I just saw a news article (sorry no link at the moment)… that mentioned that Adobe has announced they will move to a monthly patch cycle. This takes a cue from Microsoft which since October of 2003 has had a predictable monthly patch release. It’s nice to see security patches released in a routine, expected, predictable, orderly way. Now if only we can get the malware writers to stick to a single monthly malware release we’ll be in good shape.
Category: Security
-
Another beagle virus variant
Incidents.org is reporting this as well…
A new Beagle variant is making the rounds. It comes in an almost empty email, as a ZIP attachment containing the worm as an EXE. The attachment name, email subject and sole text content of the email all seem to be male or female surnames. Keep your eyes peeled, especially if your users are reading their mail over webmail, as it seems to take another couple of hours until the AV vendors have their patterns lined up.
-
How festive – the dasher worm…
The securityfix is reporting on a new worm that exploits an older Windows vulnerability. The worm is called dasher and is in at least it’s second iteration. Sans noticed an odd increase in port 1025 scans on the tenth of the month which was early activity of this worm. It looks like the first version of the worm didn’t work fully, but this second one does. It installs a keylogger.
-
Network Security guide for the home or small business network – Part 3 – Antivirus
Ok, the first two entries thus far, hardware firewalls and software firewalls have been fairly operating system independant. A hardware firewall is best, but if that’s not possible a software firewall will do until you get a hardware firewall setup. This next item is (currently) a must have for Windows users. However, Mac and Linux users may see the day soon when it is an essential part of security for those systems as well. These days I am stunned to see PC’s that don’t have an antivirus program installed.
-
Disinfecting a PC… part 2
Ok, the last post got a bit long with the hijackthis log, but I wanted to include the whole picture. I put a few comments in, but thought it might be useful to include the notes I took at the time. For starters I leave it unplugged from the network. (There is no network card in this machine.) It’s important when working on an infested PC to leave it isolated so that it can’t continue to spread viruses or spam or whatever it may be doing. Assume if it’s infested with something that it could be spewing out bad stuff. If you must, isolated it and prevent it from routing to the outside world… the safest is usually to leave the cable unplugged for the initial look over.
-
A couple warnings related to fake security sites
Sunbelt has this warning about yet another fake security site. This one is laid out a bit different than the others we’ve seen in recent days. It’s not quite the same spoof of the Windows Security Center, but it makes use of Microsoft’s security logo. (And it does say Security Center at the top of the page along with “Help protect your pc”.) From sunbelt…
For your block lists:
amaena[dot]com -
Disinfecting a PC… part 1
This is the first in a several part series documenting the cleaning of an infected PC. The only real noteworthy item is that it was a dial-up only connection and was rather infested for that. (On par with some of the broadband connected pc’s I’ve seen. It’s also an interesting counterpoint to the network security series.)
-
Network Security guide for the home or small business network – Part 2 – A Software Firewall
Do I really need a hardware firewall? I’m running XP Service Pack 2 with the built in firewall? (or norton, or zonealarm?) Well, personal firewalls (the name that software firewalls go by) are good for a great many things that hardware firewalls AREN’T. They do have their limitations though and I’ll try to cover those in this post. Of course, a software firewall is running on the pc that you use to connect to the internet and one of the functions it serves is to “close the doors and windows” or those open ports that a computer can listen for connections on.
-
Sams club credit security breech?
When I saw a story on incidents.org with the title PCI Compliance, I wondered what SANS was doing covering a hardware standard…. oops. PCI in this case means Payment Card Industry. It turns out that Sams Club has had a security breech that has exposed customers credit card information. The data seems to have been pinched from those buying gas between Sept. 21st and Oct. 2nd.
-
Opera security patch
I saw this earlier today, but had thought it was an issue already covered (just before Thanksgiving there was an opera security update I think.) Anyway… Secunia has an advisory on a security vulnerability in the Opera Web browser. Users are encouraged to upgrade to v. 8.51. The SecurityFix has the story. Download link here http://www.opera.com/download/