NOD32 and Virus News - Virus & AntiVirus News

Facebooks Virus Reappears, But Facebook's Vaccine Works As Advertised

jpayton@compsecglobal.com (Justin Payton) — Mon, 18 Aug 2008 17:15:00 -0600

By: Vasanth Sridharan

Earlier this month Facebook said it was working to protect its users from phishing scams that tried to lure people to malicious Web sites. Now the scams have reappeared.

But from what we can tell, Facebook appears to be delivering on its promise: You may be getting unpleasant spam and viruses in your inbox or on your wall, but Facebook will do its best to make sure that stuff can't hurt you.

Read Full Story Here

Comment:Once again we can thank our lucky stars that someone is looking for out for us.

How can Cisco Automatic Signature Extraction prevent zero-day virus attacks?

jpayton@compsecglobal.com (Justin Payton) — Sat, 16 Aug 2008 09:34:00 -0600

Author: David Davis

Most virus prevention systems today are based on signatures. In the time that it takes to create those signatures, huge networks can become infected. Viruses that infect networks before they can be identified and stopped with signatures are called zero-day viruses. So why not automate this process and use network intelligence to create signatures and stop viruses much faster, preventing zero-day attacks?

Read Full Story Here

Comment:Pretty interesting reading. Good thing that there are people out there always working to improve the flaws as opposed to exploiting them. Thanks to all you real life Super Heroes.

MySpace/Facebook Worms

jpayton@compsecglobal.com (Justin Payton) — Thu, 14 Aug 2008 13:25:00 -0600

New worms target both MySpace and Facebook

Kaspersky Lab, a leading developer of secure content management systems, has detected two variants of a new worm, Net-Worm.Win32.Koobface.a. and Net-Worm.Win32.Koobface.b, which attack MySpace and Facebook respectively. As part of their malicious payload, the worms transform victim machines into zombie computers to form botnets.

Even though the worms are currently only infecting MySpace and Facebook users, Kaspersky Lab analysts are warning users that the worms are designed to upload additional malicious modules with other functionality via the Internet. It is highly probable that victim machines will not only be used for spreading links via these social networking sites, but the botnets will also be used for other malicious purposes.

See Full Story

Comment: With the popularity of these sites everyone needs to be on the lookout. Always make sure that you can trust any plugin (i.e., Flash, Java) downloads prior to attempting to download and install.

Report: Web-Borne Malware Up 278% This Year

news@betterantivirus.com (Sean Cannon) — Fri, 18 Jul 2008 11:42:52 -0600

SQL injection attacks dominate first half of 08, and cross-site scripting (XSS) doesn't even make the list

JULY 17, 2008 | The multiple waves of mass SQL injection attacks this year on Websites -- including many high-profile legitimate ones like Wal-Mart, Business Week, and Ralph Lauren Home -- helped boost Web-borne malware volumes by 278 percent in the first half of this year, according to a new report from ScanSafe.

More than half of the malware detected by the Web security-as-a-service provider came from legit Websites rather than from notoriously scary or sketchy ones. And many of these Web attacks are silent and so tough to detect that many site operators have no clue their sites are lethal, and users often get infected without ever knowing it, according to the report.

Continue reading "Report: Web-Borne Malware Up 278% This Year"

San Francisco's Web Site Found Serving Malware

news@betterantivirus.com (Sean Cannon) — Fri, 18 Jul 2008 10:40:27 -0600

If you visited www.SFgov.org over the last couple of weeks, better check your computer for infections.

A security vendor, Finjan, reported Wednesday that the city's Web site was one of over 1,000 sites treating visitors to malicious code.

Other sites caught up in this latest round of Web attacks include uci.edu (the University of California at Irvine's site); Snapple.com; a site registered to the Marysville, California's police department; an ad network--atdmt.com--acquired by Microsoft; and several international sites.

Continue reading "San Francisco's Web Site Found Serving Malware"

2008: Malware deluge breaks all records

news@betterantivirus.com (Sean Cannon) — Tue, 15 Jul 2008 10:53:21 -0600

G DATA (Germany), The malware industry has shifted up a gear and, since the beginning of the year, has swamped the Internet with a malware flood of truly biblical proportions. On a daily basis some 1,500 new malware agents are unleashed against Windows users. In the first six months of the current year alone, G DATA Security Labs has recorded more than 318,000 new malware creations - more malicious code than in the whole of 2007, which was itself a record. If the growth rate remains the same, this would mean an increase of more than 400 percent by the end of 2008. By contrast, an all-clear for the owners of smartphones. The forecast danger for these devices has been shown to be a pure marketing ploy. Within the same period, only 20 new viruses surfaced. Online criminals do not currently regard smartphones as lucrative sources of income.

