Online Hygiene News: Virus / Hacking / Spam Notes & Alerts
- Thread starter stu neville
- Start date
Mal_Adjusted
Justified & Ancient
- Joined
- Aug 6, 2003
- Messages
- 2,246
Hi
more on this story:
quote
---------------
JPEG exploit toolkit spotted online
http://www.theregister.co.uk/2004/09/24/jpeg_exploit_toolkit/
By John Leyden
Published Friday 24th September 2004 16:32 GMT
A toolkit designed to exploit a recently-disclosed Microsoft JPEG vulnerability has been released onto the net. The toolkit (screen shot from AV firm F-Secure here) makes it trivially easy for maliciously-minded attackers, however unskilled they might be, to exploit unpatched Windows systems and run malicious code.
The attack mechanism used here takes advantage of a recently discovered flaw in the way Microsoft applications process JPEG image files. Malformed JPEG files are capable of triggering a buffer overflow in a common Windows component (the GDI+ image viewing library), it was revealed last week. This behaviour creates a ready mechanism to inject exploit code into vulnerable systems. Windows XP and Windows Server 2003 make use of vulnerable library by default. Other Windows OSes might be vulnerable, depending on what applications users have installed.
-------------
endquote
Mal F
quote
---------------
JPEG exploit toolkit spotted online
http://www.theregister.co.uk/2004/09/24/jpeg_exploit_toolkit/
By John Leyden
Published Friday 24th September 2004 16:32 GMT
A toolkit designed to exploit a recently-disclosed Microsoft JPEG vulnerability has been released onto the net. The toolkit (screen shot from AV firm F-Secure here) makes it trivially easy for maliciously-minded attackers, however unskilled they might be, to exploit unpatched Windows systems and run malicious code.
The attack mechanism used here takes advantage of a recently discovered flaw in the way Microsoft applications process JPEG image files. Malformed JPEG files are capable of triggering a buffer overflow in a common Windows component (the GDI+ image viewing library), it was revealed last week. This behaviour creates a ready mechanism to inject exploit code into vulnerable systems. Windows XP and Windows Server 2003 make use of vulnerable library by default. Other Windows OSes might be vulnerable, depending on what applications users have installed.
-------------
endquote
Mal F
A
Anonymous
Guest
- Joined
- Aug 7, 2001
- Messages
- 54,631
EXCLUSIVE: Computer virus strikes firms
Saturday, November 15, 2008, 10:00
HUNDREDS of businessmen and women across the Westcountry have been hit by a computer virus spread via a popular social networking website.
The computer users are all "friends" with each other on the Facebook website, which is increasingly used as a marketing and networking tool by businesses.
The Trojan virus spreads itself through address books and locks people out of their computer systems. It then steals information kept on computers, including details of e-mail accounts, passwords, names and addresses.
Toby Parkins, managing director of Cornish web development firm UKNetWeb, advises businesses on the best use of social media platforms such as Facebook. He said people using the site needed to "exercise caution" and delete any messages they were unsure about.
"Messages of this kind have been appearing on Facebook since its conception in 2004. However, this one appears to be particularly virulent.
"The title of the dodgy message varies with messages such as 'Maan, yyou're great!' (sic) and 'your ass looks not bad in this video' forming part of the message body or Facebook wall posting.
"With many businesses now using the network as a marketing tool, this kind of infection can be extremely damaging to their interests with the messages appearing in their contacts' inboxes or walls without their knowledge. You should ensure that your computer has the latest anti-virus and anti-phishing software installed and run on a daily basis."
Once clicked, the virus link forwards users to a site which hunts for a file on their PC known as a cookie and prompts them to update their video or Adobe Flash software.
But once accepted, the Trojan virus proceeds to lock the user out of their Facebook account and sends messages to people on their friend list with a similar message, further spreading the virus. The virus is part of what computer experts call a "blended attack", where a series of different techniques are used together to gather personal data.
Fiona Crump, a company director in Cornwall, is a victim of the virus in her personal Facebook account. It was sent to her by a trusted source and she believes it is also behind further problems she is now having with her home computer.
"It is a major irritation. I consider myself to be pretty computer-savvy and I know what to avoid. I don't open things I am sent that look dodgy. But it looked very plausible," she said.
Facebook has now taken steps to deactivate malicious links in messages through the network.
http://www.thisiswesternmorningnews.co. ... ticle.html
Saturday, November 15, 2008, 10:00
HUNDREDS of businessmen and women across the Westcountry have been hit by a computer virus spread via a popular social networking website.
