webDotWiz Online Home ► Sites Listing ► Computer security ► Warnings and updates (Last update 10-Jul-2011)

Security warnings and updates

Latest computer security warnings July 2011

• Collecting a slew of email addresses, apparently to invite people to Google+: msmvps.com/blogs/spywaresucks/
• “I’m calling on behalf of Microsoft...”: mymicrosoftlife.com
• Social engineering in action - how web ads can lead to malware: www.zdnet.com/blog/bott/

Latest computer security warnings June 2011

• Avoid scams that use the Microsoft name fraudulently: www.microsoft.com/security/online-privacy/msname.aspx
• Fake Canadian pharma site causing headaches: blogs.technet.com/b/mmpc/
• Hackers say they attacked Sony network again: www.msnbc.msn.com
• Microsoft details emerging Internet phone scam which tricks 22% of people: www.winrumors.com
• MSRT June 2011 - Targeting Yimfoca: blogs.technet.com/b/mmpc/
• New Apple antivirus signatures bypassed within hours by malware authors: www.zdnet.com/blog/bott/
• Six tips for surviving the Sony breach: news.cnet.com

Latest computer security warnings May 2011

• Ambler trojan tries to darken your day: blogs.technet.com/b/mmpc/
• Avoid scams that use the Microsoft name fraudulently: www.microsoft.com/security/online-privacy/msname.aspx
• Bin Laden death brings malware explosion: technolog.msnbc.msn.com
• Bin Laden-related malware grows on social networks: technolog.msnbc.msn.com
• Careful! Converting currency on Google can lead to malware: technolog.msnbc.msn.com
• Coming soon to a Mac near you - serious malware: www.zdnet.com/blog/bott/
• Crying wolf? Apple support forums confirm malware explosion: www.zdnet.com/blog/bott/
• Dead code walking: blogs.technet.com/b/mmpc/
• Fake bin Laden videos and who’s checking you out on Facebook?: blogs.msdn.com/b/tzink/
• Have you checked the Java?: blogs.technet.com/b/mmpc/
• How to avoid or remove Mac Defender malware (by Apple Support): support.apple.com/kb/ht4650
• Keeping an eye on the heap: blogs.technet.com/b/mmpc/
• Little Red Ramnit - My, what big eyes you have, Grandma: blogs.technet.com/b/mmpc/
• Malware attack specifically targets Mac users: technolog.msnbc.msn.com
• Scammers Swap Google Images for Malware: krebsonsecurity.com
• Security - Slick links linked to slinky Winwebsec - Don't click suspicious links: blogs.technet.com/b/mmpc/
• Skype's Dangerous Exploit - What You Need to Know: www.pcworld.com
• What a Mac malware attack looks like: www.zdnet.com/blog/bott/
• Why malware for Macs is on its way: www.zdnet.com/blog/bott/
• Winwebsec gang responsible for FakeMacdef (MacDefender)?: blogs.technet.com/b/mmpc/

Latest warnings April 2011

• Analysis of the CVE-2011-0611 Adobe Flash Player vulnerability exploitation: blogs.technet.com/b/mmpc/
• Give me your credit (Malware): blogs.technet.com/b/mmpc/

Latest warnings March 2011

• Are you using the right "System Tool"?: blogs.technet.com/b/mmpc/
• How to defang the Fake Defragmenter: blogs.technet.com/b/mmpc/
• Level 1 Microsoft Security Advisory 2524375 Released: blogs.technet.com/b/jeffa36/
• Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat (March 14 2011): www.adobe.com/support/security/advisories/
• Technical Analysis on the CVE-2011-0609 Adobe Flash Player Vulnerability: blogs.technet.com/b/mmpc/
• Trojan downloader Chepvil on the UPSwing: blogs.technet.com/b/mmpc/

Latest warnings December 2010

• AVG Free Update Bricks 64-Bit Windows 7 PCs: www.pcworld.com
• CVE-2010-3962 – The weekend warrior: blogs.technet.com/b/mmpc/
• FakeSysdef - We can defragment that for you wholesale! / Diary of a scamware: blogs.technet.com/b/mmpc/
• How crooks fake an ATM and steal your money: www.msnbc.msn.com
• Looks familiar? Yes! From Alureon: blogs.technet.com/b/mmpc/
• Treat this list of domains with extreme caution: msmvps.com/blogs/spywaresucks/

Latest warnings November 2010

• Explore the CVE-2010-3654 matryoshka in PDFs: blogs.technet.com/b/mmpc/
• It’s NOT Koobface! New multi-platform infector: blogs.technet.com/b/mmpc/
• New Year, Same Old Rogues: blogs.technet.com/b/mmpc/
• Security alert - Active links in Messenger 2009 temporarily turned off to prevent a malicious worm: windowsteamblog.com/windows_live/b/windowslive/

