Security warnings and updates
Latest computer security warnings July 2011
- Collecting a slew of email addresses, apparently to invite people to Google+: msmvps.com/blogs/spywaresucks/
- “I’m calling on behalf of Microsoft...”: mymicrosoftlife.com
- Social engineering in action - how web ads can lead to malware: www.zdnet.com/blog/bott/
Latest computer security warnings June 2011
- Avoid scams that use the Microsoft name fraudulently: www.microsoft.com/security/online-privacy/msname.aspx
- Fake Canadian pharma site causing headaches: blogs.technet.com/b/mmpc/
- Hackers say they attacked Sony network again: www.msnbc.msn.com
- Microsoft details emerging Internet phone scam which tricks 22% of people: www.winrumors.com
- MSRT June 2011 - Targeting Yimfoca: blogs.technet.com/b/mmpc/
- New Apple antivirus signatures bypassed within hours by malware authors: www.zdnet.com/blog/bott/
- Six tips for surviving the Sony breach: news.cnet.com
Latest computer security warnings May 2011
- Ambler trojan tries to darken your day: blogs.technet.com/b/mmpc/
- Avoid scams that use the Microsoft name fraudulently: www.microsoft.com/security/online-privacy/msname.aspx
- Bin Laden death brings malware explosion: technolog.msnbc.msn.com
- Bin Laden-related malware grows on social networks: technolog.msnbc.msn.com
- Careful! Converting currency on Google can lead to malware: technolog.msnbc.msn.com
- Coming soon to a Mac near you - serious malware: www.zdnet.com/blog/bott/
- Crying wolf? Apple support forums confirm malware explosion: www.zdnet.com/blog/bott/
- Dead code walking: blogs.technet.com/b/mmpc/
- Fake bin Laden videos and who’s checking you out on Facebook?: blogs.msdn.com/b/tzink/
- Have you checked the Java?: blogs.technet.com/b/mmpc/
- How to avoid or remove Mac Defender malware (by Apple Support): support.apple.com/kb/ht4650
- Keeping an eye on the heap: blogs.technet.com/b/mmpc/
- Little Red Ramnit - My, what big eyes you have, Grandma: blogs.technet.com/b/mmpc/
- Malware attack specifically targets Mac users: technolog.msnbc.msn.com
- Scammers Swap Google Images for Malware: krebsonsecurity.com
- Security - Slick links linked to slinky Winwebsec - Don't click suspicious links: blogs.technet.com/b/mmpc/
- Skype's Dangerous Exploit - What You Need to Know: www.pcworld.com
- What a Mac malware attack looks like: www.zdnet.com/blog/bott/
- Why malware for Macs is on its way: www.zdnet.com/blog/bott/
- Winwebsec gang responsible for FakeMacdef (MacDefender)?: blogs.technet.com/b/mmpc/
Latest warnings April 2011
- Analysis of the CVE-2011-0611 Adobe Flash Player vulnerability exploitation: blogs.technet.com/b/mmpc/
- Give me your credit (Malware): blogs.technet.com/b/mmpc/
Latest warnings March 2011
- Are you using the right "System Tool"?: blogs.technet.com/b/mmpc/
- How to defang the Fake Defragmenter: blogs.technet.com/b/mmpc/
- Level 1 Microsoft Security Advisory 2524375 Released: blogs.technet.com/b/jeffa36/
- Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat (March 14 2011): www.adobe.com/support/security/advisories/
- Technical Analysis on the CVE-2011-0609 Adobe Flash Player Vulnerability: blogs.technet.com/b/mmpc/
- Trojan downloader Chepvil on the UPSwing: blogs.technet.com/b/mmpc/
Latest warnings December 2010
- AVG Free Update Bricks 64-Bit Windows 7 PCs: www.pcworld.com
- CVE-2010-3962 – The weekend warrior: blogs.technet.com/b/mmpc/
- FakeSysdef - We can defragment that for you wholesale! / Diary of a scamware: blogs.technet.com/b/mmpc/
- How crooks fake an ATM and steal your money: www.msnbc.msn.com
- Looks familiar? Yes! From Alureon: blogs.technet.com/b/mmpc/
- Treat this list of domains with extreme caution: msmvps.com/blogs/spywaresucks/
Latest warnings November 2010
- Explore the CVE-2010-3654 matryoshka in PDFs: blogs.technet.com/b/mmpc/
