Scam : 2003-Dec-29
DBS bank online account holders are urged to exercise caution when logging
on to the bank's online website. A web site in Hong Kong masquerading as the legitimate
site is attempting to fool users into releasing their account username and password.
E-mail phishing attacks jumped over 400 percent in late December.
Phishing, the term used to describe malignant e-mail posing as legitimate messages
from banks, retailers, and credit card companies, soared in November and December
as scammers took advantage of the holiday rush to try to trick users into divulging
personal and financial information.
Scam : 2003-Dec-2
There
is a scam going on involving Maybank's online account; an email messages purportedly
sent from security@maybank2u.com.my requesting customers to reactivate their accounts.
This is done with the intention to illegally obtain customers' password.
From the sample we received, our investigation showed that the link contained
in faked email would bring you to a machine in Korea with the address 211.36.224.18
and attempts to connect to port 10093. You would then be presented with a login
page, which the site operator uses to harvest your password. As of now, the site
is still operational and its faked login page looks very official.
Here's an excerpt from Maybank's official press release:
Since Maybank doesn't seem to be proactive and is reactiving very passively,
we would like to advise all Maybank's customers to be wary of any email messages
asking you to change password; when in doubt, call and ask.
Security : 2003-Nov-12
For the month of November, Microsoft issued several patches to fix two critical
security holes in its Windows operating system and Internet Explorer browser.
www.microsoft.com/technet/security/winnov03.asp
Virus : 2003-Nov-1
A new email virus, known as "W32.Mimail.C@mm", spreads with the subject
"our private photos [random string of letters]" and the attachment "photos.zip",
is spreading rapidly through many organizations' email in the US.
It is a variant of the "W32.Mimail.A@mm" virus and behaves similarly.
Once infected, it will scour victim's system for valid email addresses and send
itself to those addresses via its own SMTP engine.
Download Norton Antivirus Definition
"W32.Mimail@mm" Virus Removal Tool
Security : 2003-Oct-16
Microsoft issued several patches to fix critical security holes in its Windows
operating system. With these new patches, Microsoft has begun to implement its
initiative to notify computer users of patches on a more regular basis, applies
to a wide range of Microsoft software.
www.microsoft.com/technet/security/winoct03.asp
Security : 2003-Oct-4
Microsoft issued a patch to fix a critical security hole in its Internet Explorer
5.01, 5.5 and 6.0 which was supposed to be patched in an earlier fix, but wasn't.
Customers are advised to download this Cumulative Patch for Internet Explorer
(828750) at their earliest convenience.
www.microsoft.com/technet/security/bulletin/ms03-040.asp
Security : 2003-Sep-29
It is very likely that two new viruses will emerge within the next two weeks,
one spread through Microsoft MSN Instant Messenger, the other is an improved version
of MBlaster virus that has some bug fixes and also exploit a newly discovered
flaw in Microsoft Windows 2000 and XP. We advice our clients to update all potentially
vulnerable systems with the latest Microsoft patches.
Virus : 2003-Sep-19
"W32.Swen.A@mm" is a mass-mailing worm that arrives as an attachment
to an e-mail pretending to contain a patch for holes in Internet Explorer, Outlook
and Outlook Express and then mails itself off to addresses located on the victim's
computer.
The virus is spreading very rapidly because it looks very official (to the
right is one of the possible emails sent by the virus) by pretending to be a legitimate
E-mail from Microsoft or as a fix tool for a well-known virus.
It also attempts to spread through file-sharing networks, such as KaZaA and
IRC, and will attempt to de-activate antivirus and personal firewall programs
running on the computer.
Download Norton Antivirus Definition
UPDATE : Microsoft DOES NOT attach
any executable with its official emails. Infection rate has increased significantly
in Singapore and Malaysia as at 22 September 2003. Jaring and TMNet users should
be prepared for emails problems, and possibly overall Internet performance degradation
over the next few days.
Security : 2003-Sep-11
This is an urgent alert: Microsoft issued a patch to fix a critical security
hole in the following versions of its Windows Operating Systems:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server(r) 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
These are critical vulnerabilities similar to
those that the M.Blaster virus exploited. For more information:
www.microsoft.com/technet/security/bulletin/ms03-039.asp
Virus : 2003-Aug-21
Yet another virus, known as "W32.Sobig.F@mm", attempts to turn infected
machines into open email relays. This worm virus spreads by emailing itself out
to potential victims. Its infection rate has became the highest in history for
an email virus, even though it was quite low when it first came out two days ago,
possibly due to the increased awareness of the public by the MBlaster worm virus.
The worm de-activates on September 10, 2003. The last day on which the worm
will spread is September 9, 2003.
Download Norton Antivirus Definition
"W32.Sobig.F@mm" Removal Tool
UPDATE : Although this virus is gradually dying
off in the US and Europe, we have observed infection rate in Singapore and Malaysia
going up significantly as of 3 September 2003. Unlike the large US ISPs such as
AOL, MSN, Hotmail and Yahoo, the local ISPs are not as eager to block this virus.
