Someone is using a Grand Theft Auto mod video as a way to trick viewers into infecting themselves. Although YouTube videos remain safe to view, that hasn't stopped criminals from finding new ways to entice YouTube viewers to get infected with the latest Trojan horse. The latest example is a Grand Theft Auto video for a mod called Hood Life. According to Chris Boyd, Director of Malware Research at FaceTime Security Labs, the graphics in the mod are lame. He says the images used in the video are circa 1986, crudely rendered, not up to the high standards of … Read more
With the weather getting warmer, Power Downloader decided that it was time to get away from his computer and take a little vacation with his niece, Kitty Kilobyte. Of course, the thing he worries about the most when leaving the Power Lair unattended is some would-be criminal getting in and stealing his top-secret documents.
Power Downloader is especially concerned about certain items on his desktop, which need to remain top secret when he and Kitty Kilobyte go on vacation. His plans for thwarting villains, programs that map secret locations, layouts of evil lairs, or other top-secret stuff could mean disaster if they get into the wrong hands.… Read more
At some point within the last week, some MySpace user pages were seeded with malicious computer code. The malicious code seeks to exploit Microsoft Windows and Internet Explorer using recently patched security holes. The hope is that you haven't patched your computer yet. If you're a MySpace visitor and you visit one of the infected pages, you'll be redirected to a fake MySpace log-in page aiming to steal the visitor's MySpace user name and password. The attack employs phishing and drive-by download techniques.
SANS' Internet Storm Center offers a detailed breakdown of the attack.
Tom is your average computer user with antivirus protection that does just fine until the day it all comes crashing down. When a lovepostcards.net link automatically appears on his forum posts, Tom knows he's been pummeled by Trojans.
What got him? How did he oust the intruder? What insights from the CNET Download.com editors can keep you from a similar fate? Find out in this week's Spyware Horror Story!
Apple today announced Mac OS X 10.4.10 along with a new security update. The updated version 10.4.10 includes fixes for Bluetooth and USB connections, plus several minor enhancements of the operating system. The security update, the sixth in what appears to be a monthly release cycle for 2007, addresses a vulnerability in the IPv6 networking protocol. It affects users of Mac OS X 10.4 and later, and is available from within Mac OS X via the Software Update pane in System Preferences, or from Apple's software downloads page.
Patch for Networking This patch affects … Read more
As the automated Mpack attack continues to turn thousands of legitimate Web sites into compromised sites offering drive-by downloads of malicious software, security researcher Roger Thompson over at Exploit Prevention Labs reminds us there are other exploits compromising legitimate sites, and some are as easy to find as entering a simple search string on Google. For more than a week (starting before the current Mpack attack), Thompson has been posting a list of dangerous search strings on his blog site. I've collected these and indicated in parentheses some of the known exploits associated.
atlas mountains country (WebAttacker 2 or … Read more
Cerulean Studios on Monday released a "highly critical" security update for its Trillian multi-protocol chat software.
Attackers could exploit vulnerabilities in the character encoding for Trillian 22.214.171.124--specifically, the word-wrapping handling of UTF-8, the Unicode Transformation Format used for encoding characters in e-mail, instant messages and Web pages, iDefense Labs warned in its security advisory. The vulnerabilities potentially could affect earlier versions of the Trillian software as well, iDefense said.
Trillian, which supports Yahoo's Instant Messenger, AOL's AIM, MSN Messenger, and Internet-relay chat and ICQ ("I seek you") instant-messaging protocols, could be … Read more
Power Downloader knows that regular maintenance for his PC is crucial to his continued success as an Internet superhero. If his computer is not in top working condition when on the tail of some infamous spammer, it can mean the difference between life and death. While the stakes might be higher for Power Downloader, he also knows that everyone should perform routine maintenance if they want their computer to continue working properly.
Though there are several programs available to fix specific problems, Power Downloader decided that a one-program solution might be the most convenient way to keep his system in tip-top shape. After some quick research at Download.com, Power found Advanced WindowsCare Personal edition.… Read more
For its first major update in over two years, Lavasoft's Ad-Aware 2007 offers a redesigned interface and an overhauled detection engine, along with an enhanced Update Manager and a new Tracksweep feature that clears your browsing history for multiple applications with one click.
Take a quick tour of Ad-Aware 2007 with this First Look video.