tsu doh nimh writes “Anti-virus researchers have discovered a new strain of malicious software that spreads via USB drives and takes advantage of a previously unknown vulnerability in the way Microsoft Windows handles ‘.lnk’ or shortcut files. Belarus-based VirusBlokAda discovered malware that includes rootkit functionality to hide the malware, and the rootkit drivers appear to [...]
Techie Buzz
REMnux, an Ubuntu Fork to Reverse Engineer Malware
REMnux is a nifty security tool based on Ubuntu. It is essentially a stripped down version of Ubuntu to create a sandbox environment and test for exploits remotely. The official website defines REMnux as, REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu and is maintained [...]
Slashdot
Regular Domains Have More Malware Than Porn Sites
SnugglesTheBear writes “New research pours scorn on the comforting but erroneous belief that Windows surfers who avoid smut and wares on the Web are likely to avoid exposure to malware. A study by free anti-virus firm Avast found 99 infected legitimate domains for every infected adult website. In the UK, Avast found that more infected [...]
Mobile Devices
Android Quick App: Norton Smartphone Security
The hot app of the year appears to be one that will lock and/or wipe your phone. And as such, Norton — the longtime virus-cleaner (among other things) — has the Norton Security app in beta in the Android Market. We’re not anywhere close to declaring that we need to worry about spyware, malware and [...]
Techie Buzz
Facebook ‘Hilarious Video’ Phishing Attack Spreading Fast
Facebook has been seeing an increasing number of phishing and malware attacks recently. The latest in series is a phishing attack that lures you to watch the ‘most hilarious video ever’ but when you try to click on it, it asks you for your login credentials and installs the ‘Media Player HD’ app on your [...]
Linux
The Rise of Personalized Spam
In just today’s e-mail, I’ve received offers of “$8.500.000,00 (Eight million,Five hundred thousand United State dollars)” and similar garbage. Like most such spam it includes a link that, were I to follow it, leads to Windows malware. But, I also received an e-mail informing me that a real law firm was suing me because I’d [...]
Slashdot
How To Guarantee Malware Detection
itwbennett writes “Dr. Markus Jakobsson, Principal Scientist at PARC, explains how it is possible to guarantee the detection of malware, including zero-day attacks and rootkits and even malware that infected a device before the detection program was installed. The solution comes down to this, says Jakobsson: ‘Any program — good or bad — that wants [...]
Linux
Cleaning Windows One Pane at a Time
In trying to make Windows users understand that they can finally be free of proprietary operating systems, the Linux user must be careful not to come off as too-elitist or snooty. We know that Linux is less complex, less targeted for malware, easier to fix/repair/upgrade, and far easier to customize, but they do not. Linux [...]
Ars Technica
Judge’s restraining order takes botnet C&C system offline
Botnets—large networks of malware-infected PCs remotely controlled by criminals—are a serious problem on the Internet. The spam, phishing attacks, and malware that these networks send accounts for a massive proportion, in excess of 80 percent, of e-mail traffic. One such network, known as Waledac, has been stopped in its tracks after Microsoft got a court [...]
Mobile Devices
New security threat against users of smartphones?
Certain scientists are saying that malware inside a smartphone can turn the handset into a listening device to spy on meetings, run down batteries, track the owner’s travels and more… Read more at source Related Reading:
Engadget
Microsoft confirms rootkit caused Windows XP blue screens
When malware writers fail to generate clean, reliable code, just who can you trust? On the heels of many Windows XP 32-bit users facing blue screen of death errors and unwanted reboots, Microsoft is now confirming that there’s a little bit of malicious code sitting at the root of it all. A rootkit, to be [...]
Engadget
Windows XP patch fiasco gets even crazier, Microsoft now scrambling for solutions
If you ever needed a reason to go Linux, here you go. The noise surrounding this patently obscure Windows XP bug / patch fiasco has just reached a fever pitch, and now we’ve got engineers within Redmond scratching their heads, too. As the story goes, Microsoft recently patched a security hole that took care of [...]
Slashdot
Experts Closing In On Google Attack Coders
ancientribe writes “The targeted attacks out of China that hit Google, Adobe, and other U.S. organizations are still ongoing and have affected many more companies than the original 20 to 30 reported. Security experts now say they are getting closer to identifying the author or authors of the malware used to breach Google and other [...]
Ars Technica
All that user-generated content? 95% is malware, spam
The latest research from Websense Security Labs paints a dreary but familiar picture of the state of online security threats. Echoing the bad news of other such recent reports, it seems the vast majority of the Web consists of malware and spam. Worse yet, even legitimate, well-known sites are being used to pump malware, SEO [...]
Slashdot
Image Searchers Snared By Malware
Slashdot frequent contributor Bennett Haselton writes “Sites that have been hacked by malware writers are now serving infected content only when the visitor views the site through a frame on Google Images. This recent twist on a standard trick used by malware writers, makes it harder for webmasters and hosting companies to discover that their [...]
Ars Technica
Firms worry about social networks, but don’t block access
Despite widespread paranoia that social networks are putting businesses at risk, companies continue to give employees open access to them. The latest Security Threat Report (PDF) from security research firm Sophos notes that spam and malware attacks via popular networks continued to rise at “alarming” rates over the last 12 months, posing a risk to [...]
Linux
‘Aurora’ Code Circulated for Years on English Sites
“An error-checking algorithm found in software used to attack Google and other large companies circulated for years on English-language books and websites, casting doubt on claims it provided strong evidence that the malware was written by someone inside the People’s Republic of China.” Read more at source Related Reading:
Slashdot
Google Investigating Chinese Employees
BluePeppers writes “The Guardian is reporting that Google China is investigating its staff about The Incident. “”We’re not commenting on rumor and speculation. This is an ongoing investigation and we simply cannot comment on the details,” a Google spokeswoman said. Security analysts told Reuters the malicious software or malware used in the attack was a [...]
Ars Technica
Facebook working to keep network, users free of malware
Social networks have become popular vectors for malware, and Facebook is taking measures to ensure that its users are safe. The company announced Wednesday that it has partnered with McAfee to provide security software and services to Facebook’s 350 million users. Though the offerings are pretty much your standard security package, Facebook is painting itself [...]
