Virus : 2005-Dec-10
Finnish security firm F-Secure has cracked a code used by the Sober
worm, the rapidly mutating and the most prolific worm of 2005 that
accounts for more than half of all infections in Malaysia and Singapore.
What F-Secure found was that the worm is capable of laying dormant,
downloading new variants of itself regularly, and yet be remotely
controlled by its creator.
The latest variant is hard-coded to re-activate itself on 5 January.
Spyware : 2005-Nov-23
Two viruses are spreading rapidly, targetting computers running
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows
Server 2003, Windows XP.
The Sober and Mytob viruses have infected many PCs in Europe, Singapore
and Malaysia. Expect overall degradation of Internet services as
the infected machines trying to email the virus out.
Do update your virus definition.
Download Symantec Antivirus Definition
If you suspect your PC are infected, you may try running the following
tool to scan for and remove this virus.
Sober Removal Tool
Mytob Removal Tool
UPDATE 2005-11-25 : Half of the traffic
in Malaysia is consumed by virus-carrying emails, significantly
impacting network performance.
Virus : 2005-Nov-12
If you use your computer to play audio CD, your PC may be vulnerable
to attack.
In attempting to stop CD copying, Sony quietly introduced its own
copy-protection software on its audio CDs. Called XCP (Extended
Copy Protection), the software automatically installed itself on
Windows XP computers when the CD is played. However the software
is flawed, allowing the computer to be controlled remotely by hackers.
Sony has decided to stop shipping the product.
UPDATE 2005-11-14 : Microsoft announced
that it would update Windows AntiSpyware, Malicious Software Removal
Tool, and the online scanner on Windows Live Safety Center to detect
and remove the Sony XCP rootkit software. Detection and removal
of the rootkit component will also be in Windows Defender, part
of Windows Vista.
Network : 2005-Nov-10
There have been reports of intermittent problems with Telekom's
ISDN line and ADSL lines.
Expect overall Internet performance degradation in the coming weeks.
UPDATE 2005-11-20 : We have found
one of the problem with TM Net's network. The primary DNS server
202.188.0.133 has not been able to reliably provide name resolution.
Ther result manifest itself into slow Internet access (multiple
name server needs to be queried) and spotty accessability (DNS sever
time-out). To temporarily workaround this problem, you may try lowering
the metric of 202.188.0.133 so that it is queried last.
Virus : 2005-Aug-18
The intitially tamed Zotob virus is mutating rapidly to exploit
a critical weakness in Microsoft Windows 2000. Microsoft has made
available a free software tool to help victims of the worms clean
their systems. The cleaning program is an updated version of Microsoft's
Windows Malicious Software Removal Tool.
Please perform Windows Update immediately as the virus variants
are becoming more potent with each new incarnation.
Please also note that as Microsoft has begun the practice of releasing
its Security Bulletin Summary in a rather regular fashion, we will
not post any of these reminders in our "Alert" section.
UPDATE 2005-08-26 : The Zotob worm
first surfaced one week after Microsoft acknowledged the weakness
in its Windows 2000 Operating System. In less than two weeks, the
worm had mutated from a nuisance that infected less than 100 PCs
to vicious variants that brought down servers in more than 100 large
organizations, including CNN, New York Times, ABC News. A team of
50 people started analyzing the worm, and managed to trace its origin
to two men, Farid Essebar, 18, of Morocco, and Atilla Ekici, 21,
of Turkey. The Federal Bureau of Investigation and Microsoft announced
that they had arrested the two suspects in Turkey.
Network : 2005-Aug-12
We are beginning to observe some very strange behavior with TMNet's
Streamyx routing.
While it goes without saying that TMNet will assign an IP address
to the ADSL modem for Streamyx subscribers with dynamic IPs, the
address that you get will affect your connection. Specifically,
if the IP has a subnet mask of 255.0.0.0, it is likely that the
reply packets from certain IPs will be lost. If the subnet is 255.255.255.0,
you have a better chance of establishing a more meaningful connection.
The problem does not affect you if the connection is primarily
used for surfing the web, as Streamyx uses transparent proxy to
cache web data.
Security : 2005-Aug-2
There is a vulnerability found in Cisco's devices that run its
IOS software. A IPv6 loophole has been found that allows an attacker
to reset the device, making the network inaccessible. The same vulnerability
also allow a skillful attacker to take control of the device.
This security issue is significant because most organizations in
this region are confident that their Cisco's devices are secured,
and therefore do not actively patch the devices; and that many organizations
do not have the expertise to patch a Cisco device.
You should either install the patch from Cisco, or at least disable
IPv6 to avoid this vulnerability.
System : 2005-June-24
Our systems had registered numerious mini blackouts in Johor Bahru
since June 22nd, 12:15PM. Power line condition were generally very
poor in and around the city, and were extremely poor in the industrial
areas.
The power instability could cause system to crash or even destroy
low-grade power supply unit. You should install good UPS and Surge
Protector to prevent extensive damage to your hardware.
In addition, international Internet link seems to be very unstable.
UPDATE 2005-07-06 : These rounds of
blackouts have taken its toll. As an indication of how poor the
power quality is: within the past week alone, four of our UPSes
were burnt out, one server crashed. We had also noted the general
instability of all Internet connections.
|