Eye on Security: Windows Ransomware, DLL Hole, Malware, and More
- Dr. Roy Schestowitz
- 2010-09-03 06:46:58 UTC
- Modified: 2010-09-03 06:46:58 UTC
Summary: Menaces and unpleasant 'niceties' that only affect users of Windows this week
●
Russian cops cuff 10 ransomware Trojan suspects [
via]
PCs infected by the WinLock Trojan at the centre of the scam were rendered unusable because the malware disabled key Windows components. More embarrassingly pornographic images were displayed on compromised machines, IDG adds.
●
Polymorphic ransomware tops malware charts
Ransomware variant TotalSecurity is topping the malware charts, according to the latest threat report from security firm Fortinet.
August was the biggest comeback month since March for TotalSecurity, which locks out applications and data, and then demands a ransom to restore access.
●
Microsoft Releases 'Fix It' for DLL Hole
The DLL security vulnerability first grabbed headlines in August when a Slovenian security research firm pointed out that, under some circumstances, a malicious hacker could deploy a booby-trapped DLL file into a directory where Windows will load it, potentially granting the attacker control over the system. But it later surfaced that a U.S. security researcher had warned Microsoft about the DLL issue almost a year before, and had even published an academic paper on the threat last month.
●
Google Code hosting malware-spreading project
Google Code's project hosting feature has occasionally been used by malicious individuals for storing and spreading malware.
[...]
After this discovery was made public, Google removed the offending project. But this instance shows that the company must find a better way of detecting malware hosted on its sites.
●
University loses nearly 1 million dollars to malware
Thieves appear to have stolen the funds from University of Virginia after compromising a computer belonging to the University's Financial Controller. Malware intercepted the Online Banking Credentials for the University's Bank accounts and initiated a fraudulent wire transfer for $996,000 to a Bank in China.
●
25 percent of Windows malware now targets USB storage devices
In a survey of small businesses, PandaLabs discovered that 48 percent had been victims of malware in the past year. Of those businesses infected, 27 percent were able to verify that a compromised USB device was at the root of the issue.
●
New malware detects browser, shows fake malware warning page
While the malware is a pretty good attempt, it's not perfect. The goal is to get the user to download and install something, shelling out some cash in the process, which neither of the three browser vendors would ever recommend. The Firefox warning page, meanwhile, has an obvious typo ("Get me our of here"). In addition, it's suspicious that a webpage is going out of its way to tell you it is protecting your purchase. It's also not hard to check that the supposedly detected files do not actually exist on the user's computer. All of these missteps should raise red flags immediately; having said that, we've still not before seen this level of detail and effort from the bad guys.
●
Heartland pays another $5.4m for malware infection
The United States' fourth largest credit card payments processing company Heartland Payment Systems has agreed to pay a US$5 million ($5.4 million) settlement to its financial services customer Discover over a data breach caused by a malware infection.
Heartland processed card payments for Visa, Mastercard and other financial service providers to the tune of US$70 billion in 2009.
●
Rogue Win7 AV Copies the Microsoft Security Essentials Site
There are downsides to market success, and in the case of Microsoft Security Essentials is that attackers build malware designed to piggy-back ride the free security solution from Microsoft.
Recent Techrights' Posts
- Software Freedom Conservancy (SFC), Inc. vs. Vizio, Inc. Is Costing the Free Software Foundation Money
- FSF subpoena and deposition
- They Try to Replace the Creators of GNU/Linux and Hijack Their Word, Work, and Reputation
- gnu.org is down at the moment; now I'm told it's back but very slow. DDoS?