Both Jaring and TMNet users should expect some difficulty with emailing soon.
Security : 2003-Aug-21
Microsoft issued a patch to fix a critical security hole in Internet Explorer.
For more information:
www.microsoft.com/technet/security/bulletin/ms03-032.asp
Virus : 2003-Aug-19
A new worm virus "W32.Welchia.Worm" is spreading rapidly in Asia
in the same fashion as the MBlaster virus, but in a new twist, this is actually
a well-intention virus that aims to clean up the MBlaster virus by automatically
download the patch from Microsoft Windows Update site. However, this virus will
only do that if you are running the Japanese or Chinese version of the affected
Microsoft Operating Systems.
Although this virus will self-destruct in 2004, it is far more aggressive in
replicating itself and actually causing more damage than the MBlaster worm by
overloading the ISPs backbone; both Jaring and TMNet are affected.
Download Norton Antivirus Definition
"W32.Welchia.Worm" Removal Tool
Virus : 2003-Aug-12
!! WARNING !! This is both a virus and a security
alert: a new worm known as "W32.Blaster.Worm" will attempt to infect
the victim's computer via a known DCOM RPC vulnerability as described in our July
17 and July 30 alerts.
Because of inefficiency in the worm, it may crash the infected computers intermittently,
but we expect a new and improved version of this worm to appear in around two
weeks time.
Norton Antivirus definition file dated 11-Aug or later will correctly detect
this virus.
Download Norton Antivirus Definition
"W32.Blaster.Worm" Removal Tool
UPDATE 1 : We have observed an increasing scanning
rate since 13 August, 9:00AM, indicating that this worm is infecting more and
more computers in Malaysia. Even if your computer is not infected, you should
expect your Internet connection to slowdown significantly over the next few days,
as more and more computers become infected and start searching the Internet for
its next victim.
UPDATE 2 : Two new variants of the worm have been
identified as at 14 August. These variants specifically target Windows 2000 and
Windows XP machines.
Virus : 2003-Aug-1
Please be aware that the "W32.Mimail.A@mm" worm virus is spreading
at an alarming rate. It emails itself to the potential victims with the following
characteristic:
Norton Antivirus definition file dated 1-Aug or later will correctly detect
this virus.
Download Norton Antivirus Definition
"W32.Mimail.A@mm" Virus Removal Tool
Security : 2003-Jul-30
This is an urgent update to our security alert published on July 17.
A hacker group in China called XFocus has posted sample exploit code for the
vulnerability patched by Microsoft Security Bulletin MS30-26. The existence of
sample code makes it easier for an active exploit to be developed and released
into the wild, Microsoft therefore urges its customers to immediately
apply the patch, available
here.
Security : 2003-Jul-25
Microsoft issued a patch to fix a critical security hole in its DirectX engine.
For more information:
www.microsoft.com/technet/security/bulletin/ms03-030.asp
Security : 2003-Jul-17
Microsoft issued a patch to fix a critical security hole that could allow an
attacker to take control of computers running the following operating systems:
Microsoft(r) Windows (r) NT 4.0
Microsoft Windows NT 4.0 Terminal Services Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
For more information:
www.microsoft.com/technet/security/bulletin/ms03-026.asp
Security : 2003-Jul-11
With the proliferation of inexpensive high-speed Internet connection, we have
seen a steady rise in the number of computer system being hacked and taken over
by hackers. The latest trend is "anonymous hosting", where the hacked
PC is used to send SPAM emails or host web sites by a small program which the
hacker install. The program runs in the background and doesn't interfere with
normal operation, nor does the hacker attempt to steal information form the hacked
PC.
The result? if you have high-speed Internet link and your PC is not secured,
you may unknowingly become porn site operator.
Update : Many of these programs can be detected by most Anti-Virus software,
be sure to update your virus definition file regularly.
Security : 2003-Jul-10
Microsoft has issued a patch to fix a vulnerability which allows an attacker
to execute code of their choice. This vulnerability is considered critical and
exists in all version of Microsoft Windows operating system.
For more information:
www.microsoft.com/technet/security/bulletin/ms03-023.asp
Security : 2003-Jul-3
There is an online Web site defacement contest. The contest awards points to
vandal groups for defacing Web sites, with higher points awarded for sites that
are run on less common servers. Web servers that run on Windows systems--historically
the most common targets of defacements--may weather Sunday's storm quite well,
as the contest awards such systems the least points per defacement.
The contest awards a point for every Windows systems defaced, two points for
a Unix, Linux or BSD system, three points for any system running IBM's AIX, and
five points for an HP-UX system or Apple Computer OS X system.
The winner of the contest will be the group that defaces 6,000 servers in the
shortest amount of time.
Security Web site Zone-H.org, the largest archive of defaced sites on the
Web, expects to record between 20,000 and 30,000 Web site defacements during the
contest. Because the contest doesn't differentiate between defacements on the
same server, so-called mass defacements will be far more likely, a lot of Web-hosting
companies will be hit.
|