Latest warnings October 2010

• Critical vulnerability in Firefox 3.5 and Firefox 3.6: blog.mozilla.com/security/
• Extremely Critical Security Updates Released for Firefox and Thunderbird: news.softpedia.com/news/
• Fake Microsoft Security Essentials software on the loose. Don’t be fooled by it: windowsteamblog.com/windows/b/windowssecurity/
• i can haz flaming recon pls?: blogs.technet.com/b/mmpc/
• Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat (Oct 28 2010): www.adobe.com/support/security/advisories/
• Stuxnet worm: en.wikipedia.org/wiki/Stuxnet

Latest warnings September 2010

• Brazilian 'Banker' caught Red-handed: blogs.technet.com/b/mmpc/
• Emerging Malware Issue - Visal.B: blogs.technet.com/b/mmpc/
• 'Evercookie' is one cookie you don't want to bite: technolog.msnbc.msn.com
• Falling for Phishes: blogs.msdn.com/b/tzink/
• Flurry of malware this past week: blogs.msdn.com/b/tzink/
• 'Here you have...' virus hits ABC/Disney, Comcast, Google: www.msnbc.msn.com
• Latest Facebook Scam: blogs.msdn.com/b/tzink/
• Latest “Here you have” malware campaign – blast from the past: blogs.msdn.com/b/tzink/
• Lots of new malvertizing badness: msmvps.com/blogs/spywaresucks/
• Malware Plays Starcraft 2: blogs.technet.com/b/mmpc/
• Microsoft Security Bulletin - September 2010 Release: blogs.technet.com/b/jeffa36/
• MSRT sets its sights on FakeCog: blogs.technet.com/b/mmpc/
• New malware strain - Stuxnet: blogs.msdn.com/b/tzink/
• Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie: blogs.technet.com/b/mmpc/
• Security Advisory for Flash Player: www.adobe.com/support/security/advisories/
• The Malware, the SMS, and the Money: blogs.technet.com/b/mmpc/
• Update not so Tweet for you: blogs.technet.com/b/mmpc/
• Update on Operation b49 and Waledac: blogs.technet.com/b/mmpc/
• Update on the "Here you have" worm (Visal.B): blogs.technet.com/b/mmpc/

Latest warnings July 2010

• Coca-Cola Scam Hits Facebook [Warning]: mashable.com
• Latest Facebook scamming: blogs.msdn.com/b/tzink/
• Stuxnet, malicious .LNKs, ...and then there was Sality: blogs.technet.com/b/mmpc/
• Stuxnet Sting: blogs.technet.com/b/mmpc/

Latest warnings April 2010

• Avoiding Internet scams - Crabby's Daily Tip: blogs.office.com/b/crabby_office_lady/
• False-Positive Detection of w32/wecorl.a virus in svchost.exe on Windows XP SP3 with McAfee Antivirus: blogs.technet.com/askcore/
• Gamania - Ill-gotten game gains: blogs.technet.com/mmpc/
• New fraudware: msmvps.com/blogs/spywaresucks/
• Uh oh… dangerous stuff on Facebook?: msmvps.com/blogs/spywaresucks/
• Warning - Windows XP SP3 and McAfee don't mix: blogs.zdnet.com/microsoft/

Latest warnings March 2010

• CVE-2010-0188 - Patched Adobe Reader Vulnerability is Actively Exploited in the Wild: blogs.technet.com/mmpc/
• Malware Delivered By Yahoo, Fox, Google Ads: tech.slashdot.org
• PDF Based Targeted Attacks are Increasing: www.f-secure.com/weblog/
• Spam trend this week – new malware targeting Facebook: blogs.msdn.com/tzink/

Latest warnings (February 2010)

• Be careful with Valentine's Day e-greetings: blogs.msdn.com/securitytipstalk/
• Cupid Struck - Valentine's Day Malware: blogs.technet.com/mmpc/
• Malware infected Firefox Add-Ons – again: msmvps.com/blogs/spywaresucks/
• Zombie cookie apocalypse (or how Flash bypasses privacy): blogs.technet.com/jamesone/

