Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2386202 times)

0 Members and 9 Guests are viewing this topic.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #180 on: February 03, 2010, 03:18:05 PM »
Stubborn trojan stashes install file in Windows help
http://www.theregister.co.uk/2010/02/03/help_file_trojan/

Be careful on help files (McAfee Labs Blog)
http://www.avertlabs.com/research/blog/index.php/2010/02/02/be-careful-on-help-files/
« Last Edit: February 03, 2010, 03:19:56 PM by Pondus »

Hermite15

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #181 on: February 03, 2010, 04:25:16 PM »
Most consumers reuse banking passwords on other sites  ::)

tell me more about phishing  ;D , I mean that's not the same procedure but it just sounds like some people are just asking for it  ;D
http://www.theregister.co.uk/2010/02/02/e_banking_password_fail_survey/

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #182 on: February 04, 2010, 03:04:11 PM »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #183 on: February 04, 2010, 03:06:14 PM »
Fake Microsoft Outlook Update Installs Trojan

Quote
A malicious spam campaign caught by Panda Labs is using a fake Microsoft Update notice to trick victims into installing a Trojan. While well crafted, the attack still provides dead giveaways.

http://www.networkworld.com/news/2010/020310-fake-microsoft-outlook-update-installs.html?hpg1=bn

Hermite15

  • Guest

YoKenny

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #185 on: February 04, 2010, 05:26:33 PM »

Microsoft confirms new Internet Explorer flaw
http://www.telegraph.co.uk/technology/microsoft/7155664/Microsoft-confirms-new-Internet-Explorer-flaw.html

Microsoft Security Advisory: Vulnerability in Internet Explorer could allow information disclosure
Quote
Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/advisory/980088.mspx

To have us fix this problem for you, go to the "Fix it for me" section. If you would rather fix this problem yourself, see the workaround section in the security advisory.
http://support.microsoft.com/kb/980088

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #186 on: February 05, 2010, 01:03:06 AM »
Conficker have done it again........

Conficker virus outbreak at Greater Manchester Police
http://www.sophos.com/blogs/gc/g/2010/02/02/conficker-virus-outbreak-greater-manchester-police/

spg SCOTT

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #187 on: February 05, 2010, 02:36:40 PM »
You would think by now that even the police would be ready for conficker... ::)

And they want a direct link to our data... :(...

Go Pack Go

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #188 on: February 05, 2010, 04:15:04 PM »
AplusWebMaster at the Safer-Networking Forums is really good about posting security threats: http://forums.spybot.info/forumdisplay.php?f=28

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33667
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #189 on: February 05, 2010, 04:28:39 PM »
Hi malware fighters,

Unauthorized hackers can now have access to backdoors left in ISP auditing software,
Cisco was rather upfront about this, but for other software we don't even know where it is.
This to prevent suspects to be warned by their ISP they are being monitored via backdoors:
http://www.darkreading.com/insiderthreat/security/perimeter/showArticle.jhtml?articleID=222600993

Always thought the Internet was wormholed, now with these 6 issues it is proven,

Exploiting Lawful Intercept to Wiretap the Internet
Many goverments require telecommunications companies to provide interfaces that law enforcement can use to monitor their customer's communications. If these interfaces are poorly designed, implemented, or managed they can provide a backdoor for attackers to perform surveillance without lawful authorization. Most lawful intercept technology is proprietary and difficult to peer review. Fortunately, Cisco has published the core architecture of it's lawful intercept technology in an Internet Draft and a number of public configuration guides.

This talk will review Cisco's architecture for lawful intercept from a security perspective. The talk will explain how a number of different weaknesses in its design coupled with publicly disclosed security vulnerabilities could enable a malicious person to access the interface and spy on communications without leaving a trace. The talk will explain what steps network operators need to take to protect this interface. The talk will also provide a set of recommendations for the redesign of the interface as well as SNMP authentication in general to better mitigate the security risks.

Warnings were there from 2008:
http://www.forbes.com/2010/02/03/hackers-networking-equipment-technology-security-cisco.html

polonus
« Last Edit: February 05, 2010, 04:32:52 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #190 on: February 05, 2010, 04:46:02 PM »
Aurora Attack - Zero day exploit in IE6


Quote
Aurora attacks, which is known to be originated from china, is a major attack in the recent past which used an Internet explorer exploit code to attack companies like Google and Adobe and succeeded in stealing some intellectual properties.

http://www.norman.com/security_center/security_center_archive/2010/77717/en-us

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #191 on: February 05, 2010, 05:01:59 PM »
Microsoft slates colossal Windows patch next week

Ties record with 13 security updates, plans to fix 26 bugs in Windows, Office

http://www.computerworld.com/s/article/9152258/Microsoft_slates_colossal_Windows_patch_next_week?source=rss_news

http://www.microsoft.com/technet/security/bulletin/ms10-feb.mspx
« Last Edit: February 05, 2010, 09:45:55 PM by Pondus »

Hermite15

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #192 on: February 05, 2010, 05:07:51 PM »
Microsoft slates colossal Windows patch next week

Ties record with 13 security updates, plans to fix 26 bugs in Windows, Office

http://www.computerworld.com/s/article/9152258/Microsoft_slates_colossal_Windows_patch_next_week?source=rss_news

thanks for the heads up, was expecting something just for IE but it seems more is involved.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #193 on: February 05, 2010, 09:48:12 PM »
Microsoft's Mundie calls for 'internet driving licence'  :o
http://www.v3.co.uk/v3/news/2257372/microsoft-mundie-calls   

Hermite15

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #194 on: February 05, 2010, 09:58:43 PM »
Microsoft's Mundie calls for 'internet driving licence'  :o
http://www.v3.co.uk/v3/news/2257372/microsoft-mundie-calls   

yeah  ;D will be remembered as a good joke in a few days  :D