Welcome to our peer-to-peer forums, where owners help owners. Need help now? Visit eSupport here.

English Community

Software and Operating SystemSecurity & Malware
All Forum Topics
Options

2794 Posts

05-01-2010

United States of America

13024 Signins

149663 Page Views

  • Posts: 2794
  • Registered: ‎05-01-2010
  • Location: United States of America
  • Views: 149663
  • Message 1 of 8

Speaking of Security

2010-10-29, 15:56 PM



Koobface Is Back

A while ago those of us in the security community were seeing a lot of Koobface infections that climbed aboard at Facebook. It's back. I thought I would share this information here because of the large number of folks who use Facebook these days.

This member of the Koobface family of malware that has been making the headlines in the last 24 hours, is sometimes being referred to as "Boonana". one reason why it has been getting so much attention is that it doesn't just infect Windows, but targets Mac OS X and Linux computers as well.

Details with screenshots and video:
http://nakedsecurity.sophos.com/2010/10/28/cross-platform-worm-targets-facebook-users/






Microsoft MVP Consumer Security 2006-2016 / Windows Insider MVP 2016-Present
I am not employed by Microsoft or Lenovo.

Using Browser Search to Find Your Answers In Lenovo and Moto Community
Reply
Options

2794 Posts

05-01-2010

United States of America

13024 Signins

149663 Page Views

  • Posts: 2794
  • Registered: ‎05-01-2010
  • Location: United States of America
  • Views: 149663
  • Message 2 of 8

Re: Speaking of Security

2010-11-03, 22:54 PM

Microsoft Security Advisory 2458511 Released

Microsoft is investigating new, public reports of a vulnerability in all supported versions of Internet Explorer. The main impact of the vulnerability is remote code execution. This advisory contains workarounds and mitigations for this issue.

https://www.microsoft.com/technet/security/advisory/2458511.mspx
http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx

 


DEP, EMET protect against attacks on the latest Internet Explorer vulnerability

http://blogs.technet.com/b/srd/archive/2010/11/03/dep-emet-protect-against-attacks-on-the-latest-internet-explorer-vulnerability.aspx






Microsoft MVP Consumer Security 2006-2016 / Windows Insider MVP 2016-Present
I am not employed by Microsoft or Lenovo.

Using Browser Search to Find Your Answers In Lenovo and Moto Community
Reply
Options

2794 Posts

05-01-2010

United States of America

13024 Signins

149663 Page Views

  • Posts: 2794
  • Registered: ‎05-01-2010
  • Location: United States of America
  • Views: 149663
  • Message 3 of 8

Re: Speaking of Security

2010-11-03, 23:18 PM

Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat

Release date: October 28, 2010
Last updated: November 2, 2010
Vulnerability identifier: APSA10-05
CVE number: CVE-2010-3654
Platform: All Platforms


A critical vulnerability exists in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems; Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX operating systems, and Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh operating systems.

This vulnerability (CVE-2010-3654) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Reader and Acrobat 9.x. Adobe is not currently aware of attacks targeting Adobe Flash Player.

We are in the process of finalizing a fix for the issue and expect to provide an update for Flash Player 10.x for Windows, Macintosh, Linux and Solaris by November 4, 2010. We expect to make available an update for Flash Player 10.x for Android by November 9, 2010. We expect to make available an update for Adobe Reader and Acrobat 9.4 and earlier 9.x versions during the week of November 15, 2010.


Details here:
http://www.adobe.com/support/security/advisories/apsa10-05.html






Microsoft MVP Consumer Security 2006-2016 / Windows Insider MVP 2016-Present
I am not employed by Microsoft or Lenovo.

Using Browser Search to Find Your Answers In Lenovo and Moto Community
Reply
Options

2794 Posts

05-01-2010

United States of America

13024 Signins

149663 Page Views

  • Posts: 2794
  • Registered: ‎05-01-2010
  • Location: United States of America
  • Views: 149663
  • Message 4 of 8

Re: Speaking of Security

2010-11-05, 1:23 AM


New variant of cross-platform Boonana malware discovered


I am not able to post an update to my original post on the Koobface topic above, so I am replying here.

