Advice

Avira TechBlog: We discovered a new ransomware threat which is downloaded by a Trojan of the Oficla family. This downloaded threat replaces the MBR (master boot record) of the hard disk with its own MBR which asks the user for a password and thus blocks the loading of the operating system. Upon starting the Oficla Trojan and successive execution of the downloaded payload the system will be rebooted and the user will be presented the ransom notice. ...

Righard Zwienenberg, Chief Research Officer at Norman posted this on Norman Security Blog, Thanks to Mr.Fagerlid for sharing: I have been a user of PayPal for many years, actually ever since PayPal opened its services for international users. PayPal, originally only for US citizens, is now used worldwide with local offices in many countries. From the Dutch affiliate, I just received the next message from PayPal (the actual message was in Dutch, see picture below): ...

Avira TechBlog: Thanksgiving and according holidays are very close – a time in which many people have the time to do (online) shopping. The cyber criminals are eager for their share, so it’s time to remember some safety measures. We are expecting to see spam and phishing campaigns luring the recipients to visit malicious web sites. These web sites usually look quite legal and official. As precaution, don’t follow links from emails to online stores and online payment systems, but use bookmarks or type in the addresses directly into the browser’s address bar. And of course just visit shops which you already know. Some scams can be identified by very low prices – if they look too good to be true, they usually are! ...

With the expanding amounts of storage available on cell phones, mp3 players, digital cameras, and gaming devices it’s no surprise that malware is increasingly being transmitted over USB. avast! Software is reporting that out of 700,000 attacks reported by its Community IQ system in October, one in eight were exchanged over USB connections. “Cyber-criminals are taking advantage of people’s natural inclination to share with their friends and the growing memory capacity of USB devices,” says avast! virus analyst Jan Sirmer. ...

Microsoft has released a security advisory concerning a vulnerability affecting Internet Explorer versions 6, 7 and 8. This vulnerability may allow an attacker to execute arbitrary code. Full details here. Visit Microsoft’s page here to get full instructions. You can find the workarounds under the “Suggested Actions” twisty. The workarounds include overriding the Web site CSS with a user-defined style sheet, deploying the Enhanced Mitigation Experience Toolkit, enabling Data Execution Prevention (DEP) for Internet Explorer 7 and setting Internet and Local intranet security zone settings to “High” to block ActiveX Controls and Active Scripting in these zones. ...

Avira TechBlog: Adobe warns of a new vulnerability in Flash Player and in Reader. The problem is within authplay.dll and the corresponding .lib in the Unix versions. It allows attackers to inject malicious code like Trojans with specially prepared documents or Flash objects. The company works on a patch which it plans to release on the 9th of November. Until then, deleting the authplay library helps to prevent a successful attack. Flash or Reader will crash then when a file requests the services from authplay, but this is clearly better than having an infected system. ...

Adobe have published details of a critical vulnerability the following applications. Adobe Flash Player 10.1.85.3 and earlier versions Adobe Reader 9.4 and earlier 9.x versions Adobe Acrobat 9.4 and earlier 9.x versions The vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Reader and Acrobat 9.x. Adobe is not currently aware of attacks targeting Flash Player. ...

**Mac: Hi PC, I’m not feeling so hot today… ** PC: Oh, I know ALL about that. I think you have a virus! Security experts by and large agree that security via obscurity is not a wise model for protecting customers over the long term. That’s exactly the model Apple has employed successfully for some time now. However, its luck finally appears to be running short. ...

Windows is an attractive platform for the malware writers, in part, because of the sheer number of users. As Microsoft creep towards making their offerings more secure, applications are increasingly becoming the focus for vulnerability exploitation. Like Windows, Adobe products are a default software choice for most users. The bad guys know this and realize that its profitable to scrutinize their applications for exploitable vulnerabilities and create malware to take advantage of the fact. ...

In this edition of the Windows Desktop Report, Greg Shultz shows you how to use some of the new features in Windows 7’s Event Viewer to investigate boot time and track down issues that can cause a slowdown in the boot process. This download is available as an entry in the TechRepublic Microsoft Windows Blog. Credit to ZDNet.