security alerts

OSCAR SPAM 2009 in wild

kalyanakumar1985 — Thu, 05 Mar 2009 09:00:50 +0000

Freewebs&bee.pl is abused to spread the malware.It is spreading HTTP Fake Codec ,TROJ_FAKEAV.TJ,Js.downloader,Downloader&Win32.FraudLoad.vkva

Source
SANS INTERNET STROM CENTER
EVILFINGERS

Downadup/Conflicker worm in wild

kalyanakumar1985 — Thu, 05 Mar 2009 08:41:29 +0000

Conficker, also known as Downup, Downadup and Kido, is a computer worm which surfaced in October 2008 and targets the Microsoft Windows operating system. The worm exploits a known vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and the Windows 7 Beta

How to Prevent

Microsoft Patch download here

Removal Tools

Reference:

MS Internet Explorer 7 Memory Corruption Vulnerability Exploits(MS09-002)

kalyanakumar1985 — Thu, 05 Mar 2009 08:10:22 +0000

MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (fast)

MS Internet Explorer 7 Memory Corruption PoC (MS09-002) (win2k3sp2)

MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (py)

MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (xp sp2)

MS Internet Explorer 7 Memory Corruption PoC (MS09-002)

Malicious Code Targeting Social Networking Site Users

kalyanakumar1985 — Thu, 05 Mar 2009 07:59:37 +0000

US-CERT is aware of public reports of malicious code spreading via popular social networking sites including myspace.com, facebook.com, hi5.com, friendster.com, myyearbook.com, bebo.com, and livejournal.com. The reports indicate that the malware, named Koobface, is spreading through invitations from a user’s contact that include a link to view a video. If the users click on the link in this invitation, they are prompted to update Adobe Flash Player. This update is not a legitimate Adobe Flash Player update, it is malicious code.

Additionally, some of the reports indicate that there are multiple bogus Facebook applications being used to obtain users’ private information.

US-CERT encourages users and administrators to do the following to help mitigate the risks:

* Install antivirus software and keep the virus signature files up to date.
* Do not follow unsolicited links.
* Use caution when downloading and installing applications.
* Obtain software applications and updates directly from the vendor’s website.
* Refer to the Staying Safe on Social Networking Sites document for more information on safe use of social networking sites
THANKS TO US-CERT