security news(berita baru ttg AVG post 31)

Mehacomp_91 · Post time 19-11-2007 11:58 PM

Assalamualaikum dan salam sejahtera

meha cadangkan siapa-siapa yang ada latest news tentang security,threat,security software update atau apa-apa news yang berkenaan dengan bod virus ni,post kat sini.

selamat berposting

sebagai permulaan meha start dulu

[ Last edited by Mehacomp_91 at 6-12-2007 01:46 PM ]

Mehacomp_91 · Post time 19-11-2007 11:59 PM

New Virus Takes Advantage of Windows Vulnerabilities
- That抯 why it抯 better to keep your Windows up-to-date with the latest patches

I told you it抯 better to keep your Windows up-to-date with the latest fixes because you can avoid several problems but this time, it抯 pretty necessary to do so. Security vendor Trend Micro released a notification concerning WORM_JALOUS.AI, a new threat targeting the Windows computers and especially the vulnerabilities found in the Microsoft operating
system. The security company confirmed the infection targets Windows 98, ME, NT, 2000, XP, Server 2003 and rated the damage potential as medium. It seems that the worm can be downloaded by a user without his approval while visiting a dangerous website.

"Upon execution, this worm drops several files, which Trend Micro detects as WORM_JALOUS.AI and WORM_DLOADER.SZW. The said dropped files may be injected into certain running processes. This worm then creates a registry entry to enable its automatic execution at every system startup," Trend Micro wrote in the advisory.

The worm attempts to exploit the Microsoft Security Bulletin MS06-040 vulnerability, obviously on the unpatched systems. Microsoft urged the customers to download and install this patch as it is considered critical, affecting several Microsoft solutions such as Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2, Microsoft Windows XP Professional x64 Edition, Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1.

Trend Micro revealed that WORM_JALOUS.AI already infected a number of computers, many of them belonging to Asians, according to the security company, approximately 30 infected systems being located in China.

Sure, the worm has only a low overall risk rating, but it抯 always very important to keep your operating system up to date with the latest patches and fixes released by the developers. This is just an example of what might happen if your computer is vulnerable to attacks due to some Windows security holes.

http://news.softpedia.com/news/New-Virus-Takes-Advantage-of-Windows-Vulnerabilities-71244.shtml

Mehacomp_91 · Post time 20-11-2007 12:00 AM

Silly Worm Aiming to Infect USB Devices
- W32/SillyFDC-BK targeting Windows computers

Security vendor Sophos today released an advisory concerning W32/SillyFDC-BK, a new Worm which aims to infect the USB devices connected to the computer and spread every time the infected device is connected to a clean system. Sophos wrote the Worm attempts to install itself in the
registry as it only affects the Windows operating systems. There抯 no other information about which versions of Microsoft抯 operating systems are targeted by the infection so I guess all of them are affected since it attempts to add a new registry entry. The company抯 security tools provide protection for W32/SillyFDC-BK since November 19 so in case you抮e a Sophos customer, you抮e fully protected against it.

The Worm continues a new trend in the IT security market where more and more infections attempt to propagate through removable drives. However, it抯 interesting to analyze the way they manage to hide themselves into an infected computer, W32/SillyFDC-BK being just one of the numerous examples available out there.

"When run W32/SillyFDC-BK copies itself to krag.exe and sets the following registry entry to run itself on startup:

CODE
HKLM - SOFTWARE - Microsoft - Windows - CurrentVersion - Run

W32/SillyFDC-BK spreads via removable shared drives by copying itself to krage.exe and creating the file autorun.inf (detected as W32/Agent-FOW). The file autorun.inf is designed to run the worm when the removable drive is connected to an uninfected computer," Sophos wrote in the security advisory rolled out today.

