You are previewing premium content. Just when you though the Storm was over
Patches from Ubuntu, Debian, Mandriva, others Trojan adware hiding in MP3s, McAfee says Misbehaving software mistaken for data breach, and other interesting reading
Mozilla: Firefox plugin shipped with malicious code
Mozilla warned Wednesday that a malicious program inserted adware code into a Firefox plugin that has been downloaded thousands
of times over the past three months. Because of a virus infection, the Vietnamese language pack for Firefox 2 was polluted
with adware, Mozilla security chief Window Snyder said.
Mozilla Security Blog: Compromised file in Vietnamese Language Pack for Firefox 2
**********
Adobe breaks silence on February's PDF bugs
Three months after acknowledging multiple vulnerabilities in its popular Reader software and then patching the program, Adobe
Systems Inc. yesterday finally provided some details about the bugs.
Read Adobe's advisory
**********
Half dozen new patches from Ubuntu:
OpenOffice.org (multiple flaws)
KDE (denial of service, code execution)
CUPS (denial of service, code execution)
Thunderbird (multiple flaws)
**********
Four new updates from Debian:
b2evolution (input checking, cross-scripting attack)
blender (buffer overflow, code execution)
**********
Four new fixes from Mandriva:
kdelibs (denial of service, code execution)
emacs (non-secure temp files, file overwrite)
OpenOffice.org (multiple flaws)
**********
Four new patches from Gentoo:
X11 terminals (privilege escalation)
phpMyAdmin (information disclosure)
Horde Application Framework (multiple flaws)
kdelibs (denial of service, code execution)
**********
Today's malware news:
Storm Worm - Still Evolving
No sooner had various agencies commented on the reduction of the size of the Storm network than we started seeing signs of
another wave of malware in the offing. Symantec Security Response blog, 05/05/08.
Trojan adware hiding in MP3s, McAfee says
Adware pushers have found a new way to trick you into downloading their annoying products: fake MP3 files. On Tuesday, security
vendor McAfee reported that it's seen a huge spike in fake MP3 files spreading on peer-to-peer networks. IDG News Service,
05/06/2008.
Web attack worm on a rampage
The Internet Storm Center, which tracks online threats, warned Wednesday that a worm is infecting vulnerable Web sites with
a database attack. Though relatively small by Web attack standards with about 4,000 reported infected sites, the assault adds
invisible code to a site that can force. Computerworld, 05/07/2008.
Neosploit Updated to Include an Acrobat Exploit
On about April 18th, Symantec's DeepSight honeypots began capturing a new iteration of the Neosploit exploit toolkit. It appears
that the pervasive exploit kit has been updated to take advantage of a circa February 2008 vulnerability in Adobe Acrobat
Professional and Reader. Symantec Security Reponse blog, 05/05/2008.
BBB Case #947344536
We're seeing some new BBB trojan attacks going around. This attack method is well-known and has been occurring for months:
A high-level executive inside an organization receives an e-mail that mentions a complaint supposedly made to the Better Business
Bureau (USA). F-Secure Antivirus Research blog, 05/05/08.
**********
From the interesting reading department:
Misbehaving software mistaken for data breach
The University of Colorado at Boulder last week thought it had identified a data breach involving three computers, but a forensics
exam indicated it was a false alarm. Network World, 05/07/2008.
Hacker marketplace to help build 0day appliance
WabiSabiLabi, the company best known for building an online marketplace for security flaws, is getting into the hardware business.
The company is working with an unknown Italian company called Oneshield Security to build a unified threat management (UTM)
appliance that will integrate the research generated by WabiSabiLabi's network of researchers. IDG News Service, 05/06/2008.
0day treasure hunt: researcher hides IE attack on Web
Security researcher Aviv Raff has published code that would allow someone to take control of a computer running Internet Explorer,
but there's a catch. He's not saying exactly where he's hidden the attack. IDG News Service, 05/07/2008.
It's A Trap!
I had this waiting for me in my Myspace friend request box today... uh. I had pegged this as a standard fake profile, but
the addition of the personalised "Why, hello there" message wasn't something I'd seen before with one of these fake profile
requests. The SpywareGuide Greynets Blog, 05/05/08.
Memehacks
Hackers are not only harnessing the power of memes in a big way, they are (in some cases) having their creations dictated
to them by whatever the passing fad happens to be at the time. The SpywareGuide Greynets Blog, 05/06/08.
Safest way to bank online? Your cell phone
So you want to bank safely online? Then ditch your computer and make the transaction via your cell phone instead. Using a
mobile handset for this most sensitive online act might sound counterintuitive, given that phones are prone to being lost
or stolen, but your cell phone might actually be safer than your computer for paying bills or checking your statement online.
PC World, 05/05/2008.
Google backs open-source CERT group
Google has thrown its weight behind a fledgling security reporting group for the open-source community. The search engine
giant, long a proponent of open-source software, is now one of three sponsors of oCERT, the Open Source Computer Emergency
Response Team. IDG News Service, 05/06/2008.
Yahoo uses McAfee SiteAdvisor to filter evil Web sites
Starting Tuesday, there will be a few less Web sites popping up in Yahoo searches. IDG News Service, 05/06/2008.
Read more about security in Network World's Security section.
Most Read
Videos
Rss FeedLatest News
Rss Feed
-
Network World, Inc
The Connected Enterprise