Eye on Security: Windows Ransomware, DLL Hole, Malware, and More
- Dr. Roy Schestowitz
- 2010-09-03 06:46:58 UTC
- Modified: 2010-09-03 06:46:58 UTC
Summary: Menaces and unpleasant 'niceties' that only affect users of Windows this week
●
Russian cops cuff 10 ransomware Trojan suspects [
via]
PCs infected by the WinLock Trojan at the centre of the scam were rendered unusable because the malware disabled key Windows components. More embarrassingly pornographic images were displayed on compromised machines, IDG adds.
●
Polymorphic ransomware tops malware charts
Ransomware variant TotalSecurity is topping the malware charts, according to the latest threat report from security firm Fortinet.
August was the biggest comeback month since March for TotalSecurity, which locks out applications and data, and then demands a ransom to restore access.
●
Microsoft Releases 'Fix It' for DLL Hole
The DLL security vulnerability first grabbed headlines in August when a Slovenian security research firm pointed out that, under some circumstances, a malicious hacker could deploy a booby-trapped DLL file into a directory where Windows will load it, potentially granting the attacker control over the system. But it later surfaced that a U.S. security researcher had warned Microsoft about the DLL issue almost a year before, and had even published an academic paper on the threat last month.
●
Google Code hosting malware-spreading project
Google Code's project hosting feature has occasionally been used by malicious individuals for storing and spreading malware.
[...]
After this discovery was made public, Google removed the offending project. But this instance shows that the company must find a better way of detecting malware hosted on its sites.
●
University loses nearly 1 million dollars to malware
Thieves appear to have stolen the funds from University of Virginia after compromising a computer belonging to the University's Financial Controller. Malware intercepted the Online Banking Credentials for the University's Bank accounts and initiated a fraudulent wire transfer for $996,000 to a Bank in China.
●
25 percent of Windows malware now targets USB storage devices
In a survey of small businesses, PandaLabs discovered that 48 percent had been victims of malware in the past year. Of those businesses infected, 27 percent were able to verify that a compromised USB device was at the root of the issue.
●
New malware detects browser, shows fake malware warning page
While the malware is a pretty good attempt, it's not perfect. The goal is to get the user to download and install something, shelling out some cash in the process, which neither of the three browser vendors would ever recommend. The Firefox warning page, meanwhile, has an obvious typo ("Get me our of here"). In addition, it's suspicious that a webpage is going out of its way to tell you it is protecting your purchase. It's also not hard to check that the supposedly detected files do not actually exist on the user's computer. All of these missteps should raise red flags immediately; having said that, we've still not before seen this level of detail and effort from the bad guys.
●
Heartland pays another $5.4m for malware infection
The United States' fourth largest credit card payments processing company Heartland Payment Systems has agreed to pay a US$5 million ($5.4 million) settlement to its financial services customer Discover over a data breach caused by a malware infection.
Heartland processed card payments for Visa, Mastercard and other financial service providers to the tune of US$70 billion in 2009.
●
Rogue Win7 AV Copies the Microsoft Security Essentials Site
There are downsides to market success, and in the case of Microsoft Security Essentials is that attackers build malware designed to piggy-back ride the free security solution from Microsoft.
Recent Techrights' Posts
- Microsoft OSI Uses Its Money to Hire PR Agencies That Spy and Spread Mindless Openwashing of GPL-Violating Microsoft Ploy
- `We're under attack. But the attackers smile at us and hire PR firms to spy, mislead etc.
- In Nigeria, Africa's (by Far) Largest Population, Microsoft Bing is the 0%
- To Microsoft, Africa is just "someplace" to get intensive, hard-working human 'resources' (tech labour) at 2 dollars 'apiece' as in per person per hour
- Microsoft Layoffs and Closures Now Reported in Africa
- Microsoft Uninstalls Nigeria as it closes African Development Centre (ADC) in Lagos
-
- [Video] Richard Stallman, "I Saw You Playing Your Recorder in Paris" (Due to Proprietary Software Only)
- Corporate autocrats do not want counterparts or alternatives to even exist
- Five Years After the Extensive Campaign of Defamation Against Richard Stallman He's Still Giving Public Talks
- "Richard Stallman will give a talk, in French, Free Software and Freedom in a Digital Society at Centrale Supelec in Saclay, on May 15."
