If it’s about security, you heard it here first
Its summer…Do you know what your kids are doing?, (Fri, May 29th)
School is over or about to be over for many kids. With that comes many families whose parents work and kids will be left at home to relax and enjoy their summer vacation. This means alot of free time and an internet out there [...]
4116
BAT/Qhost.NBP (2), INF/Autorun (3), PDF/Exploit.Pidief.ONM, PDF/Exploit.Pidief.ONN (2), PDF/Exploit.Pidief.ONO, PDF/Exploit.Pidief.ONP (2), Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (4), Win32/Adware.InternetAntivirus, Win32/Adware.PersonalAntivirus, Win32/Adware.SpywareRemover, Win32/Adware.SystemSecurity (18), Win32/Agent.PMR (2), Win32/Agent.WPI, Win32/AntiAV.AZQ, Win32/AntiAV.NAO (2), Win32/AutoRun.ABH, Win32/AutoRun.ADR (2), Win32/AutoRun.FakeAlert.BR, Win32/AutoRun.FakeAlert.M, Win32/AutoRun.VB.CN (2), Win32/Bagle.RG, Win32/Delf.NSQ (3), Win32/Dialer.NHQ (3), Win32/Dialer.NHR (3), Win32/FlyStudio.NMJ, Win32/FlyStudio.NMK, Win32/Hupigon.NPD, Win32/Injector.PK, Win32/IRCBot.ADZ, Win32/Koobface.NBG (2), Win32/Koutodoor.AB, Win32/Koutodoor.AD, Win32/Koutodoor.AE (4), Win32/Koutodoor.G, Win32/Kryptik.QY, Win32/Olmarik.GW (2), Win32/Olmarik.HG (4), [...]
Microsoft DirectShow Remote Code Execution Vulnerability
Summary:
Fortinet’s FortiGuard Global Security Research Team investigates a vulnerability in Microsoft DirectX (DirectShow) through a specially crafted QuickTime media file.
Impact:
Remote Code Execution.
Affected Software:
DirectX 7.0 on Microsoft Windows 2000 Service Pack 4
DirectX 8.1 on Microsoft Windows 2000 Service Pack 4
DirectX 9.0 on Microsoft Windows 2000 Service Pack 4
DirectX 9.0 on Windows [...]
Advanced Two-Way Firewall for Mac OS X unveiled
ProteMac has announced ProteMac NetMine 1.2, their network firewall for Mac OS X. ProteMac NetMine intercepts all network activity traveling from and to your Mac and from every an application of your Mac. NetMine firewall can prevent all unwanted outside and inside traffic from reaching protected machines.
Firewall [...]
4114
IRC/SdBot, Win32/Adware.Coolezweb (5), Win32/Adware.InternetAntivirus, Win32/Agent.WPI, Win32/AutoRun.Autoit.P, Win32/AutoRun.Delf.CB (2), Win32/AutoRun.IRCBot.AM (2), Win32/BHO.NLG, Win32/Kryptik.QW, Win32/Olmarik.HG (4), Win32/PSW.YahooPass.AF, Win32/Spy.Webmoner.NBN, Win32/Spy.Zbot.CK, Win32/TrojanClicker.Delf.NBA, Win32/TrojanClicker.Delf.NDS, Win32/TrojanClicker.Delf.NFC, Win32/TrojanDownloader.Adload.FIB (2)
URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6083&Itemid=26
4113
BAT/Agent.NBW, PDF/Exploit.Pidief.ONK, Win32/Adware.Antivirus2008 (2), Win32/Adware.Coolezweb (2), Win32/Adware.InternetAntivirus (5), Win32/Adware.SystemSecurity (4), Win32/Agent.NXT, Win32/Agent.PHC, Win32/Agent.PKT (2), Win32/Agent.WPI (4), Win32/AutoRun.Agent.OG, Win32/AutoRun.Agent.OH, Win32/AutoRun.Agent.OI, Win32/AutoRun.FakeAlert.AF (3), Win32/AutoRun.KS, Win32/AutoRun.VB.DQ, Win32/Boberog.AC, Win32/Dialer.NHP (2), Win32/Hupigon.NPB, Win32/Hupigon.NPC, Win32/Injector.PH, Win32/Injector.PI, Win32/IRCBot.ADZ (2), Win32/KeyLogger.BitLogic, Win32/NetPass (2), Win32/Obfuscated.NCY, Win32/Olmarik.HG (4), Win32/Poebot, Win32/Prosti.NCL (2), Win32/PSW.LdPinch.NJG, Win32/PSW.WOW.NKO (2), Win32/PSW.YahooPass.NAD (2), Win32/PSWTool.IEPassView.NAD, Win32/PSWTool.MailPassView.150, Win32/PSWTool.PassFox.111 (2), Win32/Rustock.NIH, Win32/Rustock.NIK, Win32/Sohanad.BM, Win32/Sohanad.NEJ, Win32/Spy.Banker.QZA, [...]