- It’s NOT Koobface! New multi-platform infector: blogs.technet.com/b/mmpc/
- New Year, Same Old Rogues: blogs.technet.com/b/mmpc/
- Security alert - Active links in Messenger 2009 temporarily turned off to prevent a malicious worm: windowsteamblog.com/windows_live/b/windowslive/
Latest warnings October 2010
- Critical vulnerability in Firefox 3.5 and Firefox 3.6: blog.mozilla.com/security/
- Extremely Critical Security Updates Released for Firefox and Thunderbird: news.softpedia.com/news/
- Fake Microsoft Security Essentials software on the loose. Don’t be fooled by it: windowsteamblog.com/windows/b/windowssecurity/
- i can haz flaming recon pls?: blogs.technet.com/b/mmpc/
- Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat (Oct 28 2010): www.adobe.com/support/security/advisories/
- Stuxnet worm: en.wikipedia.org/wiki/Stuxnet
Latest warnings September 2010
- Brazilian 'Banker' caught Red-handed: blogs.technet.com/b/mmpc/
- Emerging Malware Issue - Visal.B: blogs.technet.com/b/mmpc/
- 'Evercookie' is one cookie you don't want to bite: technolog.msnbc.msn.com
- Falling for Phishes: blogs.msdn.com/b/tzink/
- Flurry of malware this past week: blogs.msdn.com/b/tzink/
- 'Here you have...' virus hits ABC/Disney, Comcast, Google: www.msnbc.msn.com
- Latest Facebook Scam: blogs.msdn.com/b/tzink/
- Latest “Here you have” malware campaign – blast from the past: blogs.msdn.com/b/tzink/
- Lots of new malvertizing badness: msmvps.com/blogs/spywaresucks/
- Malware Plays Starcraft 2: blogs.technet.com/b/mmpc/
- Microsoft Security Bulletin - September 2010 Release: blogs.technet.com/b/jeffa36/
- MSRT sets its sights on FakeCog: blogs.technet.com/b/mmpc/
- New malware strain - Stuxnet: blogs.msdn.com/b/tzink/
- Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie: blogs.technet.com/b/mmpc/
- Security Advisory for Flash Player: www.adobe.com/support/security/advisories/
- The Malware, the SMS, and the Money: blogs.technet.com/b/mmpc/
- Update not so Tweet for you: blogs.technet.com/b/mmpc/
- Update on Operation b49 and Waledac: blogs.technet.com/b/mmpc/
- Update on the "Here you have" worm (Visal.B): blogs.technet.com/b/mmpc/
Latest warnings July 2010
- Coca-Cola Scam Hits Facebook [Warning]: mashable.com
- Latest Facebook scamming: blogs.msdn.com/b/tzink/
- Stuxnet, malicious .LNKs, ...and then there was Sality: blogs.technet.com/b/mmpc/
- Stuxnet Sting: blogs.technet.com/b/mmpc/
Latest warnings April 2010
- Avoiding Internet scams - Crabby's Daily Tip: blogs.office.com/b/crabby_office_lady/
- False-Positive Detection of w32/wecorl.a virus in svchost.exe on Windows XP SP3 with McAfee Antivirus: blogs.technet.com/askcore/
- Gamania - Ill-gotten game gains: blogs.technet.com/mmpc/
- New fraudware: msmvps.com/blogs/spywaresucks/
- Uh oh… dangerous stuff on Facebook?: msmvps.com/blogs/spywaresucks/
- Warning - Windows XP SP3 and McAfee don't mix: blogs.zdnet.com/microsoft/
Latest warnings March 2010
- CVE-2010-0188 - Patched Adobe Reader Vulnerability is Actively Exploited in the Wild: blogs.technet.com/mmpc/
- Malware Delivered By Yahoo, Fox, Google Ads: tech.slashdot.org
- PDF Based Targeted Attacks are Increasing: www.f-secure.com/weblog/
- Spam trend this week – new malware targeting Facebook: blogs.msdn.com/tzink/
Latest warnings (February 2010)
- Be careful with Valentine's Day e-greetings: blogs.msdn.com/securitytipstalk/
- Cupid Struck - Valentine's Day Malware: blogs.technet.com/mmpc/
- Malware infected Firefox Add-Ons – again: msmvps.com/blogs/spywaresucks/
- Zombie cookie apocalypse (or how Flash bypasses privacy): blogs.technet.com/jamesone/
Earlier warnings
- Adobe plans to patch Reader vulnerability next week: www.computerworld.com
- ALERT - Malvertizement featuring “Blue Nile”: msmvps.com/blogs/spywaresucks/
- ALERT: Malvertizing on Facebook and gaiaonline.com: msmvps.com/blogs/spywaresucks/