- Links 05/05/2024: Political Cyberattacks From Russia and Google Getting a Lot Worse
- Links for the day
-
- Death of Michael Anthony Bordlee, New Orleans, Louisiana
- Reprinted with permission from disguised.work
- The Revolution Continues
- Today we've published over 20 pages and tomorrow we expect more or less the same
- Death of Dr Alex Blewitt, UK
- Reprinted with permission from disguised.work
- Following the Herd (or HURD)
- Society advances owing to people who think differently and promote positive change, not corporate shills
- Thiemo Seufer & Debian deaths: examining accidents and suicides
- Reprinted with permission from disguised.work
- Gemini Links 05/05/2024: Infobesity and Profectus Beta 1.0
- Links for the day
- Running This Site Mostly a Joyful Activity
- The real problem or the thing that we need to cancel is this "Cancel Culture"
- Australia Has Finally Joined the "4% Club" (ChromeOS+GNU/Linux)
- statCounter stats
- Debian as a Hazardous Workplace Where No Accountability Exists (Nor Salaries)
- systematic exploitation of skilled developers by free 'riders' (or freeloaders) like Google, IBM, and Microsoft
- Clownflare Isn't Free and Its CEO Openly Boasted They'd Start Charging Everyone to Offset the Considerable Losses (It's a Trap, It's Just Bait)
- Clownflare has collapsed
- Apple Delivered Very Disappointing Results, Said It Would Buy Its Own Shares (Nobody Will Check This), Company's Debt Now Exceeds Its Monetary Assets
- US debt is now 99.98 trillion dollars
- FSFE Still Boasts About Working Underage People for No Pay
- without even paying them
- IRC Proceedings: Saturday, May 04, 2024
- IRC logs for Saturday, May 04, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day
- The Persecution of Richard Stallman
- WebM version of a new video
- Molly de Blanc has been terminated, Magdalen Berns' knockout punch and the Wizard of Oz
- Reprinted with permission from disguised.work
- [Meme] IBM's Idea of Sharing (to IBM)
- the so-called founder of IBM worshiped and saluted Adolf Hitler himself
- Neil McGovern & Debian: GNOME and Mollygate
- Reprinted with permission from disguised.work
- [Meme] People Who Don't Write Code Demanding the Removal of Those Who Do
- She has blue hair and she sleeps with the Debian Project Leader
- Jaminy Prabaharan & Debian: the GSoC admin who failed GSoC
- Reprinted with permission from disguised.work
- Jonathan Carter, Matthew Miller & Debian, Fedora: Community, Cult, Fraud
- Reprinted with permission from disguised.work
- Techrights This May
- We strive to keep it lean and fast
- Links 04/05/2024: Attacks on Workers and the Press
- Links for the day
- Gemini Links 04/05/2024: Abstractions in Development Considered Harmful
- Links for the day
- Links 04/05/2024: Tesla a "Tech-Bubble", YouTube Ads When Pausing
- Links for the day
- Free Software Community/Volunteers Aren't Circus Animals of GAFAM, IBM, Canonical and So On...
- Playing with people's lives for capital gain or "entertainment" isn't acceptable
- [Meme] The Cancer Culture
- Mission accomplished?
- Germany Transitioning to GNU/Linux
- Why aren't more German federal states following the footsteps of Schleswig-Holstein?
- IRC Proceedings: Friday, May 03, 2024
- IRC logs for Friday, May 03, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day
- Alexander Wirt, Bucha executions & Debian political prisoners
- Reprinted with permission from disguised.work
- Links 03/05/2024: Clownflare Collapses and China Deploys Homegrown Aircraft Carrier
- Links for the day
- IBM's Decision to Acquire HashiCorp is Bad News for Red Hat
- IBM acquired functionality that it had already acquired before
- Apparently Mass Layoffs at Microsoft Again (Late Friday), Meaning Mass Layoffs Every Month This Year Including May
- not familiar with the source site though
- Gemini Links 03/05/2024: Diaspora Still Alive and Fight Against Fake News
- Links for the day
- [Meme] Reserving Scorn for Those Who Expose the Misconduct
- they like to frame truth-tellers as 'harassers'
- Why the Articles From Daniel Pocock (FSFE, Fedora, Debian Etc. Insider) Still Matter a Lot
- Revisionism will try to suggest that "it's not true" or "not true anymore" or "it's old anyway"...
- Links 03/05/2024: Canada Euthanising Its Poor and Disabled, Call for Julian Assange's Freedom
- Links for the day
- Dashamir Hoxha & Debian harassment
- Reprinted with permission from disguised.work
- Maria Glukhova, Dmitry Bogatov & Debian Russia, Google, debian-private leaks
- Reprinted with permission from disguised.work
- Who really owns Debian: Ubuntu or Google?
- Reprinted with permission from disguised.work
- Keeping Computers at the Hands of Their Owners
- There's a reason why this site's name (or introduction) does not obsess over trademarks and such
- In May 2024 (So Far) statCounter's Measure of Linux 'Market Share' is Back at 7% (ChromeOS Included)
- for several months in a row ChromeOS (that would be Chromebooks) is growing
- Links 03/05/2024: Microsoft Shutting Down Xbox 360 Store and the 360 Marketplace
- Links for the day
- Evidence: Ireland, European Parliament 2024 election interference, fake news, Wikipedia, Google, WIPO, FSFE & Debian
- Reprinted with permission from Daniel Pocock
- Enforcing the Debian Social Contract with Uncensored.Deb.Ian.Community
- Reprinted with permission from Daniel Pocock
- Gemini Links 03/05/2024: Antenna Needs Your Gemlog, a Look at Gemini Get
- Links for the day
- IRC Proceedings: Thursday, May 02, 2024
- IRC logs for Thursday, May 02, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day