Security : 2005-June-15
Microsoft has released its Security Bulletin Summary for June,
2005 in which four of the updates are rated as "Critical".
Please update your Operating System and Internet Explorer accordingly.
http://go.microsoft.com/fwlink/?LinkId=49236
Security : 2005-June-13
There is a spam campaign that claims that pop star Michael Jackson,
on trial on sex abuse charges, has attempted suicide.
The spam is an attempt to lure users to a website which secretly
installs malicious code onto their PCs. The code then instructs
the PC to download a Trojan.
The spam emails is following:
Security : 2005-May-10
Two security holes has been found in the latest version of Firefox.
The vulnerabilities could allow hackers to implant code in a Web
page that would create a batch/exe file with a malicious payload
such as a Trojan or key-logger on the PC.
The security holes were partially patched; full solution to these
potential vulnerabilities will be provided in a forthcoming security
update.
In the mean time, users can temporarily disable JavaScript or disable
the 'Allow websites to install software' option in Tools > Options
> Web Features."
Virus : 2005-MAr-9
A new virus targeting Nokia's Series 60 smartphones have been discovered
in Russia. After a phone is infected, the "Commwarrior"
virus sends itself out as an attachment to MMS message, without
needing the user's permission.
Users are adviced not to install any applications that arrive in
MMS messages.
Virus : 2005-Feb-2
The on-board computers of several Lexus models in the United States
had been infected via cellphones using Bluetooth. Specifically,
models LX470 and LS430 have been discovered with infected operating
systems, these infected cars will attempt to infect others within
the transfer range of 15 feet. The virus only affects the satellite
navigation system.
Lexus LX-series are based on the Toyota Landcruiser 100 and LS-series
are known as Toyota Celsior in Japan.
Virus : 2005-Jan-29
Jeffrey Lee Parson, 19, of Minnesota, USA, has been sentenced to
18 months in a minimum security prison and 10 months community service
by a US District Court for releasing the Blaster-B Internet worm
that attacked Microsoft's web site.
FBI agents arrested Parson at his home in Hopkins, Minn., in August
2003, just two weeks after his "MSBlast.B" variant began
to tunnel into Microsoft Windows-based computers. FBI claimed that
his variant of the worm infected approximately 48,000 computers
that had not yet applied an earlier released patch, causing an estimated
USD1.2 million in damage.
However, Parson - who went by the online handle of "Teekid"
- was not the original author of the "Blaster" worm. He
obtained the source code to the original 'Blaster' worm, modified
it, and included a link inside his modified worm to his web site
where he made viruses available for download alongside lyrics for
songs by Judas Priest, Megadeth and Weird Al Yankovic.
Virus : 2005-Jan-29
A New Worm called 'MySQLbot' targets Windows version of MySQL programs
and databases. MySQL is a freely available open source database
system that is used by many web sites.
The worm takes advantage of the publicly released "MySQL UDF
Dynamic Library Exploit" to break into the open-source MySQL
package. It attempts to authenticate into the server as root by
brute-force, using a list of passwords. Once a database is hijacked,
infected systems will connect to an IRC (Internet Relay Chat) server
and retrieve propagation instructions.
If you are using MySQL database, be warry of the file 'SpoolCLL.exe'.
You should use stronger passwords and make sure your firewall is
configured properly.
Scam : 2005-Jan-13
We listed in our news section on September 23, 2004 that Ireland
blocked direct international call (IDD) to 13 countries to protect
its Internet users from an Internet scam.
The scam involved luring users to download a self-install dialer
program. Instead of dialing the local ISP numbers (for example,
1511 for Jaring, 1515 for TMNet), the dialer makes an international
call and access the Internet via a foreign ISP, resulting in exorbitant
phone bills at the end of the month.
Now the latest update: a number of people in Malaysia are affected
as well and had complained to Telekom Malaysia. Telekom Malaysia
has not indicated that it will waive the IDD charges, instead it
points out that the IDD calls are made to a server that serves adult
content.
Spyware : 2005-Jan-7
Microsoft bought antispyware vendor Giant Software Company in December
2004, and said it would begin giving away an improved tool to remove
worms and viruses from its customers' computers.
On Thursday it released a free trial copy of its Windows AntiSpyware
product, it is also releasing a free malicious-software removal
tool that consolidates earlier software tools for eradicating the
Blaster, MyDoom, and Sasser worms. The removal tool will be updated
each month to detect and remove other threats as they appear.
Windows customers will be able to receive the malicious-code removal
tool through Windows Update and the Windows Automatic Update features.
Spyware and other unwanted software refers to software that performs
certain tasks on your computer, typically without your consent.
This may include giving you advertising or collecting personal information
about you.
Download
the free Microsoft Windows AntiSpyware (Beta)
|