You may receive a [...]]]> Another Trojan Email popped into the spam basket today, this one entitled Facebook Password Reset Confirmation. The Email, purporting to be from Facebook, claims that the user’s Facebook password has been changed and informs them that the new password can be found in an attached document, which is a zip file.

You may receive a email claiming to be from Facebook Manager titled “Facebook Password Reset Confirmation. Important Message”. The message is a trick designed to fool recipients into installing a trojan on their computer.

Those who open the attached file, Facebook_password_3921.zip in this case, ostensibly to view their new password, will in fact be launching a copy of the Bredolab Trojan. Once downloaded, the virus gives the sender complete control of the target computer, allowing cyber criminals to potentially spy on users of the computer or use it to steal personal information or distribute more spam

As with any such dodgy emails, or unsolicited attachments, the best action is to delete the lot, and think no more about it.

Click here to find out more about the Bredolab Trojan on symantic.com.

As noted in the Bristol Programming blog, the numbers are almost unbelievable. Together with an undisclosed number of desktops in the Ministry [...]]]> Does it seem odd that with Chinese hackers exploiting Internet Explorer 6 vulnerabilities to infiltrate Google’s network, so many Government departments are actively prevented from upgrading to a safer, more usable browser?

As noted in the Bristol Programming blog, the numbers are almost unbelievable. Together with an undisclosed number of desktops in the Ministry of Justice using the vulnerable and out of date browser, the figures for IE6 in Government are breathtaking:

• More than 750,000 workstations in the NHS
• 500,000 in the Department of Work and Pensions
• 300,000 in the Ministry of Defence

Is it possible that the cost to Government that outsourced IT providers would demand to upgrade the browser are so high that it is worth the risk of compromise? There must be some major national security threat if users ever get the ability to use tabbed browsing; what else could explain the reluctance to upgrade? Perhaps some bold MP would like to ask the question in Parliament.

To read the original article click here to visit the Bristol Programming blog

The amount of email that [...]]]> Another one of those pesky email hoaxes popped into our in-box today. It was the Simon Ashton hoax, with the warning forwarded by a well meaning friend. As we tell all our staff, collogues, customers and friends, the email hoax works because people think “better safe than sorry”

The amount of email that a typical hoax can generate is a major cost to organisations. Just think of a company with 60 employees; if each person takes a minute to read a hoax virus email, that will cost an hour of lost productivity. Then if half of them spend a couple of minutes forwarding it to their friends, that is another hour lost! Once a few people in your company have received a warning and mailed it to all their friends and colleagues, a mail overload can easily result.

We support the advice that companies should consider circulating a policy on virus hoaxes to all their staff, in an attempt to avoid the costs involved.

For a sample anti hoax virus policy click here to visit Sophos – Don’t fall for a virus hoax

We always advise people to check these messages out via a reputable website like McAfee or Sophos, because many of them [...]]]> Today we recieved one of the emails that you get occasionally, which promises a masivly damaging virus is just about to strike. This one had the headline HUGE VIRUS COMING! PLEASE READ & FORWARD!

We always advise people to check these messages out via a reputable website like McAfee or Sophos, because many of them are hoaxes. In fact they are realy a form of computer virus that is spread by well meaning people. The message is usually a chain e-mail that tells the recipient to forward it to everyone they know. Some IT specialists consider virus hoaxes and other chain e-mails to be a computer worm in and of themselves, as they replicate by exploiting users’ ignorance or emotional responses.

McAfee advise users who receive the email to delete it and DO NOT pass it on, as this is how an email HOAX propagates.

Click here to visit McAfee Virus Hoaxes
Click here to visit Sophos Don’t fall for a virus hoax

“There’s no indication that this attack is [...]]]> The popular social networking site Twitter has been hit by a denial of service attack, according to Twitter co-founder Biz Stone. In an e-mail to CNN.com, Stone said this morning’s attack is not related to a recent incident in which a hacker stole internal documents from the site.

