Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2386241 times)

0 Members and 6 Guests are viewing this topic.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #150 on: January 26, 2010, 06:50:11 PM »
'Cyber Genome Project' kicked off by DARPA
Alert  Print Post commentThe code you write - it'll be as traceable as your DNA
http://www.theregister.co.uk/2010/01/26/cyber_genome_project/


False positive.....not only avast:
Kaspersky update slaps Trojan warning on Google Adsense
Alert  Print Post commentTsk, you and your false positives
http://www.theregister.co.uk/2010/01/25/kaspersky_adsense_false_positive/

CharleyO

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #151 on: January 26, 2010, 07:27:48 PM »
***

Another warning for the newbies that might not know better. Notice that it is supposedly from UPS but it is a fake and if opened by the unknowing, you get a virus.


**************************************
EARTHLINK VIRUS BLOCKER MESSAGE STATUS
**************************************

MESSAGE QUARANTINED

Virus Detected: CMU-10763-20100126

Message Details:
From: "UPS Support Jamie Mckinney" <tracking@ups.com>
Subject: UPS Delivery Problem NR 23911.
Date: Tue, 26 Jan 2010 20:04:42 +0200

For your protection, EarthLink Virus Blocker has quarantined a message sent to you because it contains a virus.


***

Offline Omid Farhang

  • Frontend Developer
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1660
  • I wish I could write longer personal text!!
    • Homepage
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #152 on: January 26, 2010, 09:16:44 PM »
...Another warning for the newbies that might not know better. Notice that it is supposedly from UPS but it is a fake and if opened by the unknowing, you get a virus....

Yes, I got same warning from Gmail, Thanks Google!!, Gmail said it did not load that mail from my Yahoo inbox (POP Access) and leave it in there because of suspicion attachment of that mail.

I download attachment, scanned it and I found this great job from avast! antivirus: http://www.virustotal.com/analisis/a81c322675370b8bfcbc03e012b94b317d3f5a115b820ee04b43bb876ba7226b-1264525820
Quote
Title: Message left on server: "UPS Delivery Problem NR 89904."
The message "UPS Delivery Problem NR 89904." from UPS Support Derrick Zimmerman (tracking [at] ups [dot] com) contained a virus or a suspicious attachment. It was therefore not fetched from your account xxxxxx [at] yahoo.com and has been left on the server.

If you wish to write to UPS, just hit reply and send UPS a message.


Thanks,

The Gmail Team
in the above quote I've edited e-mail addresses
« Last Edit: January 26, 2010, 09:30:45 PM by Omid Farhang »
Twitter: https://twitter.com/OmidFarhangEn - OS: Arch Linux

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #154 on: January 27, 2010, 06:44:21 PM »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33667
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #155 on: January 27, 2010, 08:37:56 PM »
Hi  malware fighters,

That it is dangerous to leave your desktop unattented, even just for a while, is an open door. See why?
Here: http://ha.ckers.org/blog/20100126/quicky-firefox-bookmarklet-backdoor/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33667
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #156 on: January 28, 2010, 02:45:30 AM »
Hi malware fighters,

Spyeye is a hard to detect new bot on the market, costs for cybercriminals 500 euro, was to be used for instance in combination with the Chinese hack toolkit: http://pandalabs.pandasecurity.com/ms10-002-exploit-constructor/

Mentioned bot is a data stealer and invisible in the Windows process list...
http://malwareint.blogspot.com/2010/01/spyeye-new-bot-on-market.html

The malicious bot industry is getting bigger and bigger, and this is an alarming situation, my good friends.

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Hermite15

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #157 on: January 28, 2010, 03:18:42 PM »
Google Chrome flagged as insecure by Secunia
http://forum.avast.com/index.php?topic=54533.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33667
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #158 on: January 28, 2010, 10:40:01 PM »
Hi malware fighters,

The number of botnets that uses HTTP to communicate with infested machines has doubled during the last six months. Traditionally botnets were commanded through Internet Relay Chat (IRC) , but that development has stopped. The number of IRC-based botnets stopped to grow at approx. 400, while HTTP-based botnets grew from 800 to 1600. That growth has to do with the low costs of HTTP-bot-building toolkits, according to Team Cymru, a non-profit anti-cybercrime organisation .

Toolkits
These toolkits are getting more and more  functional and the ease to use  the HTTP interface will make that botherders has left the IRC-platform as communication channel massively. HTTP botnets are more and more used for Distributed Denial of Service (DDoS)-Attacks. "There are different ways to make money from this kind of attacks, while other alternative use of botnets are to be preferred with less risk."

Most Command & Controle servers, both for IRC and HTTP, are located in the United States of America. Also the North of Europe with the Netherlands, plays an important role. Despite of the fact that IRC-based botnets showed no growth, their number did not go down either. That is why Team Cymru predicts this kind of bots are to play a further role, but the future lies with the HTTP-based bots. Link: http://www.team-cymru.org/ReadingRoom/Whitepapers/2010/developing-botnets.pdf

polonus

P.S. Another fact is HTTP-based bots can be easily relocated...and webadmins have monitored port
6667 while HTTP goes more under the detection-radar. Default and standard IPS/IDS systems just through DPI will filter for "/join".....  and then bye bye botnet. HTTP is more difficult while it looks like legit traffic,

Damian
« Last Edit: January 28, 2010, 10:43:04 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #159 on: January 29, 2010, 05:57:21 PM »
Malware Aims to Evade Windows 7 Safeguards

Windows 7 adds a number of new security features, but social engineering attacks mean that you can’t let your guard down.

http://www.networkworld.com/news/2010/012810-malware-aims-to-evade-windows.html?page=1

CharleyO

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #160 on: January 29, 2010, 06:45:36 PM »

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 47246
  • 62 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #161 on: January 29, 2010, 10:33:04 PM »
Quote
Misplaced warning ...
Unfortunately there are many of these still cluttering up the forum.  :'(
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 22.5, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37191
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #162 on: February 01, 2010, 05:12:22 PM »
CIA, PayPal under bizarre SSL assault - Plus hundreds of others

http://www.theregister.co.uk/2010/01/29/strange_ssl_web_attack/

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33667
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #163 on: February 01, 2010, 05:25:20 PM »
Hi malware fighter,

Have to post this here as well:
http://forum.avast.com/index.php?topic=54872.0

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 47246
  • 62 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #164 on: February 01, 2010, 05:41:31 PM »
Hi malware fighter,

Have to post this here as well:
http://forum.avast.com/index.php?topic=54872.0

pol
It would take up less Forum real estate if it where only posted here. :)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 22.5, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://