SECURITY WARNINGS & Notices - Please post them here

[Alan Baxter]

Now also Fx is vulnerable to the newest Zeus version via HTML injection: http://www.scmagazineus.com/new-zeus-version-targeting-firefox-users-for-bank-fraud/article/168455/

It's good to know that Zeus isn't transmitted by a Firefox vulnerability. But once you've got it, even Firefox won't save you. Will Avast 5 block this new variant of Zeus?

http://www.scmagazineus.com/new-zeus-version-targeting-firefox-users-for-bank-fraud/article/168455/

In an email sent to SCMagazineUS.com on Wednesday, a spokesperson at Mozilla said that Zeus is not exploiting a vulnerability within Firefox, but is installed once a system has already been compromised.

"Once malware like Zeus is on a user's system, every application they use is at risk," the Mozilla spokesperson said.
Previous versions of Zeus had fairly limited capabilities for Firefox compared to those for Microsoft's Internet Explorer (IE) browser, Boodaei said. On Firefox, for example, the trojan previously was not capable of changing a bank's login page or altering a user's online transactions. As a result, most fraud incidents associated with Zeus have been sustained by users of IE.

[polonus]

Hi malware fighters,

Ongoing Twitter Support spam campaign
http://news.softpedia.com/newsImage/Email-Spam-Run-Impersonates-Twitter-Support-Staff-3.jpg/

polonus

[mkis]

Not sure if this email was part of a spam campaign - profile of the sender was suspended a few hours later.

I did take the email as genuine, if perhaps a lttle bent -
did take me to Twitter, where the sender was following my tweets
sender only had three entries, one of which directed the viewer to 'meet the locals', most of whom were showing themselves off in various stages of undress, down to no dress at all. Including the sender I gather, but a girl was visiting at the time, and she informed me that this person - the sender - was not for me at all.  

And later, the sender's profile was suspended (does that mean withdrawn possibly?). But I think genuine Twitter

btw - I was on Firefox at the time, but the redirects to 'meet the locals' can still be found in my Chrome history (records all browsers), and they are still 'live', are they are showing the links to be local.

[Pondus]

Sunbelt Software and Malwarebytes Partner to Improve the Security of the Internet
http://www.sunbeltsoftware.com/Press/Releases/?id=346
http://vipre.malwarebytes.org/

[Pondus]

Symantec Global Internet Security Threat Report  (2009) pdf

http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xv_04-2010.en-us.pdf

[polonus]

Hi malware fighters,

The blippy service leaked creditcard data to be found on Google: http://venturebeat.com/2010/04/23/blippy-credit-card-citibank/
Be aware with whom you share confidential data...

polonus

[mkis]

Not sure whether this has been posted yet. But here goes -

Virus Bulletin - Latest Reactive and Proactive (RAP) test results
http://www.virusbtn.com/index

Efforts to perceptual map prevalence of virus and virus detection

http://docs.google.com/View?id=ah85g3kzb4tn_274cx84gggh

(I don't readily agree with their perception, but I do like Virus Bulletin)

[Hermite15]

Users' passwords exposed by Splunk
http://www.theregister.co.uk/2010/04/26/splunk_passwords_revealed/

Splunk, a kind of Google for business technology that boasts it can help reinforce your security, has exposed the details of major customers to hackers following a web site slip up.

The passwords of customers on Splunk.com were revealed after some debug information leaked on to its production servers. The debug code exposed users passwords to Splunk.com as clear text, the company said. The site contained the emails and user names customers had used to register with Spluk.

[Pondus]

Bitdefender warns of malware targeting iPad
http://news.bitdefender.com/NW1497-en--BitDefender-Warns-of-Malware-Targeting-iPad-Users-via-iTunes-Update.html

[mkis]

Secunia - Vulnerabilities vs. attack vectors...

http://secunia.com/blog/97

[polonus]

Hi malware fighters,

First attempt to launch malcode from within PDF-file without the use of JS:
http://secshoggoth.blogspot.com/2010/04/launch-malicious-pdf.html
There is more to come, be aware...

pol

[spg SCOTT]

ALL photocopied documents are stored on a hard drive within a hard drive in the photocopier...Potential Risk for information leaks...
 

http://www.cbsnews.com/stories/2010/04/19/eveningnews/main6412439.shtml

Wow, never even knew about this...

[YoKenny]

ALL photocopied documents are stored on a hard drive within a hard drive in the photocopier...Potential Risk for information leaks...
 

http://www.cbsnews.com/stories/2010/04/19/eveningnews/main6412439.shtml

Wow, never even knew about this...

The most important information there:
How Bullock Kept Her Baby Adoption Secret
http://www.cbsnews.com/stories/2010/04/29/earlyshow/leisure/celebspot/main6443520.shtml?tag=strip

[nmb]

India now the primary producer of viruses

I feel bad : http://www.net-security.org/malware_news.php?id=1320 

Avast! guys.. you got a bot in India?

nmb

[mkis]

From Windows Secrets - Upgrade to IE8 Now, or Face Consequences

http://www.infopackets.com/news/business/microsoft/2010/20100331_experts_urge_upgrade_to_ie8_now_or_face_consequences.htm