By Munir Kotadia

It's not just PC users who can be victims of their own stupidity when it comes to Internet security


<A TARGET="_new" HREF="http://ad.uk.doubleclick.net/click%3Bh=v5|3395|3|0|%2a|a%3B27195838%3B0-0%3B0%3B12654861%3B4307-300|250%3B14840636|14858532|1%3B%3B%7Efdr%3D27208770%3B0-0%3B0%3B8637831%3B4252-336|280%3B14843680|14861576|1%3B%3B%7Esscs%3D%3fhttp://www.blackberry8700.co.uk"><IMG SRC="http://ad.uk.doubleclick.net/1159042/BB_300x250.GIF" BORDER=0></A>

Ignorance is bliss, as the saying goes, but users of Apple's OS X platform could pay a hefty price if they continue to live in denial, industry observers have warned.

The biggest security vulnerability could lie in the fact that OS X users aren't "trained" to monitor and identify social engineering tactics that have been used against Windows-based users for years.

Over the past week, two pieces of malware targeting OS X have been found in the wild. One arrives over an instant messenger application and requires a user to decompress and open a malicious file while the second exploits an old vulnerability in Mac's Bluetooth software, which was patched in June 2005.

Mark Borrie, IT security manager at New Zealand's University of Otago, said although he hasn't experienced any infections, he's concerned at the ease in which social engineering can be used against the Mac community.

Posted by Spencer Cuffe in Virus & AntiVirus News at 09:03

By Robert McMillan

Hackers have released software that could be used to take over Windows PCs that lack the latest Microsoft security patches. But while this code is dangerous, security experts said Friday that it had yet to be used by attackers in any widespread way.

The attack code exploits two separate bugs in Windows Media Player, which were addressed in Microsoft's MS06-005 and MS06-006 advisories released Tuesday.

The MS06-005 bug concerns a flaw in the way the Media Player processes bitmap files, while MS06-006 has to do with the Media Player plug in for non-Microsoft browsers.

Of these two bugs, Microsoft rated only MS06-05 as critical, but both could be exploited to seize control of an unpatched machine, according to the French Security Incident Response Team website, which has published examples of the malicious code.

Posted by Spencer Cuffe in Virus & AntiVirus News at 08:59

By Dan Kaplan

The newly formed Anti-Spyware Coalition held its first public workshop earlier this month as a way to bring together key players to discuss malicious software, the Cyber Security Industry Alliance said in its February newsletter.

The Feb. 9 workshop held in Washington D.C. sought to define spyware and develop solutions to combat the problem, the CSIA said. About 350 people, including industry, government and academic leaders, participated.

Spyware quickly is becoming a major consumer concern, experts have said.

The Ponemon Institute reported that 85 percent of frequent internet users believe they have had spyware on their computer, while 86 percent of those said the spyware caused a loss in money or productivity, according to the CSIA.

Federal Trade Commission Chairwoman Deborah Platt Majoras, delivering the keynote address at the workshop, urged the public and private sectors to fight fraudsters while firming the agency's enforcement stance against spyware suppliers, the CSIA said. She also promised fall hearings on consumer protection in the high-tech global marketplace.

Other speakers, such as agency Commissioner Jonathan Leibowitz, suggested the agency publicly name any legitimate companies that send nuisance software, the CSIA said. Walter Mossberg, Wall Street Journal technology columnist, criticized anti-virus vendors for failing to produce effective solutions.

The workshop proved that a lot of work remains, the CSIA said.

Posted by Spencer Cuffe in Adware, Spyware and Trojans at 08:51

By KUALA LUMPUR

It is worrying that many computer users still seem to be ignorant of spyware, said a security solutions vendor.

Andrew J. Lee, chief technology officer of security solutions company Eset Software, said many users are just too trusting when they are at their PCs.

"They are downloading spyware without knowing it because they are duped by the claims of online ads," he said.

He said the problem has been going on for the past three years but the danger of spyware is still being ignored by PC users because they think it is not much of a threat.

Posted by Spencer Cuffe in Adware, Spyware and Trojans at 08:49