Earlier warnings

• Adobe plans to patch Reader vulnerability next week: www.computerworld.com
• ALERT - Malvertizement featuring “Blue Nile”: msmvps.com/blogs/spywaresucks/
• ALERT: Malvertizing on Facebook and gaiaonline.com: msmvps.com/blogs/spywaresucks/
• ALERT - Please treat content from antventure.com with extreme caution: msmvps.com/blogs/spywaresucks/
• ALERT: Please treat these domains with extreme caution (Jan 5 2009): msmvps.com/blogs/spywaresucks/
• Don’t fall for the Microsoft Lottery scam: blogs.msdn.com/securitytipstalk/
• Dynamoo finds malvertizing at ebuddy.com: msmvps.com/blogs/spywaresucks/
• Facebook Full of Fake Haiti Fundraiser: redtape.msnbc.com
• Fraudware that looks like Windows 7: msmvps.com/blogs/spywaresucks/
• How low can you get? (Hait earthquake email spam): blogs.msdn.com/tzink/
• New Adobe Reader and Acrobat Vulnerability (Dec 2009): blogs.adobe.com/psirt/
• Newest Member of our Rogues Gallery - Win32/FakeSpypro: blogs.technet.com/mmpc/
• Rogues FakeVimes and PrivacyCenter added to MSRT: blogs.technet.com/mmpc/
• Use Hotmail or Gmail? Be on alert for phishing scams: blogs.msdn.com/securitytipstalk/
• What’s waledac up to these days?: blogs.msdn.com/tzink/
• Win32/FakeRean and MSRT: blogs.technet.com/mmpc/

General warnings and available updates

• A Few Quiet Days.. and a New Exploit of MS08-067 Has Been Identified: blogs.technet.com/mmpc/
• Adobe Flash Player update available to address security vulnerabilities (Feb 24 2009): www.adobe.com
• ALERT: malvertizement featuring Rhapsody: msmvps.com/blogs/spywaresucks/
• ALERT: More malvertizements featuring classmates.com are being displayed at mediatakeout.com: msmvps.com/blogs/spywaresucks/
• ALERT: Three malvertizements: msmvps.com/blogs/spywaresucks/
• ALERT: treat advertising from beyond.com with extreme caution: msmvps.com/blogs/spywaresucks/
• ALERT: Treat advertising from Gilmours Media (gilmoursmedia.com) with extreme caution: msmvps.com/blogs/spywaresucks/
• Alert: treat all content from hitoptimist.com with extreme caution: msmvps.com/blogs/spywaresucks/
• ALERT: treat the domains hit-detect.com and statsnclick.com with extreme caution: msmvps.com/blogs/spywaresucks/
• Anti-Social Networking - Win32/Koobface Malware: blogs.technet.com/mmpc/
• April 1, 2009 and Conficker: blogs.technet.com/msrc/
• Big jump in online banking fraud: news.bbc.co.uk
• Birthday Problem and Conficker: blogs.technet.com/mmpc/
• Cashing in on Conficker's Bad Name: blogs.technet.com/mmpc/
• Critical Vulnerability in All Versions of Adobe Acrobat & Adobe Reader Will Be Fixed in A Couple of Weeks: bhandler.spaces.live.com
• E-mail scams “from Windows Live”: windowslivewire.spaces.live.com
• FakeXPA Virus – The Journey Continues: blogs.technet.com/mmpc/
• Free money from an empty patch of land - Anatomy of a lottery scam: www.windowslive.com/Connect/
• iBotnet - Researchers find signs of zombie Macs: blogs.zdnet.com/security/
• In the shoes of Conficker: blogs.msdn.com/tzink/
• Information about Worm:Win32/Conficker.D: blogs.technet.com/mmpc/
• Investigating the new PowerPoint issue (April 2 2009): blogs.technet.com/srd/
• It was only a matter of time… the Apple platform become a target for criminals: blogs.technet.com/keithcombs/
• Malware - Gamburl Gone Wild: blogs.technet.com/mmpc/
• Malware - SMMthing old, SMMthing new: blogs.technet.com/mmpc/
• Malware - Winwebsec on YouTube: blogs.technet.com/mmpc/
• Microsoft puts bounty on creators of Conficker worm: www.abc.net.au/news/
• Microsoft Security Advisory (968272 - Excel): www.microsoft.com/technet/security/
• Microsoft's IE8 Catches Most 'Social Malware' - News and Analysis by PC Magazine: blogs.technet.com/mmulcare/
• More info on how to protect your PC from the Conficker worm: blogs.msdn.com/mthree/
• New 0-day Exploits Using PowerPoint Files (April 3 2009): blogs.technet.com/mmpc/
• Online Game Password Stealers Riding with 0-day DirectShow Exploits: blogs.technet.com/mmpc/
• Online Game Password Stealers - MSRT Observations: blogs.technet.com/mmpc/
• Online safety in a recession: www.windowslive.com/connect/
• Protect yourself from the Conficker computer worm: www.microsoft.com/protect/
• Rogue Facebook apps steal log-in data, send spam: news.cnet.com
• Scammers target stimulus cash: www.abc.net.au/news/
• SCAMwatch: www.scamwatch.gov.au
• Vundo Employs Worm Behavior: blogs.technet.com/mmpc/
• Where's Waledac?: blogs.technet.com/mmpc/
• Whither, Conficker: blogs.msdn.com/tzink/
• Why Facebook Is Working with Microsoft to Fight Koobface Virus: www.insidefacebook.com
• Wily Weekend Worms: blog.twitter.com
• Win32/Conficker Summary Information: www.microsoft.com/security/

