Monday, October 29, 2007

PDF spam resurrected

Network World

Security: Threat Alert




Network World's Security: Threat Alert Newsletter, 10/29/07

PDF spam resurrected

By Jason Meserve

Today's malware news:

Malicious PDF files being spammed out in volume

Malicious PDF file (report.pdf or debt.2007.pdf or overdraft.2007.10.26.pdf or so) has been massively spammed through e-mail. The PDF is spiced with CVE-2007-5020 exploit that downloads ms32.exe that downloads more components. F-Secure Antivirus Research blog, 10/26/07.

Webcast: Get the latest on NAC

Learn the latest on Network Access Control in Network Worlds Perspectives Editorial Webcast. Discover how IT professionals can leverage this hot security technology in their networks, while also learning about key management areas that have not yet been perfected.

To learn more click here.

Guess we may have to update our IT Graveyard slideshow....

Storm worm can befuddle NAC

A newly discovered capability of the Storm worm could invalidate results churned out by NAC products, attendees at Interop New York learned last week. Network World, 10/25/07.

Mudslinging Malware

Most of the day-to-day malware that we currently analyze has a financial motive. Such malware typically doesn't do anything noticeably malicious as it doesn't want to tip-off the victim. But every now and then, we see something that's just plain nasty. F-Secure Antivirus Research blog, 10/25/07.
**********

Today's bug patches and security alerts:

Three new updates from rPath:

Firefox (multiple flaws)

cpio / tar (denial of service, code execution)

PHP (multiple flaws)
**********

Four new fixes from Gentoo:

Sylpheed / Claws Mail (format string, code execution)

Qt (code execution)

ImageMagick (multiple flaws)

HPLIP (privilege escalation, code execution)
**********

Two new patches from Debian:

Iceweasel (multiple flaws)

xen-utils (non-secure temp files)
**********

From the interesting reading department:

Immediate flaw alerts vs. Disclosing with patches

What's safer, knowing there's a gaping hole that can be exploited in a software product even when there is no patch for it, or being told about the gaping hole once there is a patch? Network World, 10/26/07.

Mystery of RealPlayer exploit, hijacked ad server unfolds

A week after Symantec security researchers traced the elaborate course of a malware exploit -- apparently devised in the Netherlands -- to what may be a compromised ad server belonging to Internet advertising company 24/7 Real Media, the attack method isn’t fully understood. Network World, 10/25/07.

Firefox Update Plugs 8 Security Holes

Mozilla has shipped an update to its Firefox Web browser that corrects at least eight separate security flaws, including two that Mozilla flagged as especially serious. Firefox users should have already received an update that brings the browser to version 2.0.0.8. Security Fix blog, 10/25/07.

How Secure is your Email?

These days, many people take it for granted that their e-mail is secure. People (and companies) send all kinds of critical information through e-mail, expecting it to make it to the correct person and only that person. That's a bad assumption. Symantec Security Response blog, 10/25/07.

Security deadline missed by one-third of Visa merchants

Just over a third of large-volume Visa merchants failed to meet a Sept. 30 deadline to comply with the Payment Card Industry's 12-part Data Security Standard, Visa said yesterday, and those companies are facing fines of $25,000 per month. Network World, 10/25/07.

Austrian police to use crime-busting Trojans

The Austrian Police has become the latest European agency to express its intention to use specially-crafted Trojans to remotely monitor criminal suspects. Network World, 10/25/07.

We pwn your Desktop!

A couple of weeks ago in this blog entry, we learned how misleading applications advertise themselves on the Web. Now we'll take a closer look at the other side of things to see how misleading applications infiltrate users' machines in order to convince people to download and purchase them. Symantec Security Response blog, 10/26/07.

Microsoft now admits to WSUS update error

On the same day it tried to refute reports that enterprise customers' PCs were being force-fed the Windows XP desktop search tool, Microsoft Corp. did a turnabout and admitted it had messed up. Computerworld, 10/26/07.

Advance fee scams target cash-strapped consumers

Authorities are warning of yet another scam targeting online loan applicants. This time it's an advance fee loan scheme involving MortgageTree Lending, a company that is finding plenty of victims online. PC World, 10/25/07.

Editor's note: Starting the week of Nov. 12, subscribers to the HTML version of this newsletter will notice some enhancements to the layout that will provide you with easier and clearer access to a wider range of resources at Network World. We hope you enjoy the enhancements and we thank you for reading Network World newsletters.


  What do you think?
Post a comment on this newsletter

MOST-READ STORIES:
1. Networking's 50 greatest arguments
2. Unlimited gall to cost Verizon $1 million
3. Storm worm strikes back at security pros
4. Senate passes Internet tax moratorium
5. Vonage settles Verizon patent dispute
6. Cisco certifications: All you need to know
7. 10 reasons ITIL spooks IT managers
8. RealPlayer exploit, hijacked ad server mystery
9. Top 20 Firefox extensions
10. Hackers use Cisco VoIP to access network

FEATURED BUYER'S GUDIE:
Tape Library, your one-stop shop


Contact the author:

Jason Meserve is Network World's Multimedia Editor and writes about streaming media, search engines and IP Multicast. Check out his Multimedia Exchange Weblog.

Check out Jason Meserve and Keith Shaw's weekly podcast "Twisted Pair"



ARCHIVE

Archive of the Security: Threat Alert Newsletter.


BONUS FEATURE

90% of IT Managers are leaving their company at risk for a DNS ATTACK. Get the tools and resources you need to keep your DNS healthy and secure. Run a DNSreport on your domain today - 56 critical tests run in 8 seconds.

Visit www.dnsreport.com to learn more. (apply coupon NWW2007NLA for a 25% membership discount)


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

No comments:

Post a Comment