Interop security highlights caught on video; Mozilla Messaging patches Thunderbird; more

Patches from Mozilla, Akamai, Debian Google adwords fuel new URL attack Microsoft hack pack spells trouble, and other interesting reading

Mozilla Messaging patches Thunderbird bugs
Mozilla Messaging, a subsidiary of the nonprofit Mozilla Foundation, yesterday patched five bugs in its Thunderbird e-mail client to fix flaws that were disclosed more than a month ago. Computerworld, 05/02/08.
**********

iDefense warns of flaw in Akamai Download Manager
A design error in Akamai's Java-based Download Manager tool could be exploited to run malicious code on an affected system. Akamai has released a patch for the the flaw.
**********

Three new updates from Debian:

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Mozilla Messaging patches Thunderbird bugs
Mozilla Messaging, a subsidiary of the nonprofit Mozilla Foundation, yesterday patched five bugs in its Thunderbird e-mail client to fix flaws that were disclosed more than a month ago. Computerworld, 05/02/08.
**********

iDefense warns of flaw in Akamai Download Manager
A design error in Akamai's Java-based Download Manager tool could be exploited to run malicious code on an affected system. Akamai has released a patch for the the flaw.
**********

Three new updates from Debian:

cpio (denial of service, code execution)

linux-2.6 (multiple flaws)

wordpress (multiple flaws)
**********

Today's malware news:

Google adwords fuel new URL attack
Google adwords account holders are being targeted by criminals out to trick them into handing over credit card information using a clever URL spoof that has gained popularity in recent weeks. TechWorld, 05/02/08.

Botnet attacks military systems
Security researchers have discovered a complex spamming scheme that hijacks users' PCs in order to attempt to send junk mail via university and military systems. TechWorld, 05/02/08.

Beware: New MSN Messenger Password Stealing Program In The Wild
A new hacking program is in circulation that lets hackers create executable files easily and with no fuss. When the victim is tricked into running the infection file, a connection is made to the attacker's PC and they can steal any MSN login details stored on the PC. The SpywareGuide Greynets Blog, The SpywareGuide Greynets Blog, 05/02/08.
**********

From the interesting reading department:

Microsoft hack pack spells trouble
Security through obscurity has never worked, and Microsoft's COFEE will encourage hackers to find the holes. Network World, 05/01/08.

How one site dealt with SQL injection attack
The massive wave of SQL injection attacks that started striking Microsoft-based Web sites around the world more than a week ago claimed as one of its victims Autoweb, a U.K.-based advertising and marketing site. Network World, 05/01/08.

7 dirty secrets of the security industry
Corporate IT executives need to beware the seven dirty secrets of the security industry that can undermine the safety of business networks, a security expert told attendees at Interop Las Vegas. Network World, 05/01/08.

100 e-mail bouncebacks? You've been backscattered.
The bounceback e-mail messages come in at a trickle, maybe one or two every hour. The subject lines are disquieting: "Cyails, Vygara nad Levytar," "UNSOLICITED BULK EMAIL, apparently from you." IDG News Service, 05/02/08.

Instant messaging attacks spike in April
Instant messaging attacks leapt 162% in April according to security firm Akonix. The company tracked 21 new malicious code attacks over the month. The jump accompanies a boom in take-up of enterprise unified communications systems over the past few months, a fact that is unlikely to be a mere coincidence, Akonix said. TechWorld, 05/01/08.

Interpol: Olympics cyberattack not a major threat
With cybercrime now a global phenomenon, perhaps it will take a global police organization to keep it in check. IDG News Service, 04/30/08.