In 2008, the worldwide networking of online criminals finally bore its threatening fruit. In the G DATA 2008 semi-annual malware report, the Bochum IT security specialists give an insight into the current dangers for PC users.

Continue reading " 2008: Malware deluge breaks all records"

Homer Simpson accused of spreading malware

news@nod32usa.com (Greg Hewitt-Long) — Sun, 13 Jul 2008 12:01:00 -0600

An screen name once connected to animated TV dad Homer Simpson is being used to spread malware.

In a 2003 episode of The Simpsons, writers revealed that Homer's e-mail address was chunkylover53@aol.com. Prior to the episode's airing, the address was registered by one of the show's writers, who used it to answer hundreds of e-mails from Simpsons fans.

Continue reading "Homer Simpson accused of spreading malware"

Computer virus feeds off fears of war with Iran

news@nod32usa.com (Greg Hewitt-Long) — Sat, 12 Jul 2008 16:36:33 -0600

Worried about war with Iran, especially after yesterdays missile test (pictured above, even if it apparently was only three missiles instead of four)?

Open an e-mail about it and you may really have worries.

As the blog Wake Up America noted today, the United States Computer Emergency Readiness Team, or US-CERT, has warned that somebody is spreading a computer worm using e-mail messages with subject lines touting dire developments in our relationship with Iran. This is "Bomb bomb bomb, bomb bomb Iran" territory, as presumptive Republican presidential nominee John McCain jokingly sang last year.

The grim e-mail subject lines include: "20000 US soldiers in Iran," "US Army crossed Iran's borders" or "Third World War has begun."

Continue reading "Computer virus feeds off fears of war with Iran"

10 ways to fix a sick PC (Part 2)

news@betterantivirus.com (Annette King) — Thu, 10 Jul 2008 16:05:00 -0600

6. Test the health of the hard drive

The hard drive is where all of your computer's data is stored. Unfortunately, like everything inside or connected to your PC, these will, overtime, degrade and eventually fail.

Before a drive fails entirely though, it will give you tell-tale signs of impending doom in the form of sluggish performance, louder than standard operation and, if bad sectors have developed on its storage platter, clicking' sounds. If you've noticed any of these, it's best to try and first back-up all essential data and then run a check to test the drive's health. Before you get cracking however, we recommend disabling any non-essential software.

To check your drive's health, double click on Computer' and then right click on the drive - that you want to run a check on - and select Properties'. Now, click the Tools' tab and then hit Check Now'. Make sure to un-tick the Automatically fix file system errors' but tick the Scan for and attempt recovery of bad sectors' option boxes. Once done, hit Start'.

This process could take anywhere from 30 minutes to several hours (depending on the health and size of the drive). If problems are detected, we recommend - if you haven't already - first trying to back-up your essential data before allowing the app to try and fix the issues. If a problem is detected and cannot be corrected however, it's a sure fire sign the drive is close to failing completely.
Continue reading "10 ways to fix a sick PC (Part 2)"

10 ways to fix a sick PC (Part 1)

news@betterantivirus.com (Annette King) — Wed, 09 Jul 2008 16:59:00 -0600

If your PC has fallen ill and you want to get it back into running condition, read on as WINDOWS talks you through 10 ways to nurse your PC back to health...

1. Install security software

If your computer is giving you random problems and crashing or is even performing poorly, the first port of call when it comes to recovering is to check for viruses, Trojans, malware and more. To do this, you'll need to get hold of security software. Keep in mind however that these days it is better to have a fully-fledged suite that includes antivirus, antispyware and a firewall rather than investing in a single antivirus-only package.

You can buy a complete security suite from various vendors [such as ESET]. These are easy to install and make it quite simple for novice users to maintain a smooth running rig that's free from trouble.

There are also free alternatives available for download which perform the same functions. The bottom line is that if your computer is unprotected, you need to install a security suite immediately. If something is not quite right with the running of your system, run a scan, and you might just detect something malicious - whether it's a virus, Trojan or other mal-ware.
Continue reading "10 ways to fix a sick PC (Part 1)"

PCs for Dummies Author Releases Top Ten Tips to Extend PC Life

news@betterantivirus.com (Annette King) — Tue, 08 Jul 2008 16:27:00 -0600

New List Provides Practical Tips and Tricks for Getting More Mileage from your PC Investment

Now more than ever, consumers are trying to make their dollar go further. The generally accepted practice of replacing PCs every 2-3 years is no longer the norm. Avoiding viruses, spyware and popups are one of many ways consumers can extend the life of their PC into a fourth, fifth and even a sixth year.

