|
|
|
One More Windows Infection, Damage Potential |
|
|
|
|
|
|
|
|
|
|
|
Would You Disclose Your Credit Card Info For A Chocolate Bar?
- More threats for our credit
Since the credit cards contain so much information about your money, an important part of today's attacks are obviously targeting them as the hackers aim to steal users' credentials and get access to their accounts. Gunter Ollmann of Frequency X wrote that along with credit cards and identity info, the passwords are the subjects of numerous online transactions being sold for very low prices. Moreover, the security researcher reminded of a 2004 survey which revealed that approximately 70 percent of the respondents would provide their passwords for a chocolate bar, so the naivety of the users bundled with low security can result in successful attacks.
"What if I was to tell you that, today, your password is worth
something less than four cents?" Gunter Ollmann wrote. "Hidden in the murky parts of the Internet there are exchanges for passwords and other identity information. Accessible through various invite only bulletin boards and IRC channels, identity information is sold or, more commonly, exchanged for goods and services. 慖dentity |
|
|
|
|
|
|
|
|
|
|
|
Extremely Dangerous Virus Infecting Vital Windows Files!
- PE_TUFIK.H-O aims to infect Explorer.exe
There are a lot of infections available out there in the wild waiting for a vulnerable computer but today's threat is somehow special because it attempts to harm your system by itself. How does it manage to do that? It's simple: it aims to infect absolutely necessary Windows files that are vital for the Microsoft operating system. According to security vendor Trend Micro, PE_TUFIK.H-O affects most Windows versions including Windows 98, ME, NT, 2000, XP
and Server 2003. Moreover, the 'file infector' as it is named by Trend Micro, can reach your computer from another malware or as a standalone file published on a website, being downloaded with any user approval.
"This file infector may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites. Upon execution, this file infector drops several files, some of which are detected as TROJ_TUFIK.H," Trend Micro noted.
So, what files does it affect? First of all, the infection aims to reach Explorer.exe, an executable file vital for the Windows operating system. Since Explorer.exe is always opened at every system startup, the file infector will be also executed every time the Windows OS is loaded. This is a pretty smart way to avoid adding new registry entries which could be easily detected by the security tools installed on users' computers.
"It searches for all .EXE files in drives C to Z and appends its code to the target files. Trend Micro detects infected files as PE_TUFIK.H. This file infector has the capability to damage infected files, specifically files with no resource section. It also drops an AUTORUN.INF file to automatically execute its dropped copies when infected drives are accessed," the security vendor continued.
At this time, there's no confirmation concerning the antiviruses able to detect the infection and remove it but it's recommended to keep your security tools up-to-date with the latest virus definitions and updates. And keep in mind that PE_TUFIK.H-O has a damage potential set too high so it's pretty dangerous for your computer...
http://news.softpedia.com/news/E ... s-Files-71680.shtml |
|
|
|
|
|
|
|
|
|
|
|
Reminder: Don't Forget to Enable Your Antivirus While Browsing Popular Websites!
-More malware published on popular pages
A few weeks ago it was reported that multiple popular websites were infected with some sort of malware that attempted to get visitors on other dangerous pages and infect their computers. Today, security vendor Sophos reminds us that it's pretty important to keep our antivirus up-to-date with the last virus definitions and patches as a new popular website was infected
with a dangerous malware. Lao Airlines, the company that owns the affected website, is a flight reservation page that allows Australians to look for tickets to South East Asia. According to ITnews, the malware file is published at the bottom of the page and every new visitor is redirected to a website hosted in China that attempts to download and install new dangerous files.
"If you抮e using Internet Explorer it will just lead you off to the malicious site. It抯 an indicator of how pervasive this rubbish is becoming. Lao Airlines have become victims and we抮e communicating with their IT department at the moment through our Singapore offices. You can抰 assume it抯 going to be cool, you have to make sure you are protected," Sean Richmond, senior technology consultant at Sophos A/NZ said according to the same source.
In the last few weeks, the necessity of a powerful antivirus solution became a serious matter for all computer users because the threats are waiting for vulnerable computers and naive consumers that would permit them to install infections on their systems.
However, most antiviruses are already providing protection for the majority of threats embedded into such websites so you're not in danger if your computer is equipped with one of these tools.
http://news.softpedia.com/news/R ... ebsites-71751.shtml |
|
|
|
|
|
|
|
|
|
|
|
The Truth About Dangerous Antiviruses
- Vulnerable computer even with powerful antivirus?
We all knew that a powerful antivirus supposed to block threats and protect your computer can turn into a serious danger for your computer due to several reasons. But as Sergio Alvarez and Thierry Zoller, N.runs security researchers, stated, the vulnerabilities discovered in the antivirus technologies can be easily used by hackers to exploit an affected system. SecurityFocus informed that the two security experts discovered no less than "80 parsing vulnerabilities in
various antivirus products," a matter that should really raise concerns among the security vendor that aim to protect users' computers.
"Current AV DiD (antivirus defense-in-depth) implementations define 'the worst possible way' an antivirus product may fail as 'Fails to detect a threat' or 'Fails to detect a virus,' whereas in reality the worst possible way is a more severe one: Compromise of the underlying OS (operating system) through the antivirus engine," the two researchers stated according to SecurityFocus.