- Microsoft Is Rebranding Its 'Chatbot' Search for the Third Time Because It Fails to Gain Adoption
- it always means that something has failed - not that they'll openly admit it
- Richard Stallman Gives a Talk in Paris Next Week (in French) and It's About Freedom
- another talk, which he has only just announced
- Pace Up, Distractions Down
- We've made our curation process faster and more efficient
- In Algeria, GNU/Linux Estimated to Have Grown Tenfold in a Decade
- a sharp rise in GNU/Linux usage
- [Meme] Red Hat Diversity
- Red Hat: don't mention Haghighi
- Our Sister Site Turns 20 in Exactly One Month
- twentieth anniversary of the site
- Corporate Media Focuses on Who's Suing Red Hat, Not What It's Sued For
- The unfortunate thing is, anybody who has an opinion on this lawsuit will inevitably be framed as "pro-Trump" or "anti-Trump"
- Links 10/05/2024: Many More Microsoft Layoffs on the Way
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, May 09, 2024
- IRC logs for Thursday, May 09, 2024
- Gemini Links 10/05/2024: geminispace.info to Shut Down in 3 Weeks
- Links for the day
- Links 09/05/2024: Journalists in Detention, China Banning Songs or Anthems
- Links for the day
- Support for harassment and abuse victims
- Reprinted with permission from Daniel Pocock
- Gemini Links 09/05/2024: Being Sick Enough and End of “World of Ends“
- Links for the day
- Links 09/05/2024: 'Hey Hi' (AI) Bubble Implodes Some More, Microsoft Layoffs So Widespread It's Hard to Keep Track
- Links for the day
- Speaking of Enshittification and Freedom, We've Still Not Begun Tackling the UEFI 'Secure' Boot Mess (Preventing GNU/Linux From Even Booting!)
- Microsoft continues to fly under the radar and commit competition crimes with impunity
- Microsoft Has Just Confirmed Mass Layoffs in Nigeria, It Now Adds Insult to Injury With Price Hikes for Locals
- It's not like Microsoft paid them good salaries
- Software Enshittification or Freedom? It's not a hard choice!
- Reprinted from Alexandre Oliva
- Links 09/05/2024: More Microsoft Layoffs on the Way
- Links for the day
- Amid Microsoft Layoffs in Nigeria GNU/Linux Climbs Above 6% Market Share (Not Including ChromeOS)
- Hundreds are being laid off by Microsoft in Nigeria, based on yesterday's reports
- [Meme] Blame the Robots or the 'Hey Hi' (AI), It Always Works in Today's Media
- Companies do not have financial troubles! They have "efficiencies"...
- News Reports Say Many More Microsoft Layoffs on the Way, Rumours Say Red Hat Also Imminently a Target
- Microsoft is slipping out of control
- Links 09/05/2024: Diplomacy Efforts With China, AstraZeneca Stops Experimenting With COVID-19 Vaccines
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, May 08, 2024
- IRC logs for Wednesday, May 08, 2024
- Gemini Links 09/05/2024: Registered Computer Professionals and TLS (The Long Slog)
- Links for the day
- Links 08/05/2024: Android Malware and "AI" Hype
- Links for the day
- [Meme] Technical Committee With People Who Are Not Technical
- the computing/computer industry being occupied by people who lack suitable background
- The Demise of Computer Science Education
- Education is essential for the future; without it, whole nations will perish
- [Video] Prisons for the Minds and for Tech Workers
- Today's video talks about what happens to workforces (across disciplines) in recent years
- [Meme] Struggling to Leave Its Nazi Past Behind
- digital arson
- Microsoft Declines to Talk About How Many People It Has Just Laid Off
- Hours ago in IGN: "Microsoft did not say how many staff will lose their jobs, but significant layoffs are inevitable. IGN has asked Bethesda for comment. Microsoft declined to expand further when contacted by IGN."
- Microsoft Windows in South America: From 99% to 87%
- the latest from statCounter
- It's Rather Obvious Why They Try to Silence Richard Stallman, Eben Moglen, and Daniel Pocock
- Some of them already sent physically menacing messages to Daniel Pocock
- IRC Network of Techrights Turns 3 (or 16 if We Count the Freenode Days)
- In a few months IRC turns 36
- Sedating Oneself (and Shareholders) With Fuzzy Buzzwords and Pointless Acquisitions
- IBM trying to buy time
- Clickfraud Spamnil Ran Out of Clickfraud Budget, Apparently
- sooner or later charlatans and frauds run out of steam
- Techrights Gets Under the Skin of Bad, Corrupt, Immoral People (That's a Good Thing)
- Journalism is the lifeblood of democracy and free societies
- Companies Do Not Shut Down Offices and Lay Off Staff en Masse (Morale and Reputation Issue) Unless They're in Deep Financial Trouble
- Microsoft has been faking its financial performance for years
- IRC Proceedings: Tuesday, May 07, 2024
- IRC logs for Tuesday, May 07, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day
- [Video] Leaving Microsoft Behind for the Sake of National Security
- Threats to "National Security" aren't some users with an Android phone but Microsoft at the root of things
- GNU/Linux and ChromeOS Now at 6% in France, According to statCounter
- numbers from statCounter