worms

Microsoft plans to release a patch on Monday for a flaw involving how Windows handles shortcut files, after seeing the hole being used to spread a particularly nasty and fast-spreading virus, the company said Friday.

Initially, the Windows flaw was used to spread the Stuxnet worm via USB drives. The vulnerability, which is in all versions of Windows, is in the code that processes shortcut files ending in ".lnk," according to the Microsoft advisory from two weeks ago that included information on a work-around.

Now there are copycat attacks in which the .lnk hole, or "shortcut hole,&… Read more

The security world is aflutter over new malware that has been spreading via USB devices and is programmed to steal data from systems running specific software used in utilities and industrial manufacturing plants.

There are a lot of moving parts to this story so we've decided to break them down and tell you what is happening and how it impacts you.

What is the malware exactly? The attack involves several components: a worm that spreads via USB drives and exploits a previously unknown vulnerability in Windows and a Trojan backdoor that looks to see if an infected machine is … Read more

On the heels of a worm that was installing backdoors on Windows systems via Yahoo Instant Messenger comes a new worm that is even more sophisticated in its social engineering and payload, security firm Bkis said on Friday.

The malware arrives via instant message through Yahoo or Skype with any one of a number of messages, including "Does my new hair style look good? bad? perfect?" or "My printer is about to be thrown through a window if this pic won't come out right. You see anything wrong with it?" Bkis wrote in a blog post. … Read more

A worm is spreading via Yahoo Instant Messenger Thursday that tricks people into downloading what they think is a photo from a friend but is instead malware that installs a backdoor on Windows systems and spreads to a victim's IM contacts.

The worm arrives via a message from a contact with the word "photo" or "photos" and a smiley face icon, along with a link to a Web site resembling a Facebook page, MySpace page, or some other page where photos might reside.

If the user clicks on the link on a Macintosh system, an … Read more

A year ago, a variant of the high-profile Conficker worm was all set to stir, programmed to begin receiving update instructions on April 1, with potential consequences being anybody's guess.

Those fears were unfounded as the worm's worst impact appeared to be that it installed malware that displays fake antivirus warnings.

The time bomb failed to blow up, and the buzz died down. But a year later several variants of the worm are still around and growing, albeit slowly--causing problems for unsuspecting Windows users.

Conficker caused major headaches for CNET TV associate producer Jason Howell a few weeks … Read more

A survey of 500 companies found a 70 percent jump in spam and malware attacks via social networking sites in 2009, according to a new report from security firm Sophos.

Facebook topped the list as the perceived riskiest of the major social-networking sites, followed by MySpace, Twitter, and finally LinkedIn.

The Sophos report (PDF) said that more than 50 percent of the companies surveyed were spammed through a social-networking site last year and that 36 percent were hit by malware from such a site.

The danger to businesses from social-networking malware is especially high. Most of the companies surveyed expressed … Read more

Cloud computing and virtualization are just two technologies that cybercriminals are anxious to exploit, forecasts a report released Wednesday by security vendor Trend Micro.

The year ahead offers new opportunities for cybercrooks as they hunt for more targets and new challenges as people try to protect themselves, says Trend Micro's 2010 Future Threat Report (PDF).

Cloud computing and virtualization can be cost effective. But since they're beyond the confines of a company's own firewall, they could be potentially open areas for cybercriminals to attack. October's Sidekick data outage highlighted the vulnerabilities of the cloud, which cybercrooks … Read more

Another iPhone worm similar to the "Rickrolling" malware has been found targeting users in the Netherlands. The BBC is reporting on this variant of the threat, calling it "Clearly malicious" because it attempts to both remotely control affected iPhones and also steal personal information such as bank login IDs.… Read more

Another iPhone worm has been spotted in the wild.

Unlike the previous exploitation, which merely changed a jailbroken iPhone's wallpaper to a picture of Rick Astley of "Rickrolling" fame, this new threat allows hackers to steal sensitive information.

According to security firm Sophos, which wrote about the exploitation after a Dutch ISP spotted it late last week, the worm attacks jailbroken iPhone and iPod Touch devices only.

The worm "uses command-and-control, like a traditional PC botnet," Sophos wrote in a blog post on Saturday to warn users about the exploit. "It configures two startup … Read more