- ALERT - Please treat content from antventure.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Please treat these domains with extreme caution (Jan 5 2009): msmvps.com/blogs/spywaresucks/
- Don’t fall for the Microsoft Lottery scam: blogs.msdn.com/securitytipstalk/
- Dynamoo finds malvertizing at ebuddy.com: msmvps.com/blogs/spywaresucks/
- Facebook Full of Fake Haiti Fundraiser: redtape.msnbc.com
- Fraudware that looks like Windows 7: msmvps.com/blogs/spywaresucks/
- How low can you get? (Hait earthquake email spam): blogs.msdn.com/tzink/
- New Adobe Reader and Acrobat Vulnerability (Dec 2009): blogs.adobe.com/psirt/
- Newest Member of our Rogues Gallery - Win32/FakeSpypro: blogs.technet.com/mmpc/
- Rogues FakeVimes and PrivacyCenter added to MSRT: blogs.technet.com/mmpc/
- Use Hotmail or Gmail? Be on alert for phishing scams: blogs.msdn.com/securitytipstalk/
- What’s waledac up to these days?: blogs.msdn.com/tzink/
- Win32/FakeRean and MSRT: blogs.technet.com/mmpc/
General warnings and available updates
- A Few Quiet Days.. and a New Exploit of MS08-067 Has Been Identified: blogs.technet.com/mmpc/
- Adobe Flash Player update available to address security vulnerabilities (Feb 24 2009): www.adobe.com
- ALERT: malvertizement featuring Rhapsody: msmvps.com/blogs/spywaresucks/
- ALERT: More malvertizements featuring classmates.com are being displayed at mediatakeout.com: msmvps.com/blogs/spywaresucks/
- ALERT: Three malvertizements: msmvps.com/blogs/spywaresucks/
- ALERT: treat advertising from beyond.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Treat advertising from Gilmours Media (gilmoursmedia.com) with extreme caution: msmvps.com/blogs/spywaresucks/
- Alert: treat all content from hitoptimist.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: treat the domains hit-detect.com and statsnclick.com with extreme caution: msmvps.com/blogs/spywaresucks/
- Anti-Social Networking - Win32/Koobface Malware: blogs.technet.com/mmpc/
- April 1, 2009 and Conficker: blogs.technet.com/msrc/
- Big jump in online banking fraud: news.bbc.co.uk
- Birthday Problem and Conficker: blogs.technet.com/mmpc/
- Cashing in on Conficker's Bad Name: blogs.technet.com/mmpc/
- Critical Vulnerability in All Versions of Adobe Acrobat & Adobe Reader Will Be Fixed in A Couple of Weeks: bhandler.spaces.live.com
- E-mail scams “from Windows Live”: windowslivewire.spaces.live.com
- FakeXPA Virus – The Journey Continues: blogs.technet.com/mmpc/
- Free money from an empty patch of land - Anatomy of a lottery scam: www.windowslive.com/Connect/
- iBotnet - Researchers find signs of zombie Macs: blogs.zdnet.com/security/
- In the shoes of Conficker: blogs.msdn.com/tzink/
- Information about Worm:Win32/Conficker.D: blogs.technet.com/mmpc/
- Investigating the new PowerPoint issue (April 2 2009): blogs.technet.com/srd/
- It was only a matter of time… the Apple platform become a target for criminals: blogs.technet.com/keithcombs/
- Malware - Gamburl Gone Wild: blogs.technet.com/mmpc/
- Malware - SMMthing old, SMMthing new: blogs.technet.com/mmpc/
- Malware - Winwebsec on YouTube: blogs.technet.com/mmpc/
- Microsoft puts bounty on creators of Conficker worm: www.abc.net.au/news/
- Microsoft Security Advisory (968272 - Excel): www.microsoft.com/technet/security/
- Microsoft's IE8 Catches Most 'Social Malware' - News and Analysis by PC Magazine: blogs.technet.com/mmulcare/
- More info on how to protect your PC from the Conficker worm: blogs.msdn.com/mthree/
- New 0-day Exploits Using PowerPoint Files (April 3 2009): blogs.technet.com/mmpc/
- Online Game Password Stealers Riding with 0-day DirectShow Exploits: blogs.technet.com/mmpc/
- Online Game Password Stealers - MSRT Observations: blogs.technet.com/mmpc/
- Online safety in a recession: www.windowslive.com/connect/
