Free Republic

A PC virus has started to spread through e-mail, luring potential victims by disguising itself as a headline newsletter from CNN, an antivirus company said Thursday. E-mails laden with the virus, dubbed "Crowt.A" by Sophos, do not have a typical subject line and other characteristics, Sophos said. Instead, the virus sends out e-mail messages with subject lines, message content and attachment names drawn from the latest news headlines on CNN's Web site, which it gathers as it spreads. Very few Sophos customers have reported that they been affected by Crowt.A so far, the company said. "Virus writers are always looking...

Full text of a letter from Microsoft, in response to coverage of companies moving from IE to Firefox and other alternative browsers. InformationWeek Editor's note: the following is the full text of Microsoft's response to an InformationWeek.com poll and related story regarding Internet Explorer, and whether companies are switching to the Mozilla browser. It came from Waggener Edstrom, Microsoft's public-relations agency. You mentioned that many or the respondents in the self-selecting survey recommended against IE and that many people have said Microsoft needs to address security issues more fully. Regarding the recommendation, we're aware that some people have recommended against...

A number of high-risk vulnerabilities in Oracle's database products were announced today by Next Generation Security Software [NGSS] in what is likely the first news in Oracle Corp.'s new quarterly patching schedule. Surrey, U.K.-based NGSS said all versions of the Oracle Database 10g and Oracle 9i Database Server are vulnerable to the flaws, which include a buffer overflow vulnerability and PL/SQL injection vulnerabilities that allow low-privileged users to gain DBA privileges. The latter flaws can be exploited via the Web through the Oracle Application Server, NGSS said. Oracle has released a patch set [18/01/2005] to address these vulnerabilities. NGSS said...

A study by not-for-profit IT security testing organisation Honeynet Project has shown that, on average, Linux systems today take three months to fall prey to hackers, up from 72 hours in equivalent tests conducted between 2001 and 2002. The 2004 results came after a team of researchers set up 19 Linux and four Solaris 'honeypots' in eight countries including the UK. Honeypots are unpatched internet-connected computers designed to be targets for hackers. "Default installations of Linux distributions are getting harder to compromise," said the report. "New versions are more secure by default, with fewer services automatically enabled, privileged separation in...

A number of recent phishing sites blocked by the Netcraft Toolbar community have had a common technique of using JavaScript to create a narrow popup window, which is then placed on top of the Address bar. A fake URL is entered into the popup, using the same default font as the real address bar. The script continually checks the location of the browser window and moves the popup accordingly, ensuring that it is always placed on top of the Address bar, thus obscuring the real URL of the phishing site. The image above illustrates a live phishing site in action....

A sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor U.S. Secret Service e-mail, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities, SecurityFocus has learned. Twenty-one year-old Nicolas Jacobsen was quietly charged with the intrusions last October, after a Secret Service informant helped investigators link him to sensitive agency documents that were circulating in underground IRC chat rooms. The informant also produced evidence that Jacobsen was behind an offer to provide T-Mobile customers' personal information to identity thieves...

24 June 2004Mac OS X security myth exposedAnd thousands of other products and OSes given security rundown. By Matthew Broersma, Techworld Windows is more secure than you think, and Mac OS X is worse than you ever imagined. That is according to statistics published for the first time this week by Danish security firm Secunia. The stats, based on a database of security advisories for more than 3,500 products during 2003 and 2004 sheds light on the real security of enterprise applications and operating systems, according to the firm. Each product is broken down into pie charts demonstrating how...

It could allow an attacker to download malicious content onto vulnerable PCs (IDG NEWS SERVICE) A computer security researcher and an antivirus company are warning Microsoft Corp. customers about an unpatched hole in the company's Internet Explorer Web browser that could allow a remote attacker to bypass security warnings and download malicious content onto vulnerable systems. The warnings came after the hole was identified on the Bugtraq Internet security discussion list by someone using the name "Rafel Ivgi." The hole affects Internet Explorer Version 6.0.0, including the version released with Windows XP Service Pack 2. The vulnerability allows malicious attackers...

Tetris game hides Cellery worm Worm uses cult game to spread via email Robert Jaques, vnunet.com 13 Jan 2005 A worm, dubbed Cellery-A (W32/Cellery-A), which poses as a playable version of the classic Russian computer game Tetris has been detected in the wild, security experts have warned.The Cellery worm, which gets its name from a message it displays saying 'Chancellery', makes changes to Windows settings to ensure that it automatically runs when the operating system starts up.While the Tetris-like arcade game is running, the worm plays a MIDI music tune, and searches for other network drives and attached computers to...

# Fed up over problems stemming from viruses and spyware, more computer users are giving up or curbing their use of the Internet.

Hacker Breaches T-Mobile Systems, Reads US Secret Service Email By Kevin Poulsen, SecurityFocus Published Wednesday 12th January 2005 09:47 GMT A sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor US Secret Service email, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities, SecurityFocus has learned. Twenty-one year-old Nicolas Jacobsen was quietly charged with the intrusions last October, after a Secret Service informant helped investigators link him to sensitive agency documents that were circulating in underground IRC chat rooms....