The report published by Sergio Alvarez and Thierry Zolller and uploaded on the N.runs' official page includes numerous antivirus-related details as well as traditional facts which should not be trusted by the consumers. For example, "Antivirus Software is secure," "I use Antivirus Software, I will not get infected" or "My Antivirus Software detects even unknown viruses" are only old myths which are pretty silly these days.
Now we're sure that a simple vulnerability discovered in one of our powerful antivirus technologies can make the application meant to protect our computers really dangerous for the data stored on them. Certainly, we also need an experienced hacker to be able to exploit the flaws but since there are numerous websites and communities talking about them, the attackers can stay up-to-date with the latest security glitches with ease.
Just one tiny piece of advice: keep your antivirus updated with the latest virus definitions and don't forget to apply the latest patches as soon as possible because they are always meant to correct the newest issues discovered in the applications.
http://news.softpedia.com/news/T ... viruses-71841.shtml |
|
|
|
|
|
|
|
|
|
|
|
Symantec and McAfee NOT the Best Antiviruses!
- Sophos provides the best security tools, a new study reveals
You might be tempted to believe that Symantec, McAfee, ESET, Kaspersky or Softwin Labs provide the best antiviruses on the market. In fact, it's well known that these solutions have millions of consumers as they offer very powerful antivirus utilities. But (yeah, I know, there's always a 'but'), a recent research conducted by Cascadia Labs revealed that the technologies mentioned above are NOT the best solutions on the market when it comes to certain aspects of the antiviruses. The lucky (or maybe |
|
|
|
|
|
|
|
|
|
|
|
Which anti-virus?Sophos beats McAfee and Symantec in an independent product review
Sophos outperformed Symantec and McAfee in installation anddeployment, usability and management, scanning performance andeffectiveness against day-zero threats. It matched Symantec and beatMcAfee in basic effectiveness, and was rated the best endpoint securityproduct in the review overall.
 Download review:
Read the full product comparison report from Cascadia Labs
 Lessthan adequate ... Companies looking to simplify their overall securityapproach will likely find the McAfee environment daunting. | 
[Sophosis] a natural choice for enterprises looking for a well integratedendpoint security suite that is effective against day-zero threats. | 
[Symantec] doesn't match Sophos in terms of day-zero effectiveness, usability, or scanning performance. |
Which products were reviewed?Independent reviewer, Cascadia Labs,compared the three leading endpoint security software packages forlarge businesses from industry-leaders: McAfee Total Protection forEnterprise, Sophos Endpoint Security and Control 7.0, and Symantec Endpoint Protection 11.0.
Sophos product is best overallOverall, Sophos was rated the best product in the review, scoringfour out of five - beating both Symantec and McAfee in four of the sixcategories.
Effectiveness of malware detection: Sophos catches more day-zero threats
Sophos clearly beat McAfee and Symantec in detecting day-zero malware -catching 97 of 100 new threats overall, compared to 82 and 58 caught bySymantec and McAfee respectively. Sophos detected 86% of this malware prior to execution, compared to 43% for McAfee and 51% for Symantec.
Cascadia attributed this success to Sophos pre-execution HIPS capabilities, including [url=http://sophos.com/security/topic/behavioral-protection.html]Behavioral Genotype |
|
|
|
|
|
|
|
|
|
|
|
emmm... 1 soalan simple....
ape worst case scenario utk virus, spyware, malware, ngan ware-ware ni?
dan, ape probability scenario ni melanda seseorang... huhuhu |
|
|
|
|
|
|
|
|
|
|
|
Reply #28 aku_EnSeM's post
virus will harm all ur operating system in computer.. kira bagi lumpuh la semua system-system program untuk run ada gak yang sampai takleh masuk windows.. walaupun dah format masuk windows fresh pun benda tu ada lagi huh semua data-data kena kacau kalau company lagi teruk silap-silap boleh bankrap company tu....
kalau asyik kongsi-kongsi thumdrive, masuk web-web 'kurang bersih' probability nak kena infected memang tinggi.. |
|
|
|
|
|
|
|
|
|
|
|
Reply #28 aku_EnSeM's post
ami dah jawab dengan jayanya tahniah |
|
|
|
|
|
|
|
|
|
|
|
Freeware Antivirus to Get New Security Features
- AVG buys Exploit Prevention Labs
Security company Grisoft, the owner of the famous AVG antivirus, announced the acquisition of Exploit Prevention Labs, another security vendor, which would bring several new features to the freeware antivirus. The terms of the deal
were not disclosed, but the two companies said that the transaction was supposed to be finalized by December 31, 2007. Grisoft has become a well-known company, due to its free AVG software, a freeware antivirus that allows users to protect their computers from infections, without paying for it.
"Unsafe hyperlinks and the poisoning of legitimate websites represent one of the biggest threats facing computer users since the advent of viruses," said J.R. Smith, CEO of Grisoft.
"The research and technology behind Exploit Prevention Labs |
|
|
|
|
|
|
|
|
|
| |
|
Author
Post time 30-11-2007 08:31 PM