“There’s no indication that this attack is related to any previous activities. We are currently the target of a denial of service attack,” Stone said in the e-mail. Approximately 45 million people worldwide now rely on Twitter as a communication platform, and a number of them will be greatly inconvenienced.

Denial-of-service attacks are a common weapon employed by cyber criminals to disrupt the working of Web sites. Perpetrators enlist millions of computers to attempt to access a particular site. The site cannot handle the massive increase in traffic, and is rendered inaccessible.

While disruptive and hard to trace, this type of cyber attack is considered by experts to be a relatively unsophisticated technique. The attack itself doesn’t attempt to infiltrate the internal operations of a company’s computer infrastructure. It simply renders its Web site inactive.

Twitter’s status update said: “We are defending against a denial-of-service attack, and will update status again shortly.” The millions of Twitter fans who have been disrupted by this attack will no doubt give vent over the next few days. I confidently expect to see Twitter and Denial-Of-Service at the top of the Google hit chart shortly!

For more on the CNN story Click Here to visit CNN Money

To follow me on Twitter when it is back up, Click on BGT666

Conficker – also known [...]]]> Conficker worm infected machines may comprise one of the biggest networks of robot computers (botnets) in Internet history if security experts’ fears are proved correct. From midnight on 1 April, the Conficker program will start scanning thousands of websites for a new set of instructions telling it what to do next.

Conficker – also known among security experts as “Downadup” was first discovered in November last year, being sold as part of a kit by a Chinese hacker. Since then, two variants have been spotted in the wild as the virus has gone on to infect more than 10m PCs.

Microsoft has offered a bounty of $250,000 (£176,000) for the identity of Conficker’s creator, who currently remains unknown. Usual methods of unpacking the virus code to examine its workings have been thwarted because the authors have encrypted it, using algorithms that render it almost uncrackable.

For more aspects of this story see Conficker virus – deadly threat or April Fool’s joke

Karalon Technology are the Vendors of a product called Traffic IQ Pro which is used by many large companies and organisations such as Cisco Systems, Juniper Networks, Singapore Government, Microsoft, HP, AT&T, [...]]]> The other day I passed a pleasant few minutes chatting on the phone to a nice guy called Dominic, from Karalon Technology.

Karalon Technology are the Vendors of a product called Traffic IQ Pro which is used by many large companies and organisations such as Cisco Systems, Juniper Networks, Singapore Government, Microsoft, HP, AT&T, BT, US Army and many more global organisations. Situated in London, they are the market leaders of industry approved solutions for auditing and testing the recognition and response capabilities of network based corporate security defences (Firewalls/IPS/IDS- Devices /UTM’s and Routers).

This software not only tests security infrastructure to make sure that bad traffic cannot get in or out, but also tests to make sure that legitimate production traffic can enter and exit the network all in a safe, accurate, repeatable and easy to use testing platform.

If you want to find out more about this technology click here for Karalon and Traffic IQ Pro. Fully functional applications are available to download free from Karalon Downloads. They also have a movie
which you can click here to view.

Prompting the highest vulnerability rating, Microsoft credited Palo Alto Networks exclusively with the discovery [...]]]> Palo Alto Networks of Sunnyvale, California, has announced that its Threat Research Team discovered one of the six critical vulnerabilities communicated in Microsoft’s Patch Tuesday security bulletin this week. The exploited vulnerability could allow a hacker full system access and control.

Prompting the highest vulnerability rating, Microsoft credited Palo Alto Networks exclusively with the discovery of Word Memory Corruption Vulnerability (CVE-2008-4026). The vulnerability exists in the way that Microsoft Word handles certain Word files.

An attacker could deliver a seemingly innocent document to a user via email, IM or as a download from a Website. If opened, the execution would enable an attacker to take complete control of an affected system, allowing them to then install programs; view, change, or delete data; or create new accounts with full user rights. The vulnerability exists in both the Microsoft Office 2003 and 2007 versions.

For full details of this press release click on Palo Alto Networks Discovers Critical Vulnerability in Microsoft Word
For more details from Microsoft click on MS08-072