4110
BAT/TrojanDownloader.Ftp.NDM, BAT/TrojanDownloader.Ftp.NDN, IRC/SdBot (2), PDF/Exploit.Pidief.ONF, Win32/Adware.AntiVirus1, Win32/Adware.Antivirus2008, Win32/Adware.AntivirusPlus (2), Win32/Adware.BHO.NCX, Win32/Adware.MySideSearch, Win32/Adware.NaviPromo (2), Win32/Adware.PersonalAntivirus (2), Win32/Adware.PrivacyComponents, Win32/Adware.UltraAntivirus2009 (3), Win32/Adware.Virtumonde (2), Win32/Adware.WinPCDefender, Win32/Agent.DKR (2), Win32/Agent.PGA, Win32/Agent.PKT, Win32/Agent.PMI (3), Win32/AntiAVNAK (2), Win32/Autoit.FV (2), Win32/AutoRun.FlyStudio.KC, Win32/AutoRun.IRCBot.AK, Win32/AutoRun.KS, Win32/AutoRun.VB.CX (2), Win32/AutoRun.VB.DP (2), Win32/Bagle.RD, Win32/BHO.NOR, Win32/Delf.ODU, Win32/Delf.OJB, Win32/Dialer.NAD, Win32/Hupigon.NOU, Win32/KillAV.NDT (4), Win32/KillProc.NAF, Win32/Kryptik.QR, Win32/Kryptik.QS, Win32/Mebroot.BL, Win32/Mebroot.BM (2), Win32/Mebroot.BN (2), Win32/Olmarik.GW, [...]
Host file black lists , (Wed, May 27th)
Henry Hertz Hobbit who maintains a black list of bad hosts wrote in today with some host file links
and comments on them. I have included most of his comments with very little editing
(I removed a few names and comments about other list maintainers and corrected [...]
4109
IRC/SdBot, Win32/Adware.AdvancedCleaner (3), Win32/Adware.BHO.NCG, Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (2), Win32/Adware.PersonalAntivirus.AA, Win32/Adware.PersonalAntivirus.AB, Win32/Adware.SystemSecurity.AA (2), Win32/Adware.Virtumonde, Win32/Adware.WinPCDefender (2), Win32/Adware.WSearch, Win32/Agent.PME, Win32/Agent.PMF, Win32/Agent.PMG (6), Win32/Agent.PMH (2), Win32/AntiAV.NAK, Win32/AutoRun.Autoit.P, Win32/BHO.NOS, Win32/BHO.NPJ, Win32/BHO.TBL (2), Win32/Bifrose.ADR, Win32/Delf.OJA (2), Win32/Flyagent.NAV (2), Win32/Flyagent.NAW (2), Win32/FlyStudio.NMH, Win32/Injector.PB, Win32/Injector.PC, Win32/Koutodoor.AB (3), Win32/Koutodoor.G, Win32/Kryptik.QO, Win32/Kryptik.QP, Win32/Mebroot.BL, Win32/Merond.P (2), Win32/Olmarik.GW, Win32/Olmarik.HG (2), Win32/Popwin.NBI, Win32/PSW.OnLineGames.NMY, Win32/PSW.OnLineGames.OKB (3), Win32/PSW.QQPass.NEH (4), Win32/Rootkit.Agent.NLZ [...]
4108
IRC/SdBot (2), SWF/Exploit.Agent.AB (2), Win32/Adware.Antivirus2008, Win32/Adware.BHO.NCX, Win32/Adware.SpywareProtect2009 (2), Win32/Adware.XPGuard, Win32/Agent.PIS, Win32/Agent.PIX, Win32/AutoRun.Agent.IE (3), Win32/AutoRun.FlyStudio.KB, Win32/AutoRun.VB.CD, Win32/Delf.NHH, Win32/Injector.MB, Win32/Injector.MC, Win32/Injector.MD, Win32/Injector.NV, Win32/IRCBot.ADZ, Win32/Koutodoor.AB (4), Win32/Koutodoor.G, Win32/Kryptik.QN, Win32/Lanc.A, Win32/Pacex.Gen (2), Win32/PSW.OnLineGames.OIX, Win32/PSW.YahooPass.NAD, Win32/StartPage.BR, Win32/TrojanClicker.Agent.NGS (2), Win32/TrojanDownloader.Agent.OXU, Win32/TrojanDownloader.Agent.OYU, Win32/TrojanDownloader.Banload.OOC, Win32/TrojanDownloader.Banload.OOP, Win32/TrojanDownloader.Bredolab.AA (2), Win32/TrojanDownloader.Delf.ORH, Win32/TrojanDownloader.Small.OKW (2), Win32/TrojanDownloader.VB.NWO, Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDropper.Agent.NSS, Win32/TrojanProxy.Small.NCA, Win32/Wigon.KU
URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6077&Itemid=26
Facebook sued by user over virus
A Florida librarian and activist has filed a civil lawsuit against Facebook alleging that the social network failed to adequately protect users from a virus.