A worm can be easily removed with one of the numerous security solutions available on the market so it shouldn抰 be a problem for you to remove the infection (in case you got it). However, some of these worms have the ability to harm your data and modify the information stored on the computer (they抮e not good at all, d抩h).

http://news.softpedia.com/news/Silly-Worm-Aiming-To-Infect-USB-Devices-71233.shtml

Mehacomp_91 · Post time 20-11-2007 12:01 AM

Top 10 Security Threats for 2008
- Predicted by security company McAfee

As the computer infections and threats evolve day by day, the security companies struggle to design new technologies able to block them all... although we have to admit it抯 pretty difficult to do that. Security vendor McAfee today released the top 10 predictions for computer infections in the next year, expecting an impressive increase in the web 2.0 attacks.

"Threats are increasingly moving to the Web and migrating to newer technologies such as VoIP and instant messaging," said Jeff Green, senior vice president of McAfee Avert Labs and product development. "

rofessional and organized criminals continue to drive a lot of the malicious activity. As they become increasingly sophisticated, it is more important than ever to be aware and secure when traversing the Web."

So, this is the top 10 security threats for 2008 as it was presented by McAfee:

1. Web 2.0 Attacks

Mehacomp_91 · Post time 20-11-2007 12:04 AM

Dangerous Virus Delivered Through Box Office Movie Downloads
- Lust, Caution [Virus]

It happens again and this is a pretty obvious sign that the virus creators are evolving as they attempt to adapt their infections to every new event happening all over the
world. Today, Li Ting of Rising International Software Co. Ltd., told Reuters that a new virus is currently targeting the fans of "Lust, Caution" a Chinese Box Office hit which attracted lots of fans in the country. According to the same source, the movie recorded 90 million Yuan ($12.12 million) revenues in its first two weeks on the screens, being one of the most popular movies in the country.

This popularity caught the attention of the virus creators who decided to introduce infections and dangerous codes inside the websites promoting the movie and which are apparently visited by millions of users every day. At this time, the security company mentioned above discovered hundreds of malicious websites while "15 percent of download links were contaminated."

"People should be wary of Web sites that offer free downloading services because their personal passwords can be stolen," Li Ting said for Reuters. "Hackers are taking advantage of popular entertainment hotspots for movies and music to attack personal computers and spread viruses."

This piece of news is not too different from older reports concerning virus infections delivered on Halloween or on Valentine抯 Day. Moreover, some websites were entirely hacked to inject malicious code. NHL抯 website was compromised by a group of attackers who attempted to distribute infected files to millions of users who access the page every day. Sure, you can always protect your computer with an up-to-date security solution which would be able to discover and block every new threat used by the hackers to compromise visitors

Mehacomp_91 · Post time 20-11-2007 12:06 AM

Norton, McAfee and Kaspersky Fighting for Seagate抯 HDD Security
- Improved security for Seagate抯 hard drives

The short story so far: Seagate delivered approximately 1,800 Maxtor Basics 3200 hard-drives which were apparently infected with a dangerous Trojan attempting to steal users

Mehacomp_91 · Post time 20-11-2007 07:55 AM

Antispyware Protection

kmkd · Post time 20-11-2007 09:34 AM

Cybersquatters, phishers sharpen tactics for holiday season

By Robert Westervelt, News Editor
19 Nov 2007 | SearchSecurity.com

Cybersquattersand phishers have beefed up their tactics for the holiday season makingit difficult for online shoppers and frustrating for many businesses,according to analysts at MarkMonitor, a firm that tracks company brandabuse on the Internet.
The company conducted a four week analysis in September to determinethe state of brandjacking

kmkd · Post time 20-11-2007 11:11 PM

apasal aku rasa aku sorang je dalam ni.. ni nak keluar ni

Mehacomp_91 · Post time 20-11-2007 11:37 PM

meha baru ni boleh masuk forum tadi kenapa forum jadi unable to connect

Mehacomp_91 · Post time 21-11-2007 12:26 AM

And Here Is TROJ_CLICKER.QV Trying to Damage Your Computer
- New Trojan horse in the wild

Even if the Trojan files are tending to become pretty inoffensive for our computers due to extraordinary antivirus features, this is a brand new infection which might attempt to damage our systems. TROJ_CLICKER.QV was discovered by security vendor Trend Micro which rated the Trojan抯 damage potential as medium, revealing that it affects Windows 98, ME, NT,
2000, XP, Server 2003. Although the overall risk rating is set too low, TROJ_CLICKER.QV can represent the easiest way to infect somebody抯 computer by simply installing a vulnerable system and make way for other threats.

