Archive for the ‘News’ Category

Yet another reason (as if you needed any more) to keep your anti-virus and anti-malware programs up-to-date.

Even mainstream websites can (indirectly) be a source for malware and “drive-by” attacks, when the ad service includes an advertisement with malware attached.

See the article on arstechnica.com, My browser visited Weather.com and all I got was this lousy malware for more details.

Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

Malvertising is a particularly pernicious form of attack because it can infect people who do nothing more than browse to a mainstream site. Depending on the exploit, it can silently hijack computers even when visitors don’t click on links.

Note, too, the closing sentence in that article:

There’s no indication the attacks were exploiting vulnerabilities in fully patched software. That underscores the importance of installing security updates as soon as they become available.

 

Here’s a question for you.  If you wanted to create some piece of malware that would survive replacing the hard drive, flashing the BIOS, and reinstalling the O/S from a clean set of disks, and with no network connection, how would you do it?  Seems impossible, doesn’t it?  How could an infection get back in without any way for the infection to have survived the “wipe and start over” process?

Well, a well-known hacker named Charlie Miller found a way… the battery.

Continue reading ‘Latest security risk — your laptop’s battery’ »

For those of us who follow our BlogTalkRadio show, you may have noticed we haven’t had one for a few weeks.  It’s just the usual end-of-summer/back-to-school rush at the end of August that’s been keeping us too busy.  We plan on resuming our show soon, though we will probably be mid-week rather than Sunday.

BTW, I wanted to post this on our BTR blog, but they have removed that feature.  (Existing posts remain, but you can’t add or change posts.)  So much for the “B”.

Here’s an article on Mobile Redirect with an interesting twist on the recent worm.

This is an amazing by-product of social networks. The ability for users to identify and kill viruses, worms, trojan horses, etc. These types of unique social network ecosystems reflect activity existant in the natural world.

[…]

“Social networks have built-in antibodies…their users,” said Sean Sullivan of the Finnish security company F-Secure. “Compare the Twitter attack to a malicious attack of yesteryear that took weeks or even months to develop. This peaked and ebbed in two and a half hours,” Sullivan said.

That’s not to say that spammers don’t love sites like Twitter, because all they care about is finding some sucker to buy their product. A two-hour flood of spams is “great”, as far as they are concerned. But, it’s an interesting concept regarding worms and other malware on such sites.

Thoughts?  Comments?  Leave them in the comment area below.  Thanks.

Is this the first case of computer malware causing human deaths? Perhaps. But it certainly won’t be the last.

As noted in a recent MSNBC article:

Authorities investigating the 2008 crash of Spanair flight 5022 have discovered a central computer system used to monitor technical problems in the aircraft was infected with malware.

An internal report issued by the airline revealed the infected computer failed to detect three technical problems with the aircraft, which if detected, may have prevented the plane from taking off, according to reports in the Spanish newspaper, El Pais.

Flight 5022 crashed just after takeoff from Madrid-Barajas International Airport two years ago today, killing 154 and leaving only 18 survivors.