Security warnings and updates
Latest warnings September 2010
- Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie: blogs.technet.com/b/mmpc/
- Update not so Tweet for you: blogs.technet.com/b/mmpc/
Latest warnings July 2010
- Coca-Cola Scam Hits Facebook [Warning]: mashable.com
- Latest Facebook scamming: blogs.msdn.com/b/tzink/
- Stuxnet, malicious .LNKs, ...and then there was Sality: blogs.technet.com/b/mmpc/
- Stuxnet Sting: blogs.technet.com/b/mmpc/
Latest warnings April 2010
- Avoiding Internet scams - Crabby's Daily Tip: blogs.office.com/b/crabby_office_lady/
- False-Positive Detection of w32/wecorl.a virus in svchost.exe on Windows XP SP3 with McAfee Antivirus: blogs.technet.com/askcore/
- Gamania - Ill-gotten game gains: blogs.technet.com/mmpc/
- New fraudware: msmvps.com/blogs/spywaresucks/
- Uh oh… dangerous stuff on Facebook?: msmvps.com/blogs/spywaresucks/
- Warning - Windows XP SP3 and McAfee don't mix: blogs.zdnet.com/microsoft/
Latest warnings March 2010
- CVE-2010-0188 - Patched Adobe Reader Vulnerability is Actively Exploited in the Wild: blogs.technet.com/mmpc/
- Malware Delivered By Yahoo, Fox, Google Ads: tech.slashdot.org
- PDF Based Targeted Attacks are Increasing: www.f-secure.com/weblog/
- Spam trend this week – new malware targeting Facebook: blogs.msdn.com/tzink/
Latest warnings (February 2010)
- Be careful with Valentine's Day e-greetings: blogs.msdn.com/securitytipstalk/
- Cupid Struck - Valentine's Day Malware: blogs.technet.com/mmpc/
- Malware infected Firefox Add-Ons – again: msmvps.com/blogs/spywaresucks/
- Zombie cookie apocalypse (or how Flash bypasses privacy): blogs.technet.com/jamesone/
Earlier warnings
- Adobe plans to patch Reader vulnerability next week: www.computerworld.com
- ALERT - Malvertizement featuring “Blue Nile”: msmvps.com/blogs/spywaresucks/
- ALERT: Malvertizing on Facebook and gaiaonline.com: msmvps.com/blogs/spywaresucks/
- ALERT - Please treat content from antventure.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Please treat these domains with extreme caution (Jan 5 2009): msmvps.com/blogs/spywaresucks/
- Don’t fall for the Microsoft Lottery scam: blogs.msdn.com/securitytipstalk/
- Dynamoo finds malvertizing at ebuddy.com: msmvps.com/blogs/spywaresucks/
- Facebook Full of Fake Haiti Fundraiser: redtape.msnbc.com
- Fraudware that looks like Windows 7: msmvps.com/blogs/spywaresucks/
- How low can you get? (Hait earthquake email spam): blogs.msdn.com/tzink/
- New Adobe Reader and Acrobat Vulnerability (Dec 2009): blogs.adobe.com/psirt/
- Newest Member of our Rogues Gallery - Win32/FakeSpypro: blogs.technet.com/mmpc/
- Rogues FakeVimes and PrivacyCenter added to MSRT: blogs.technet.com/mmpc/
- Use Hotmail or Gmail? Be on alert for phishing scams: blogs.msdn.com/securitytipstalk/
- What’s waledac up to these days?: blogs.msdn.com/tzink/
- Win32/FakeRean and MSRT: blogs.technet.com/mmpc/
General warnings and available updates
- A Few Quiet Days.. and a New Exploit of MS08-067 Has Been Identified: blogs.technet.com/mmpc/
- Adobe Flash Player update available to address security vulnerabilities (Feb 24 2009): www.adobe.com
- ALERT: malvertizement featuring Rhapsody: msmvps.com/blogs/spywaresucks/
- ALERT: More malvertizements featuring classmates.com are being displayed at mediatakeout.com: msmvps.com/blogs/spywaresucks/
- ALERT: Three malvertizements: msmvps.com/blogs/spywaresucks/
- ALERT: treat advertising from beyond.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Treat advertising from Gilmours Media (gilmoursmedia.com) with extreme caution: msmvps.com/blogs/spywaresucks/
- Alert: treat all content from hitoptimist.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: treat the domains hit-detect.com and statsnclick.com with extreme caution: msmvps.com/blogs/spywaresucks/
- Anti-Social Networking - Win32/Koobface Malware: blogs.technet.com/mmpc/
- April 1, 2009 and Conficker: blogs.technet.com/msrc/
- Big jump in online banking fraud: news.bbc.co.uk
- Birthday Problem and Conficker: blogs.technet.com/mmpc/
- Cashing in on Conficker's Bad Name: blogs.technet.com/mmpc/
- Critical Vulnerability in All Versions of Adobe Acrobat & Adobe Reader Will Be Fixed in A Couple of Weeks: bhandler.spaces.live.com
- E-mail scams “from Windows Live”: windowslivewire.spaces.live.com
- FakeXPA Virus – The Journey Continues: blogs.technet.com/mmpc/
- Free money from an empty patch of land - Anatomy of a lottery scam: www.windowslive.com/Connect/
- iBotnet - Researchers find signs of zombie Macs: blogs.zdnet.com/security/
- In the shoes of Conficker: blogs.msdn.com/tzink/
- Information about Worm:Win32/Conficker.D: blogs.technet.com/mmpc/
- Investigating the new PowerPoint issue (April 2 2009): blogs.technet.com/srd/
