Jump to a News Section:
Threat Update
IE Zero-Day CVE-2010-0806
from CA Community | Thursday, March 11, 2010
Microsoft recently released a security advisory regarding Microsoft Internet Explorer ‘iepeers.dll’ Remote Code Execution Vulnerability (981374) affecting Internet Explorer versions 6 and 7. The vulnerability exists as an invalid pointer reference within Internet Explorer.
The said vulnerability does not work on Internet Explorer 8, users who are still using old version of Internet Explorer particularly version 6 and 7 is encouraged to update their internet browser to the latest version.
Related News:
- New IE Zero-Day Exploit (CVE-2010-0806) | from TrendLabs
- Targeted Internet Explorer Zero-Day Attack Announced (CVE-2010-0806) | from McAfee Labs Blog by Craig Schmugar
After Takedown, Botnet-linked ISP Troyak Resurfaces
from PCWorld | Thursday, March 11, 2010
Last week FBI Director Robert Mueller called the fight against hackers “the cyber equivalent of cat-and-mouse.” On Wednesday security experts trying to take down the Zeus botnet got a taste of what he meant.
Just hours after Internet service providers severed network connectivity to Troyak, an ISP associated with the Zeus botnet, the ISP has regained connectivity after peering with a new upstream Internet service provider.
“Don’t worry, it is up and running again,” Troyak spokesman Roman Starchenko said in an e-mail to IDG News Service. “We fixed our weakness and now it will become concrete stable.”
He blamed the outage on an administrative error.
Mariposa botnet hit hardest where security awareness is low
from ComputerWeekly | Thursday, March 11, 2010
Over 13 million users in 190 countries and 31,901 cities were affected by the Mariposa botnet, according to Panda Security, which took part in the joint operation to shut the botnet down in December 2009.
Spanish police arrested three people on 3 March as a result of the operation by the Mariposa Working Group (MWG), which also included representatives of the FBI and the Spanish civil guard.
The cities most affected were Seoul, with 5.36% of compromised IP addresses, Bombay (4.45%) and New Delhi (4.27%).
India was the most affected country, with 19.14% of all infections, followed by Mexico (12.85%) and Brazil (7.74%).
Hacks and Website Attacks
More targeted attacks are focusing on Adobe Reader than Microsoft Word.
from F-Secure Blog | Thursday, March 11, 2010
F-Secure is advising users to keep their Adobe patches up to date, as the number of attacks against its Reader software tops even those targeting Microsoft’s Word.
In 2008, 34.55 per cent of targeted attacks were directed at Microsoft Word, while 28.61 per cent hit Adobe Reader. However, last year, Reader saw 49.50 per cent, topping Word’s 38.50 per cent,
China targets US with malicious cyber activities
from rediff.com | Thursday, March 11, 2010
Claiming that China is the origin of malicious cyber activities targeting the US, a noted American security expert on Thursay said the government should vigorously monitor and defend its computer and critical infrastructure networks.
“China is the origin of extensive and malicious cyber activities that target the US,” Larry Wortzel, Vice Chairman of the US-China Economic and Security Review Commission, said at a Congressional hearing.
The commission, in a contracted report, provided a case study of a penetration into the computer systems of an American high-technology company.
Industry News
10 Reasons Why Security Problems Persist at Microsoft
from eWeek | Thursday, March 11, 2010
News Analysis: As much as Microsoft would like security problems to just go away, they won’t. The chances of Microsoft eliminating most of the software flaws that invite new attacks are slim to nil. But there are many things that Microsoft should do to improve the situation. We take a look at why security issues continue to haunt the software giant and what Microsoft can do about it.
Holmes Security Systems Relies on Walling Data and AVG Anti-Virus
from PrWeb.com | Thursday, March 11, 2010
North Carolina company builds security into everything they do.
“AVG’s price was far and away the best value. With AVG Anti-Virus, we saved more than 50 percent per license.”
Newton, NC (PRWEB) March 11, 2010 — Peace of mind means everything to the customers of Holmes Security Systems. From burglar and fire alarms to comprehensive monitoring services, Holmes wields a wide array of resources and expertise to protect their customers.
News ImageSo it’s not surprising that the Fayetteville, N.C. –based company puts a high degree of importance on their choice of network security software. Their anti-virus protection had to live up to their own high security standards.
Gotcha!
Allaple Virus Author Sentenced
from Weblog of F-Secure Antivirus Research Team | Thursday, March 11, 2010
An Estonian virus writer has been sentenced to jail in Harju, Estonia.
The author of the Allaple virus family, 44-year old Mr. Artur Boiko pleaded not guilty.
Nevertheless, he was found guilty and sentenced to 2 years and 7 months in prison.
Allaple is a complex worm using polymorphic encryption. It spreads over network shares and by modifying local HTML files. When such HTML files are uploaded to public websites, they spread the infection further.
Apparently Mr. Boiko had been in a car accident and had ended up in dispute over his insurance claim with If Insurance. As a result, his worm launches DDoS attacks against these sites:
www.if.ee (website of the insurance company)
www.online.if.ee (customer online interface of the insurance company)
www.starman.ee (website of a local ISP)
