Spammers discover trojans

At SecurityFocus, Kevin Poulsen writes about the marriage of spam and trojans: Spammers are now using programs that take over the PCs of unsuspecting users to deliver spam. Be on the lookout for Proxy-Guzu, which, naturally, can show up in a user’s inbox as part of a spam message. http://www.securityfocus.com/news/4217 **********

At SecurityFocus, Kevin Poulsen writes about the marriage of spam and trojans: Spammers are now using programs that take over the PCs of unsuspecting users to deliver spam. Be on the lookout for Proxy-Guzu, which, naturally, can show up in a user’s inbox as part of a spam message.

https://www.securityfocus.com/news/4217

**********

Oracle has released a patch for a buffer-overflow vulnerability that could let an attacker take over a database server running certain versions of Oracle7, 8 and 9.

https://otn.oracle.com/deploy/security/pdf/2003alert54.pdf

See story:

https://www.nwfusion.com/news/2003/0429oraclpatch.html

**********

Microsoft has issued a patch for  a couple of holes could let an attacker compromise a machine running its BizTalk Server.

https://www.microsoft.com/security/security_bulletins/ms03-016.asp

**********

Meanwhile, there’s new hope for wireless security: earlier this week, the  Wi-Fi Alliance Tuesday unveiled its first certifications of products for compliance with the Wi-Fi Protected Access (WPA) specification. WPA is intended to replace the increasingly easier-to-crack WEP.

https://www.nwfusion.com/news/2003/0429wifigroup.html

**********

Today’s roundup of virus alerts:

W32.Sphit: “A worm that copies itself to network folders in which users have access.” (Symantec)

https://www.nwfusion.com/go2/0501bug1.html

Backdoor.Kaitex.D: “A Backdoor Trojan that uses a randomly changed TCP port to connect to the IRC servers of the hacker choice. This Trojan allows the hacker to remotely control the infected computer.” (Symantec)

https://www.nwfusion.com/go2/0501bug2.html

WORM_LOVELORN.A: “This memory-resident worm gathers target email addresses from DBX files found in the infected system and sends itself via email using its own SMTP (Simple Mail Transfer Protocol) engine. It may arrive either as an .EXE or .HTML file.” (Trend Micro).

https://www.nwfusion.com/go2/0501bug3.html

W32/Sory: “It obtains confidential information from the affected computer and sends it out via the Internet.” (Panda Software)

https://www.nwfusion.com/go2/0501bug4.html

From the interesting reading department:

Security in fashion

Dr. Steven Kent, chief scientist, information security at BBN Technologies, delivered the morning keynote for the NetWorld+Interop security track, cautioning companies to carefully assess the threat to the individual enterprise and not fall for the latest “fashions” in security. Network World, 04/30/03 

https://www.nwfusion.com/weblogs/ni/2003/002705.html

Nortel to beef up VPN line

Nortel next week will unveil the latest updates to its secure networking lineup, including new remote-access management software, a higher performance Contivity VPN platform and software that expands an enterprise’s ability to ensure every remote connection is safe. IDG News Service, 04/30/03

https://www.nwfusion.com/news/2003/0430nortetobe.html

Microsoft publishes security guides for admins

Microsoft Friday released a guide to help systems administrators run Windows Server 2003 securely, and Monday reannounced a similar guide for Windows 2000. IDG News Service, 04/29/03

https://www.nwfusion.com/news/2003/0429micropubli.html

Wi-Fi group certifies new security capabilities

Signaling the next step in securing standard wireless LAN access points, the Wi-Fi Alliance Tuesday unveiled its first certifications of products for compliance with the Wi-Fi Protected Access (WPA ) specification. IDG News Service, 04/29/03 

https://www.nwfusion.com/news/2003/0429wifigroup.html