Ad: Manage updates with the Download App

trojan

Critical IE 7 exploit making the rounds

Microsoft issued a critical security warning Tuesday that a malicious exploit is making the rounds and attacking vulnerabilities in Internet Explorer 7.

The risk is believed to be widespread, given that IE 7 is the latest version of Microsoft's browser and is bundled with XP service pack 3 and also Vista, said Dave Marcus, director of security research and communications for McAfee's Avert Labs.

The AZN Trojan, which has been making the rounds since the first week of December, has the potential of infecting users' system with a Trojan horse, or "downloaders" that can download other … Read more

Buzz Out Loud 866: Harsh the mellow

Important revelations on today's show: cigars smell like dog poop, Facebook Connect is going to win, the NFL looks awesome in 3-D, and Barack Obama uses an iPod, not a Zune. Like I said, important. Listen now: Download today's podcast Episode 866

Listener co-host details: E-mail buzz@cnet.com with your name, phone number, preferred time of day (with time zone). We are shooting for doing the interviews next Monday 3-4 p.m. PST and Wednesday 4-5 PST.

Facebook Connect opens up http://news.cnet.com/8301-17939_109-10113604-2.html

So does Google Friend Connect http://news.cnet.com/8301-17939_109-10113648-2.htmlRead more

CheckFree customers redirected to Ukraine site

Customers of CheckFree.com, an online bill paying site, were quietly redirected to servers in Ukraine early Tuesday morning, according to several reports.

Representatives of CheckFree told WashingtonPost.com that customers were redirected to a blank log-in page that attempted to install malware on the visiting PC. The company said it regained control at 5 a.m. EST Tuesday, so only customers using the site overnight were likely affected.

Mike Haro, senior security analyst at Sophos told CNET News, "The fact that they used a blank page to download a Trojan (not exactly subtle) says to me one of … Read more

Worm uses familiar brands to lure people

On Tuesday security vendor WebSense issued an alert warning that holiday coupon e-mails from familiar companies may be malicious code in disguise, in this case a mass-mailing e-mail worm.

The warning cites one spoofed McDonald's e-mail that claims to present their latest discount menu, and asks the recipient to print out the attached coupon. A similar mailing pretending to be from Coca-Cola asks recipients to print out details about their new online game, and also offers recipients a chance to win Coca-Cola drinks for life. Websense says the attached zip file contains files named either coupon.exe or promotion.… Read more

Apple suggests Mac users install antivirus software

Updated 10:50 a.m. PST December 2 to correct that Apple previously recommended antivirus software to Mac users, and at 1:50 p.m. PST with call back from Apple and link to 2002 Apple anti-virus item. A follow-up blog will be posted that goes into more detail about the coverage.

Apple is recommending that Mac users install antivirus software.

But don't read this as an admission that the Mac operating system is suddenly insecure. It's more a recognition that Mac users are vulnerable to Web application exploits, which have replaced operating system vulnerabilities as the bigger threat to computer users.

On November 21 Apple updated a technical note on its Support Web site that says: "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."

The item offers three software suggestions: Intego VirusBarrier X5 and Symantec Norton Anti-Virus 11 for Macintosh, both available from the Apple Online Store, and McAfee VirusScan for Mac.

MacDailyNews unearthed the same note posted by Apple in June 2007 and published it on Tuesday,a long with a link to a March 2002 note from Apple urging people to use an anti-virus program.

Apple representatives did not respond to e-mails seeking comment on Monday, but did return a call on Tuesday. A spokesman said he would look into the matter.

Brian Krebs, who first reported on the Apple antivirus recommendation Monday in his Security Fix blog at The Washington Post, said an Apple store employee told him he didn't need antivirus software when he purchased a MacBook three months ago.

Read more

Spam increasing again after shutdown of hosting company

Spammers knocked offline two weeks ago when their hosting company, McColo Corp., was shut down are finally coming back online, security researchers said on Wednesday.

San Jose, Calif.-based McColo was believed to be responsible for up to 75 percent of all spam, according to Brian Krebs of The Washington Post, who broke the initial story.

Spam volumes, which dropped about 80 percent when McColo was shut down on November 11, remained relatively flat since then until a few days ago when they started climbing up, said Matt Sergeant, senior antispam technologist at MessageLabs, now owned by Symantec.

Since Sunday, … Read more

Security firm: Google's Orkut being used to spread Trojans

Someone is using Orkut to spread Trojan links in a message disguised as an official e-mail from the Google-owned social network, according to an alert from security firm Websense released Tuesday.

The message, written in Portuguese to appeal to Orkut's many Brazilian members, looks like it is sent from an Orkut member who is looking for love, Websense says.

"The message contains several links that appear to lead to the official Orkut Web site. Clicking on a link actually leads to a malicious executable file, which is a Trojan Downloader named 'imagem.exe,'" the Websense alert says. &… Read more

Buzz Out Loud 850: Cooley hates space

We try to get all sentimental about the demise of the Mars Phoenix lander, but Brian Cooley ruins it with his outlandish assertions about the uselessness of space. Plus, he loses his mind about the crappiness of the BlackBerry Curve. In sum, a good time is had by all.

Listen now: Download today's podcast EPISODE 850

Mars Phoenix Lander completes its mission http://news.cnet.com/8301-13772_3-10092897-52.html http://www.urbanhonking.com/universe/2008/11/interview_marsphoenix.html http://gizmodo.com/5082385/this-is-my-farewell-transmission-from-mars

Flat-panel TV shipments begin their decline http://news.cnet.com/8301-17938_105-10093153-1.html

FCC OKs digital workaround for … Read more

Buzz Out Loud 843: Nine legal uses for BitTorrent

We asked. You answered. Our listeners provided not seven, not eight, but nine real legal legitimate uses for BitTorrent. Plus Apple's getting into an old-fashioned spat with IBM. Just like 1979 all over again. Plus Rafe says stop whining about Windows 7. Listen now: Download today's podcast Episode 843

National Novel Writing Month starts tomorrow http://www.nanowrimo.org/

Trojan virus steals bank info http://news.bbc.co.uk/2/hi/technology/7701227.stm http://news.cnet.com/8301-1009_3-10079593-83.html

Apple hires top IBM chip designer and blade server guru http://news.cnet.com/8301-13579_3-10079494-37.html

More on … Read more

1 Trojan + 3 years = 500,000 online financial accounts

RSA FraudAction Research Lab has discovered log-in information for about 300,000 online bank accounts and 250,000 credit and debit card accounts that have been gathered by a cybercrime gang over the past three years using the Sinowal Trojan.

"This may be one of the most pervasive and advanced pieces of crimeware ever created by fraudsters," according to a blog entry posted Friday from RSA, EMC's security unit.

The Sinowal Trojan infects computers without the owner knowing it by surrepticiously planting itself onto the computer while the owner is Web surfing in an attack dubbed a &… Read more