SOPHOS Report:
Last week we spoke about the Boonana cross-platform malware, using a malicious Java applet to deliver a cross-platform attack that attempts to download further malware to computers running Windows, Unix and Mac OS X.
 
Since then some we have seen variants of the original Boonana attack. The samples we have seen have been functionally the same, with the hackers behind them seemingly having obfuscated their code to try and waltz around detection.

Their attempts haven't been good enough to get past Sophos's products so far (including our new free anti-virus for Mac home users), and we haven't had to update our generic detection method.

In the samples we have analysed to date, the attack specifically targets Windows and Mac OS X systems, and just happens to infect other platforms that run Java. Depending upon the flavour of Unix, it doesn't usually complete its 'life cycle' if you're not running Windows or Mac OS X systems.

http://nakedsecurity.sophos.com/2010/11/04/new-variant-of-cross-platform-boonana-malware-discovered/






Microsoft MVP Consumer Security 2006-2016 / Windows Insider MVP 2016-Present
I am not employed by Microsoft or Lenovo.

Using Browser Search to Find Your Answers In Lenovo and Moto Community
Reply
Options

2794 Posts

05-01-2010

United States of America

13024 Signins

149663 Page Views

  • Posts: 2794
  • Registered: ‎05-01-2010
  • Location: United States of America
  • Views: 149663
  • Message 5 of 8

Re: Speaking of Security

2010-11-05, 3:55 AM


Security update now available for Adobe Flash Player


Release date: November 4, 2010
Vulnerability identifier: APSB10-26

http://www.adobe.com/support/security/bulletins/apsb10-26.html

 

* Note if you don't want the Google toolbar, make sure that "extra" is UNchecked when the new version of Flash is installed.

 

It is usually best to run the Flash Uninstaller before updating to a newer version.

http://kb2.adobe.com/cps/141/tn_14157.html






Microsoft MVP Consumer Security 2006-2016 / Windows Insider MVP 2016-Present
I am not employed by Microsoft or Lenovo.

Using Browser Search to Find Your Answers In Lenovo and Moto Community
Reply
Options

2794 Posts

05-01-2010

United States of America

13024 Signins

149663 Page Views

  • Posts: 2794
  • Registered: ‎05-01-2010
  • Location: United States of America
  • Views: 149663
  • Message 6 of 8

Re: Speaking of Security

2010-11-09, 17:05 PM

Today is "Patch Tuesday". Microsoft is expected to release its monthly cycle of Windows/Critical Security Updates.  
They usually become available at 1 PM (Eastern [USA] Standard Time).

Please use Microsoft (or Automatic) Updates to determine which ones --- if any --- are applicable to your particular system.

 

===============

Moderator: There is outdated info in this discussion so this topic can be unpinned after today.






Microsoft MVP Consumer Security 2006-2016 / Windows Insider MVP 2016-Present
I am not employed by Microsoft or Lenovo.

Using Browser Search to Find Your Answers In Lenovo and Moto Community
Reply
Options

2827 Posts

02-23-2008

United States of America

10664 Signins

147403 Page Views

  • Posts: 2827
  • Registered: ‎02-23-2008
  • Location: United States of America
  • Views: 147403
  • Message 7 of 8

Re: Speaking of Security

2010-11-19, 7:56 AM

Download Microsoft's consumer broucher  offering guidance on building your computer's defenses, avoiding being tricked into downloading malware, and what to do if your computer is not running as usual.

 

 

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=bc43f79f-4b4a-42c8-a8d1-72d14e21d0df

Reply
Options

2827 Posts

02-23-2008

United States of America

10664 Signins

147403 Page Views

  • Posts: 2827
  • Registered: ‎02-23-2008
  • Location: United States of America
  • Views: 147403
  • Message 8 of 8

Re: Speaking of Security -- Beware of Fake Disk Cleanup utilities

2010-12-09, 2:50 AM

Fake disk cleanup and de-fragmentation utilities are on the rise a list of some of those are mentioned here 

 

http://www.zdnet.com/blog/security/from-rogue-av-to-fake-disk-clean-up-utilities/7804?tag=mantle_skin;content

Reply
Forum Home

Community Guidelines

Please review our Guidelines before posting.

Learn More

Check out current deals!

Go Shop
X

Save

X

Delete

X

No, I don’t want to share ideas Yes, I agree to these terms