- It was only a matter of time… the Apple platform become a target for criminals: blogs.technet.com/keithcombs/
- Malware - Gamburl Gone Wild: blogs.technet.com/mmpc/
- Malware - SMMthing old, SMMthing new: blogs.technet.com/mmpc/
- Malware - Winwebsec on YouTube: blogs.technet.com/mmpc/
- Microsoft puts bounty on creators of Conficker worm: www.abc.net.au/news/
- Microsoft Security Advisory (968272 - Excel): www.microsoft.com/technet/security/
- Microsoft's IE8 Catches Most 'Social Malware' - News and Analysis by PC Magazine: blogs.technet.com/mmulcare/
- More info on how to protect your PC from the Conficker worm: blogs.msdn.com/mthree/
- New 0-day Exploits Using PowerPoint Files (April 3 2009): blogs.technet.com/mmpc/
- Online Game Password Stealers Riding with 0-day DirectShow Exploits: blogs.technet.com/mmpc/
- Online Game Password Stealers - MSRT Observations: blogs.technet.com/mmpc/
- Online safety in a recession: www.windowslive.com/connect/
- Protect yourself from the Conficker computer worm: www.microsoft.com/protect/
- Rogue Facebook apps steal log-in data, send spam: news.cnet.com
- Scammers target stimulus cash: www.abc.net.au/news/
- SCAMwatch: www.scamwatch.gov.au
- Vundo Employs Worm Behavior: blogs.technet.com/mmpc/
- Where's Waledac?: blogs.technet.com/mmpc/
- Whither, Conficker: blogs.msdn.com/tzink/
- Why Facebook Is Working with Microsoft to Fight Koobface Virus: www.insidefacebook.com
- Wily Weekend Worms: blog.twitter.com
- Win32/Conficker Summary Information: www.microsoft.com/security/
Malvertisements
Sandi at Spyware Sucks investigates malware that is distributed through Flash advertisements on web sites across the Internet. Below are a list of recent warnings:
- Adobe Flash Player 10 has been released - please install: msmvps.com/blogs/spywaresucks/
- ALERT: blogads.com is serving malvertizements: msmvps.com/blogs/spywaresucks/
- ALERT: malicious content (including malware via security exploit) seen via MySpace chat: msmvps.com/blogs/spywaresucks/
- ALERT: malvertizement featuring Best Western: msmvps.com/blogs/spywaresucks/
- ALERT: malvertizement featuring HP: msmvps.com/blogs/spywaresucks/
- ALERT: malvertizement featuring Talbots: msmvps.com/blogs/spywaresucks/
- ALERT: malvertizement on display at jeuxvideo.com: msmvps.com/blogs/spywaresucks/
- ALERT: Malvertizing at guardian.co.uk: msmvps.com/blogs/spywaresucks/
- ALERT: Malvertising - safepaymentsonline.com - down the rabbit hole we go: msmvps.com/blogs/spywaresucks/
- ALERT: Please treat all content from topstarmedia.net and osmedlin.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: traffichunter.net and traffichunters.net: msmvps.com/blogs/spywaresucks/
- ALERT: Treat advertising at clevescene.net with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Treat advertising from letssingit.com with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Treat all content from Servedad with extreme caution: msmvps.com/blogs/spywaresucks/
- ALERT: Treat all content from yourdirectmedia.com with extreme caution: msmvps.com/blogs/spywaresucks/
- Announcement: the FTC goes after those behind "Winfixer" fraudware: msmvps.com/blogs/spywaresucks/
- Glowing brain malvertizement – and, once again, we find DIRECTI : msmvps.com/blogs/spywaresucks/
- koeppelinteractive.co.uk suspended: msmvps.com/blogs/spywaresucks/
- Lawyers given permission to serve debtors with default judgement through Facebook: msmvps.com/blogs/spywaresucks/
- Malicious script on the John Sands web site (johnsands.com.au): msmvps.com/blogs/spywaresucks/
- Malvertising - Olympic Media are still active: msmvps.com/blogs/spywaresucks/
- Malvertising research - Get background check on prospective partners: www.google.com/coop/
- More smoke and mirrors by the bad guys: msmvps.com/blogs/spywaresucks/
- Potential malvertizement featuring the Disney movie “Bolt”: msmvps.com/blogs/spywaresucks/
- traffichunters.net – a lesson in assessing the reliability of credit references: msmvps.com/blogs/spywaresucks/
- US shuts down 'scareware' sellers: news.bbc.co.uk
- Win32/Yektel - the Other Kind of Rogue: blogs.technet.com/mmpc/
Malware
- ALERT: Waledac Trojan Hosted by Fake Obama Website: blogs.technet.com/mmpc/
- Banload – The Other January Addition to MSRT: blogs.technet.com/mmpc/
- Centralized Information About The Conficker Worm: blogs.technet.com/mmpc/
- FakeXPA... Journey of a Rogue: blogs.technet.com/mmpc/
- Merry Malware - You’d better watch out, you’d better think twice: blogs.technet.com/mmpc/
- O Come All Ye Malware: blogs.technet.com/mmpc/
- Some Thoughts on Microsoft's Anti-Malware Strategy: blogs.technet.com/rhalbheer/
- Symantec Security Updates: www.sarc.com
- You received an Ecard!!!: blogs.msdn.com/the_hardman/
- Zlob - From Russia with Luck?: blogs.technet.com/mmpc/