PCLive.com, a provider of instant online computer support services for consumers, has released its top ten practical tips users can employ now to extend the life of their PC. The list was provided by Dan Gookin, author of the PCs for Dummies book series. Gookin regularly posts tips and topics surrounding consumers common, everyday PC hassles on PCLives blog For PCs Sake. Gookins top ten list features the following tips:

Continue reading "PCs for Dummies Author Releases Top Ten Tips to Extend PC Life"

Researchers: 637 million browser users at risk

news@betterantivirus.com (Annette King) — Thu, 03 Jul 2008 16:56:00 -0600

A group of researches on Tuesday said 637 million Web users are surfing with outdated Internet browsers and therefore at greater risk of Web-based attacks.

Using data collected from Google Web searches and security firm Secunia, the researchers, Stefan Frei (of ETH, Zurich), Thomas Dübendorfer (Google), Gunter Ollmann (IBM ISS), and Martin May (ETH, Zurich), analyzed the browsers used in a new report (PDF). They did so in an effort to understand why so many recent attacks by criminal hackers have been aimed at the browser, and why those attacks have been so successful.

Overall the authors found that roughly 40 percent of users were using insecure versions of Web browsers. Among the least compliant were users of Internet Explorer, which currently dominates the Internet browser market.

The data was collected in mid-June 2008. The users were scattered among 78 percent Internet Explorer users, 16 percent Firefox, 3 percent Safari, and 0.8 percent for Opera. Of these, 52 percent were running the latest version of Internet Explorer, 92 percent for Firefox, 70 percent for Apple, and 90 percent for Opera.

Continue reading "Researchers: 637 million browser users at risk"

Computer Techs Fight Texas Law Requiring A Private Eye's License

news@betterantivirus.com (Annette King) — Thu, 03 Jul 2008 13:41:42 -0600

Austin, TX (AHN) - A lawsuit is being filed to protect computer technicians, parents and anyone who searches for a computer virus from a new state law that could require them to obtain a private detective's license.

According to high-tech sleuths the new state law requires them to secure a private detective's license to retrieve data from a computer, analyze it and prepare a report for a client.

The Institute for Justice filed the lawsuit on behalf of techies who feared the state law could drive small computer repair shops out of business. Lawyer Matt Miller said he filed the lawsuit because it was so vaguely worded that the Private Security Board could broadly interpret it.

Rep. Joe Driver, the law's author, said computer technicians have misinterpreted the legislation and called the case a publicity gimmick by a new legal advocacy group. Driver said the law does not cover computer hardware repair service.

According to Driver, only those who make reports to be used in a criminal or civil case, which involves going deep into people's personal lives, would be required to secure the private eye license.

Miller believes the law could apply to anyone who searches for a computer virus, parents who want to watch who their children are emailing or employers tracking the online habits of their staff.

A private investigator's license requires a criminal justice degree or a three-year apprenticeship supervised by a licensed detective. Violators of the new law face up to a year jail term and a $4,000 fine, plus $10,000 in civil penalties.

Vittorio Hernandez - AHN News Writer

Original Story

Army activates network warfare unit

news@betterantivirus.com (Annette King) — Wed, 02 Jul 2008 14:58:33 -0600

A new chapter for the Army began this morning, July 2, when the Army Network Warfare Battalion (Provisional) was activated during a ceremony at Fort George G. Meade, Md.

The battalion's cyber mission will provide support to the Army and the Department of Defense. This support will include a variety of tasks, ranging from tactical support to Army Brigade Combat Teams in Iraq through strategic support to the other services, joint commanders, and interagency partners as required.

"We observe history this morning when this battalion activates. It is a first for INSCOM and a first for the Army," said Maj. Gen. David Lacquement, commander, U.S. Army Intelligence and Security Command. "This battalion formalizes and centralizes the Army's mission to provide rapid, increasing support to forces worldwide and will lead the Army in providing a larger and more robust network warfare capability."

Continue reading "Army activates network warfare unit"

How your cold explains network intrusion

news@betterantivirus.com (Annette King) — Tue, 01 Jul 2008 15:00:00 -0600

With the cold an flu season most definitely upon us, there is much that the common cold can show us about network intrusion and what can happen once a single compromise has taken place.

As you sniffle and blink your way through this article, think of how your computer responds to malware or directed attack. If the system is healthy and well protected, much as a healthy person is protected by their immune system, then an attack has a much reduced chance of succeeding (and you have a much reduced chance of getting a cold). You and your system can happily perform at pretty much your full levels of performance.

This will hold true up to a point. If you constantly leave yourself exposed to conditions that encourage development of a cold, and if you constantly leave your systems exposed to risk of compromise, then sooner or later you will have a cold and a compromised system. Active defenses will help keep you and your systems from getting sick and they are valid measures to delay or completely avoid the onset of a cold/compromise.

If your computer system is not as well protected, it is like a person with a weakened immune system - both are more likely to contract infection when faced with the same risks that a healthy system and person will not succumb to.

Continue reading "How your cold explains network intrusion"