"This Trojan is dropped by other malware. It can also be downloaded unknowingly by a user when visiting malicious Web sites. It accesses URLs to download files. As a result, malicious routines of the downloaded files may be exhibited on the affected system," Trend Micro wrote in the security notification released today.

According to the same vendor, the Trojan horse managed to reach only a few computers as approximately 4 Asian systems were reported to be infected.

It抯 not too difficult to disinfect an affected computer since most antiviruses already provide protection for this kind of Trojan but please note that without a security application, your data is in real danger. And don抰 forget you can easily bring this threat on your system by visiting a malicious page which installs the infection without any notification to the visitor. As you can see, this is only the beginning of a tragedy as TROJ_CLICKER.QV is able to bring more and more malicious files on your computer.

Trend Micro stated that the malicious website which is used to transfer additional files on an affected computer was down at the time of releasing the security notification. However, you抮e still vulnerable to attacks so go and get one of the security applications listed on Softpedia to defend your information.

http://news.softpedia.com/news/A ... omputer-71376.shtml

[ Last edited by Mehacomp_91 at 21-11-2007 12:30 AM ]

kmkd · Post time 21-11-2007 08:55 AM

There's a serious glitch in how applications from a variety of vendors process audio FLAC files, opening the door for attackers to hijack vulnerable computer systems, according to eEye Digital Security and the United States Computer Emergency Readiness Team (US-CERT).

FLAC (Free Lossless Audio Codec) is an audio format similar to .mp3 files but lossless, meaning the audio is compressed in FLAC without a loss in quality. The format works in similar fashion to .zip files, though FLAC is designed specifically for audio.

Researchers with Aliso Viejo, Calif.-based eEye discovered 14 flaws in the FLAC library and turned to US-CERT for help in notifying all the affected vendors when it became clear the list was too long for one organization to handle alone, said Andre Protas, eEye's director of research and preview services.

US-CERT said in its advisory that the flaw affects such vendors and programs as America Online, Cog, dBpoweramp, Foobar2000, jetAudio, PhatBox and Yahoo!

Once all the affected vendors were notified, he said, eEye and US-CERT decided to release details of the flaw. According to the eEye advisory, processing a malicious FLAC file within a vulnerable application could result in the execution of arbitrary code at the privileges of the application or the current user, depending on the operating system. The problem is that applications mishandle metadata values from malformed files.

"Attackers could send out a malicious FLAC file by email and once you click it, the attacker can install Trojans and other malware on the machine," Protas said in an interview Tuesday. "Most of the vulnerable vendors don't have the means to fix this within their products, so it's up to the user to apply the updated version."

It turns out that libFLAC 1.2.1 was released in September to address the issue for most vulnerable applications, but many vendors that were using libFLAC within their media applications or using their own homegrown FLAC file parsers had not been informed that their FLAC file parser was vulnerable, Protas said.

Danish vulnerability clearinghouse Secunia said in its SA27210 advisory that the issue is moderately critical and is due to various errors -- integer overflow errors, double-free errors and boundary errors in various components when processing FLAC media files.

SearchSecurity.com

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1283042,00.html?asrc=WGT_YWIN

[ Last edited by kmkd at 21-11-2007 08:57 AM ]

kmkd · Post time 21-11-2007 09:01 AM

http://forum3.cari.com.my/viewth ... &extra=page%3D1

kmkd · Post time 21-11-2007 09:05 AM

aku cadang kat kau meha, security news ni kau arrange ikut bulan.. buat katalog.. hehe
nanti dah lama2 senang la dilupuskan.. tak la berlambak2 thread yang tak aktif.. amacam, ok tak?