- Protect yourself from the Conficker computer worm: www.microsoft.com/protect/
- Rogue Facebook apps steal log-in data, send spam: news.cnet.com
- Scammers target stimulus cash: www.abc.net.au/news/
- SCAMwatch: www.scamwatch.gov.au
- Vundo Employs Worm Behavior: blogs.technet.com/mmpc/
- Where's Waledac?: blogs.technet.com/mmpc/
- Whither, Conficker: blogs.msdn.com/tzink/
- Why Facebook Is Working with Microsoft to Fight Koobface Virus: www.insidefacebook.com
- Wily Weekend Worms: blog.twitter.com
- Win32/Conficker Summary Information: www.microsoft.com/security/
Malvertisements
Sandi at Spyware Sucks investigates malware that is distributed through Flash advertisements on web sites across the Internet. Below are a list of recent warnings:
- Adobe Flash Player 10 has been released - please install: msmvps.com/blogs/spywaresucks/
- ALERT: blogads.com is serving malvertizements: msmvps.com/blogs/spywaresucks/
- ALERT: malicious content (including malware via security exploit) seen via MySpace chat: msmvps.com/blogs/spywaresucks/
- ALERT: malvertizement featuring Best Western: msmvps.com/blogs/spywaresucks/
- ALERT: malvertizement featuring HP: msmvps.com/blogs/spywaresucks/
- ALERT: malvertizement featuring Talbots: msmvps.com/blogs/spywaresucks/
- ALERT: malvertizement on display at jeuxvideo.com: msmvps.com/blogs/spywaresucks/
- ALERT: Malvertizing at guardian.co.uk: msmvps.com/blogs/spywaresucks/
- ALERT: Malvertising - safepaymentsonline.com - down the rabbit hole we go: msmvps.com/blogs/spywaresucks/
- ALERT: Please treat all content from topstarmedia.net and osmedlin.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: traffichunter.net and traffichunters.net: msmvps.com/blogs/spywaresucks/
- ALERT: Treat advertising at clevescene.net with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Treat advertising from letssingit.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Treat all content from Servedad with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Treat all content from yourdirectmedia.com with extreme caution: msmvps.com/blogs/spywaresucks/
- Announcement: the FTC goes after those behind "Winfixer" fraudware: msmvps.com/blogs/spywaresucks/
- Glowing brain malvertizement – and, once again, we find DIRECTI : msmvps.com/blogs/spywaresucks/
- koeppelinteractive.co.uk suspended: msmvps.com/blogs/spywaresucks/
- Lawyers given permission to serve debtors with default judgement through Facebook: msmvps.com/blogs/spywaresucks/
- Malicious script on the John Sands web site (johnsands.com.au): msmvps.com/blogs/spywaresucks/
- Malvertising - Olympic Media are still active: msmvps.com/blogs/spywaresucks/
- Malvertising research - Get background check on prospective partners: www.google.com/coop/
- More smoke and mirrors by the bad guys: msmvps.com/blogs/spywaresucks/
- Potential malvertizement featuring the Disney movie “Bolt”: msmvps.com/blogs/spywaresucks/
- traffichunters.net – a lesson in assessing the reliability of credit references: msmvps.com/blogs/spywaresucks/
- US shuts down 'scareware' sellers: news.bbc.co.uk
- Win32/Yektel - the Other Kind of Rogue: blogs.technet.com/mmpc/
Malware
- ALERT: Waledac Trojan Hosted by Fake Obama Website: blogs.technet.com/mmpc/
- Banload – The Other January Addition to MSRT: blogs.technet.com/mmpc/
- Centralized Information About The Conficker Worm: blogs.technet.com/mmpc/
- FakeXPA... Journey of a Rogue: blogs.technet.com/mmpc/
- Merry Malware - You’d better watch out, you’d better think twice: blogs.technet.com/mmpc/
- O Come All Ye Malware: blogs.technet.com/mmpc/
- Some Thoughts on Microsoft's Anti-Malware Strategy: blogs.technet.com/rhalbheer/
- Symantec Security Updates: www.sarc.com
- You received an Ecard!!!: blogs.msdn.com/the_hardman/
- Zlob - From Russia with Luck?: blogs.technet.com/mmpc/