Theodore Karantsalis, of Miami Springs, Fla., is seeking $70.50 from Facebook in the lawsuit, which was filed a week ago in Miami-Dade county court.
Source – Cnet [...]
4107
BAT/Qhost.NBP (2), Win32/Adware.PersonalAntivirus (3), Win32/Adware.SystemSecurity (3), Win32/Adware.SystemSecurity.AA, Win32/Adware.WinPCDefender (6), Win32/Agent.CCWW, Win32/Agent.NYJ (2), Win32/Agent.PMD, Win32/AutoRun.ABH (4), Win32/AutoRun.FakeAlert.AF, Win32/AutoRun.FlyStudio.KA, Win32/Delf.NSE, Win32/Injector.PA, Win32/Koobface.NBG (2), Win32/Kryptik.QM, Win32/Qhost, Win32/Spy.Banker.QQJ (3), Win32/Spy.Webmoner.NBR (3), Win32/Spy.Zbot.JF, Win32/TrojanDownloader.Agent.OZA, Win32/TrojanDownloader.DelfOTP, Win32/TrojanDownloader.Small.NZM, Win32/TrojanDropper.Agent.OBC
URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6076&Itemid=26
4106
BAT/Agent.NBV (2), INF/Autorun, Win32/Adware.PersonalAntivirus, Win32/Adware.SystemSecurity, Win32/Adware.SystemSecurity.AA, Win32/Adware.WinPCDefender (2), Win32/Agent.CIHM, Win32/Agent.NYI (6), Win32/Agent.PLZ (2), Win32/Agent.PMA, Win32/Agent.PMB (3), Win32/Agent.PMC, Win32/Autoit.AG, Win32/BHO.NOR, Win32/Buzus.AZGJ, Win32/Daonol.B, Win32/Daonol.C, Win32/Delf.NFV (2), Win32/Delf.ODU, Win32/Delf.OIY, Win32/Delf.OIZ (2), Win32/FlyStudio.NMG (2), Win32/Hupigon.NOY (2), Win32/Koutodoor.AA (3), Win32/Koutodoor.G, Win32/Kryptik.QK, Win32/Kryptik.QL, Win32/Olmarik.GW (2), Win32/Olmarik.HG (4), Win32/Rootkit.Ressdt.NBO, Win32/SpamTool.Agent.NCL, Win32/Spy.Agent.NNS, Win32/Spy.Banbra.NPQ, Win32/Spy.Banker.QNJ, Win32/Spy.KeyLogger.ME (4), Win32/Spy.VB.NDV, Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.NJ, Win32/Spy.Zbot.RI, Win32/Spy.Zbot.RJ, Win32/StartPage.NJS, [...]
[SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution
<!– Envelope-to: email@address Delivery-date: Mon, 25 May 2009 17:47:31 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M8dKl-0000wJ-NC for email@address; Mon, 25 May 2009 17:47:31 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id C8835144259; Mon, 25 May [...]
4102
BAT/Autorun.AE (6), BAT/Qhost.NBO, BAT/TrojanDownloader.Ftp.NDJ, PDF/Exploit.Pidief.ONA (2), PDF/Exploit.Pidief.ONB (2), PDF/Exploit.Pidief.ONC, Win32/Adware.Agent.NMG (2), Win32/Adware.Antivirus2008, Win32/Adware.Coolezweb (5), Win32/Adware.InternetAntivirus (4), Win32/Adware.PersonalAntivirus (3), Win32/Adware.SystemSecurity (6), Win32/Adware.Virtumonde, Win32/Agent.NWM (7), Win32/Agent.NYH (2), Win32/Agent.PIH, Win32/Agent.WPI, Win32/Alman.C (2), Win32/Alman.NAB, Win32/AntiAV.NAM (4), Win32/Autoit.FL (2), Win32/AutoRun.Agent.ME, Win32/AutoRun.Agent.OD, Win32/AutoRun.Agent.OE (2), Win32/AutoRun.FakeAlert.AF, Win32/AutoRun.VB.CF, Win32/AutoRun.VB.DM (2), Win32/Bagle.RE (3), Win32/Bagle.RF (2), Win32/BHO.NOR, Win32/BHO.NOS (2), Win32/Delf.NSE, Win32/Delf.OIV (2), Win32/Delf.OIW (3), Win32/Dialer.NEW, [...]
Threat Expert