Malvertisements

Sandi at Spyware Sucks investigates malware that is distributed through Flash advertisements on web sites across the Internet. Below are a list of recent warnings:

• Adobe Flash Player 10 has been released - please install: msmvps.com/blogs/spywaresucks/
• ALERT: blogads.com is serving malvertizements: msmvps.com/blogs/spywaresucks/
• ALERT: malicious content (including malware via security exploit) seen via MySpace chat: msmvps.com/blogs/spywaresucks/
• ALERT: malvertizement featuring Best Western: msmvps.com/blogs/spywaresucks/
• ALERT: malvertizement featuring HP: msmvps.com/blogs/spywaresucks/
• ALERT: malvertizement featuring Talbots: msmvps.com/blogs/spywaresucks/
• ALERT: malvertizement on display at jeuxvideo.com: msmvps.com/blogs/spywaresucks/
• ALERT: Malvertizing at guardian.co.uk: msmvps.com/blogs/spywaresucks/
• ALERT: Malvertising - safepaymentsonline.com - down the rabbit hole we go: msmvps.com/blogs/spywaresucks/
• ALERT: Please treat all content from topstarmedia.net and osmedlin.com with extreme caution: msmvps.com/blogs/spywaresucks/
• ALERT: traffichunter.net and traffichunters.net: msmvps.com/blogs/spywaresucks/
• ALERT: Treat advertising at clevescene.net with extreme caution: msmvps.com/blogs/spywaresucks/
• ALERT: Treat advertising from letssingit.com with extreme caution: msmvps.com/blogs/spywaresucks/
• ALERT: Treat all content from Servedad with extreme caution: msmvps.com/blogs/spywaresucks/
• ALERT: Treat all content from yourdirectmedia.com with extreme caution: msmvps.com/blogs/spywaresucks/
• Announcement: the FTC goes after those behind "Winfixer" fraudware: msmvps.com/blogs/spywaresucks/
• Glowing brain malvertizement – and, once again, we find DIRECTI : msmvps.com/blogs/spywaresucks/
• koeppelinteractive.co.uk suspended: msmvps.com/blogs/spywaresucks/
• Lawyers given permission to serve debtors with default judgement through Facebook: msmvps.com/blogs/spywaresucks/
• Malicious script on the John Sands web site (johnsands.com.au): msmvps.com/blogs/spywaresucks/
• Malvertising - Olympic Media are still active: msmvps.com/blogs/spywaresucks/
• Malvertising research - Get background check on prospective partners: www.google.com/coop/
• More smoke and mirrors by the bad guys: msmvps.com/blogs/spywaresucks/
• Potential malvertizement featuring the Disney movie “Bolt”: msmvps.com/blogs/spywaresucks/
• traffichunters.net – a lesson in assessing the reliability of credit references: msmvps.com/blogs/spywaresucks/
• US shuts down 'scareware' sellers: news.bbc.co.uk
• Win32/Yektel - the Other Kind of Rogue: blogs.technet.com/mmpc/

Malware

• ALERT: Waledac Trojan Hosted by Fake Obama Website: blogs.technet.com/mmpc/
• Banload – The Other January Addition to MSRT: blogs.technet.com/mmpc/
• Centralized Information About The Conficker Worm: blogs.technet.com/mmpc/
• FakeXPA... Journey of a Rogue: blogs.technet.com/mmpc/
• Merry Malware - You’d better watch out, you’d better think twice: blogs.technet.com/mmpc/
• O Come All Ye Malware: blogs.technet.com/mmpc/
• Some Thoughts on Microsoft's Anti-Malware Strategy: blogs.technet.com/rhalbheer/
• Symantec Security Updates: www.sarc.com
• You received an Ecard!!!: blogs.msdn.com/the_hardman/
• Zlob - From Russia with Luck?: blogs.technet.com/mmpc/

About | Home | Latest column | Latest sites | Columns archive | Sites archive | Sites listing | webDotWizards | Windows Live