SECURITY WARNINGS & Notices - Please post them here

[CharleyO]

***

Hack done to phpnuke.org site :

http://forum.avast.com/index.php?topic=59535.msg501749#msg501749


***

[Hermite15]

***

Hack done to phpnuke.org site :

http://forum.avast.com/index.php?topic=59535.msg501749#msg501749


***

looks solved:
http://www.theregister.co.uk/2010/05/11/phpnuke_infection_purged/

[Pondus]

Windows 7 'compatibility Checker' Is a Trojan

http://www.pcworld.com/businesscenter/article/195991/windows_7_compatibility_checker_is_a_trojan.html

http://news.bitdefender.com/NW1535-en--Windows%C2%AE-7-Compatibility-Checker-Turns-Out-To-Be-a-Trojan.html

[spg SCOTT]

Fake HSBC emails...

Ok, since that is not working for them, they are trying another angle...pretending to warn users about erm...themselves...

Once again, these are NOT from HSBC, they are fake. The so called hsbc link actually points to:

hXXp://michael-shelton.com/images/uk-hsbc.co.uk/www/INTEGRATION-HSBC/CAM11;jession=14/

Which is obviously fake. (would be interesting to know whether avast! blocks this...)

Another thing is, that they have 'tagged' (right word?) it as high priority, as you can see in the image (the red exclaimation mark...)

Careful guys...

-Scott-

[Hermite15]

they are trying another angle...pretending to warn users about erm...themselves...

[spg SCOTT]

they are trying another angle...pretending to warn users about erm...themselves...

Yeah...although, I think that sentence needs rephrasing:

Ok, since that is not working very well for them, they are capitalising on it, and trying another angle...pretending to warn users about erm...themselves...

[Hermite15]

Twitter-controlled botnets
http://www.theregister.co.uk/2010/05/13/diy_twitter_botnets/
http://sunbeltblog.blogspot.com/2010/05/diy-twitter-botnet-creator.html
http://www.wired.com/threatlevel/2009/08/botnet-tweets/

A security researcher has unearthed a tool that simplifies the process of building bot armies that take their marching orders from specially created Twitter accounts.

TwitterNet Builder offers script kiddies a point-type-and-click interface that forces infected PCs to take commands from a Twitter account under the control of attackers. Bot herders can then force the zombies to carry out denial-of-service attacks or silently download and install software with the ease of their Twitter-connected smartphones.

[polonus]

Warning: http://stopmalvertising.com/malvertisements/alert-twcorpscom-replaces-grepadcom/page-2

pol

[polonus]

Hi malware fighters,

Loads of fake av silent download sites being found, example: http://safeweb.norton.com/report/show?name=syspro.edu.co

Discussion on recent website malware: http://evilcodecave.wordpress.com/
interesting linked, that I bookmarked...

polonus

[YoKenny]

Discussion on recent website malware: http://evilcodecave.wordpress.com/
interesting linked, that I bookmarked...

polonus

Sites that are at February 14, 2010 are about as current as an old newspaper.

[polonus]

Top attacks here: http://atlas.arbor.net/

See what is on the malcode radar here: http://www.securitywizardry.com/radar.htm

pol

[YoKenny]

Top attacks here: http://atlas.arbor.net/

See what is on the malcode radar here: http://www.securitywizardry.com/radar.htm

pol

Goes to prove that Chinese with bogus Windows are the major contributors:
CHINANET-BACKBONE
http://atlas.arbor.net/asn/4134
http://atlas.arbor.net/cc/CN

[polonus]

Hi malware fighters,

For the latest wepawet Flash and JS reports, go here:
http://wepawet.iseclab.org/samples.php

pol

[polonus]

Hi malware fighters,

As you can read via the link given websites outside the normal Latin spelling, according tio the new Domain standards for instance in Cyrillic or Arabic can be easier abused by phishers now:
http://www.securelist.com/en/blog/2156/New_domain_standards_new_challenges_new_potential_problems

polonus

[polonus]

Hi malware fighters,

Biggest threat around USB worm: http://news.techworld.com/security/3223707/mcafee-usb-worm-is-biggest-pc-threat/

pol