Hackers get tricky with clipboard attack

Patches from Debian, Gentoo, Mandriva Security firm warns against Olympic spam Scammers replace credit card readers in Irish stores, and other interesting reading

Mac, Windows clipboards poisoned by URL attacks
In what a security researcher called a cunning attack, infected Web ads are poisoning Mac and Windows users' clipboards with URLs designed to trick people into visiting sites touting bogus security software. Computerworld, 08/19/2008.
**********

Vendors patch Postfix flaw

According to the Gentoo advisory, "Postfix incorrectly checks the ownership of a mailbox, allowing, in certain circumstances, to append data to arbitrary files on a local system with root privileges." A number of Linux vendors have released updates for the package:

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Mac, Windows clipboards poisoned by URL attacks
In what a security researcher called a cunning attack, infected Web ads are poisoning Mac and Windows users' clipboards with URLs designed to trick people into visiting sites touting bogus security software. Computerworld, 08/19/2008.
**********

Vendors patch Postfix flaw

According to the Gentoo advisory, "Postfix incorrectly checks the ownership of a mailbox, allowing, in certain circumstances, to append data to arbitrary files on a local system with root privileges." A number of Linux vendors have released updates for the package:

Debian

Gentoo

Mandriva

Ubuntu
**********

Three new patches from Mandriva:

Kernel for Mandriva Corporate 4.0 (multiple flaws)

kdegraphics (buffer overflow, code execution)

amarok (symlink, file overwrite)
**********

Today's malware news:

Security firm warns against Olympic spam
Beware of e-mails with sensational Olympic subject titles. They will likely contain a form of malware called Storm that infects computer systems, according to enterprise security firm, Secure Computing. Computerworld, 08/19/2008.

Large-Scale Spam Campaign Continues
As expected, the arrival of the 2008 Olympics in Beijing was accompanied by an increase in Olympics-related spam. From fake news to performance enhancing medication, spammers are taking full advantage of the Games to entice us to click their links and open their attachments. Symantec Security Response, 08/15/2008.

The Summer Storm
Seventy-seven megabytes of network traffic, 356 spam emails sent and 10,082 unique IP addresses contacted. All in just under 60 minutes. This is what a system infected by one recent Storm rootkit pumps out. Symantec Security Response, 08/18/2008.
**********

From the interesting reading department:

Tall Latte, Hold the Malware
There's nothing like coffee one-upmanship to make the blood boil. "You're still drinking lattes? With actual milk from a cow? Good grief, where have you been?" Nowadays though, it seems that coffee one-upmanship is no longer enough to secure the seemingly coveted "hippest person in the cafe" crown. Now that portable devices are actually portable, cafes and other public spaces seem to be prime territory for people keen to show off their technological gadgetry. Symantec Security Reponse, 08/20/2008.

Scammers replace credit card readers in Irish stores
Fraudsters in northeast Ireland posing as authorized bank service personnel replaced credit card readers in retailers' stores with their own, capturing data that can be used to empty bank accounts and make purchases. IDG News Service, 08/18/2008.

Read more about security in Network World's Security section.