Webroot Enlists Bots To Fight SpywareWebroot will use its bots-based system to develop anti-spyware products that can better address new threats. By Thomas Claburn,  InformationWeek Jan. 11, 2005 URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=57700343 Anti-spyware company Webroot Software Inc. Monday announced what it claims is the industry's first automated spyware research system. Called Phileas, the system relies on bots--computer programs that perform tasks in lieu of a person--that continually crawl the Web, looking for spyware, adware, and the sites that host such software. Webroot plans to use the information gathered by Phileas to develop anti-spyware products that can better address new threats. Like...

An emailed New Year photo of naked people contains a nasty shock - a worm that will turn off security protection and harvest email addresses Antivirus companies have unearthed a computer worm that hides behind an image of naked people. According to antivirus company Sophos, the naughty New Year photo message contains a mass-mailing worm, dubbed Wurmark-D, that is programmed to disable security software on host computers and send itself to email addresses stored there. "Once activated, this worm will harvest your computer hunting for other email addresses to send itself to and try and turn off antivirus software," said...

Howdy Freepers, you gotta keep those PC's clean and healthy, so I thought I'd share this with you. Microsoft has purchased Giant Corporation, makers of the powerful (and very expensive $$) Giant Antispyware suite. They have essentially repackaged the program and are now offering it free for download to the public. This is an excellent program that is continually updated for the latest spyware threats. I highly recommend it to anyone. Here is the site with download link: http://www.microsoft.com/athome/security/spyware/software/default.mspx

Microsoft on Tuesday released the year's first three security patches to Windows, including two it called "Critical," but did not patch all the vulnerabilities that have surfaced in the last several months. "These are exactly what we expected this month, a couple of patches against threats that are 'wormable'," said Mike Murray, the director of research at nCircle, the vulnerability management vendor whose flagship product is IP360. The first critical flaw is in Windows Server 2003, and in Windows 98, Me, 2000, and XP, including Service Pack 2, the security update that Microsoft rolled out last October. The ancient Windows...

Downloads malicious application when video files are runSecurity experts have intercepted two malicious Trojans hidden in video files that download and install spyware, diallers and computer viruses when played in Microsoft Windows Media player. PandaLabs warned that Trj/WmvDownloader.A and Trj/WmvDownloader.B, are spreading through P2P networks hidden in video files. These Trojans take advantage of technology incorporated in Microsoft Windows Media player called Windows Media Digital Rights Management (DRM), designed to protect the intellectual property rights of multimedia content. When a user tries to play a protected Windows media file, this technology demands a valid licence. If the license is...

E Flaw Exploited Security firm identifies exploit technique for known browser hole. Matthew Broersma, Techworld.com Friday, January 07, 2005 Internet Explorer has become an even bigger security risk--even under Windows XP SP2--with the publication of a new and extensive exploit. Advertisement Security researchers have warned that the exploit, which takes advantage of known loopholes in SP2, could allow an attacker to run script code on a user's system via a specially crafted Web page. Known Hole The holes involved have been known publicly for more than two months, but previous exploit techniques required the user to take actions such as...

Paint your house to shield your WiFi As wireless networks have proliferated, computer security companies have come up with increasingly complex defenses against hackers: password protection, encryption, biometrics. Insulating the interior of a house, apartment or office from radio-wave interference is a simpler concept that has yet to become a popular consumer strategy, but a new product called DefendAir from Force Field Wireless could change that. Available online at forcefieldwireless.com, the product is a latex house paint that has been laced with copper and aluminum fibers that form an electromagnetic shield, blocking most radio waves and protecting wireless networks. Priced...

Secunia recommends users drop IE and use an alternative browser. "Although hundreds of millions of dollars have been spent on securing SP2, perfection is impossible," the security firm said in a statement. Millions of Internet Explorer 6 users are at risk from three "extremely critical" security holes that give hackers open access to PCs running the browser -- even if Windows XP Service Pack Two has been installed. The first issue centers on the browser's drag-and-drop capability, which does not validate new files correctly. This means that, potentially, a document downloaded from a Web page using drag and drop may...

The Register » Security » Network Security » Original URL: http://www.theregister.co.uk/2005/01/10/ie_sp2_exploit/Exploit code attacks unpatched IE bug By John Leyden (john.leyden at theregister.co.uk) Published Monday 10th January 2005 12:08 GMT Code which exploits a vulnerability in the HTML Help control of Internet Explorer has been released onto the net. Secunia has upgraded the vulnerability (http://secunia.com/SA12889), uncovered in October 2004, to "extremely critical". Even users who have upgraded to Windows XP SP2 with all available patches are affected, the security reporting firm warns. "The vulnerability can be exploited by malicious people to place and execute arbitrary programs on a client system if a...