerable computers.

Read the full story:
http://news.com.com/Fix+in+for+Firef...ml?tag=cd.lede

Get Firefox 1.0.7:
http://www.mozilla.org/


Phishers switch to European banks
Online September 21, 2005

Web monitoring firm Websense is warning of a major phishing attack on European banks, possibly because they have weaker security, IT Week reports.

The company discovered attacks against over two dozen European banks over the weekend, primarily against Spanish and Italian institutions.

This is the first time that Websense has witnessed such a concerted attack against European banks. US sites like Citibank and PayPal are more usual targets.

"We're seeing a move to find the weakest link," said Mark Murtagh from Websense.

Murtagh explained that phishers are increasingly targeting small non-English banks, which were formerly left alone because they have fewer users.

Read the full story:
http://www.itweek.co.uk/vnunet/news/...european-banks


Read more news at http://www.bullguard.com/news
'till next week


The BullGuard Team
BullGuard Limited, 823 Salisbury House, 29 Finsbury Circus, EC2M 5QQ London, United Kingdom