The computer users are all "friends" with each other on the Facebook website, which is increasingly used as a marketing and networking tool by businesses.
The Trojan virus spreads itself through address books and locks people out of their computer systems. It then steals information kept on computers, including details of e-mail accounts, passwords, names and addresses.
Toby Parkins, managing director of Cornish web development firm UKNetWeb, advises businesses on the best use of social media platforms such as Facebook. He said people using the site needed to "exercise caution" and delete any messages they were unsure about.
"Messages of this kind have been appearing on Facebook since its conception in 2004. However, this one appears to be particularly virulent.
"The title of the dodgy message varies with messages such as 'Maan, yyou're great!' (sic) and 'your ass looks not bad in this video' forming part of the message body or Facebook wall posting.
"With many businesses now using the network as a marketing tool, this kind of infection can be extremely damaging to their interests with the messages appearing in their contacts' inboxes or walls without their knowledge. You should ensure that your computer has the latest anti-virus and anti-phishing software installed and run on a daily basis."
Once clicked, the virus link forwards users to a site which hunts for a file on their PC known as a cookie and prompts them to update their video or Adobe Flash software.
But once accepted, the Trojan virus proceeds to lock the user out of their Facebook account and sends messages to people on their friend list with a similar message, further spreading the virus. The virus is part of what computer experts call a "blended attack", where a series of different techniques are used together to gather personal data.
Fiona Crump, a company director in Cornwall, is a victim of the virus in her personal Facebook account. It was sent to her by a trusted source and she believes it is also behind further problems she is now having with her home computer.
"It is a major irritation. I consider myself to be pretty computer-savvy and I know what to avoid. I don't open things I am sent that look dodgy. But it looked very plausible," she said.
Facebook has now taken steps to deactivate malicious links in messages through the network.
http://www.thisiswesternmorningnews.co. ... ticle.html
- Joined
- Aug 7, 2001
- Messages
- 54,631
Computer virus strikes at three London hospitals
John Carvel, social affairs editor guardian.co.uk,
The IT systems at three London hospitals were shut down yesterday after succumbing to an unidentified computer virus. Managers at St Bartholomew's and the London NHS trust called a state of emergency when the system became heavily overloaded after the virus struck on Monday.
Engineers shut down email systems and internet access at Bart's hospital in the City, the Royal London in Whitechapel, and the London chest hospital in Bethnal Green, east London, and used back-up systems to keep operating theatres and outpatient clinics in service. Ambulances were diverted to other hospitals. The patient transport system used by elderly and disabled patients to attend routine appointments was also disrupted.
A spokesman said the engineers believed they had contained the virus on Monday night, but the system crashed when staff logged on yesterday. He said: "There is no indication that this was a malicious attack, but engineers are still investigating where the virus came from and what it is." The bug did not infect the patient record system and there was no evidence that it spread to other trusts.
The shutdown came as a survey by the GPs' newspaper Pulse revealed widespread breaches of computer security by NHS staff. Doctors and nurses are issued with smartcards that can be used to access electronic medical records.
In a survey of more than 300 GPs, Pulse found one in six were aware of NHS staff in their area sharing smartcards, usually to circumvent cumbersome log-on procedures or to make data available at several terminals. About 5% of GPs admitted sharing their own smartcard.
A Connecting for Health spokesperson said: "Healthcare staff should not share smartcards and if smartcards are used improperly disciplinary procedures should follow."
http://www.guardian.co.uk/technology/20 ... curity-nhs
John Carvel, social affairs editor guardian.co.uk,
The IT systems at three London hospitals were shut down yesterday after succumbing to an unidentified computer virus. Managers at St Bartholomew's and the London NHS trust called a state of emergency when the system became heavily overloaded after the virus struck on Monday.
Engineers shut down email systems and internet access at Bart's hospital in the City, the Royal London in Whitechapel, and the London chest hospital in Bethnal Green, east London, and used back-up systems to keep operating theatres and outpatient clinics in service. Ambulances were diverted to other hospitals. The patient transport system used by elderly and disabled patients to attend routine appointments was also disrupted.
A spokesman said the engineers believed they had contained the virus on Monday night, but the system crashed when staff logged on yesterday. He said: "There is no indication that this was a malicious attack, but engineers are still investigating where the virus came from and what it is." The bug did not infect the patient record system and there was no evidence that it spread to other trusts.
The shutdown came as a survey by the GPs' newspaper Pulse revealed widespread breaches of computer security by NHS staff. Doctors and nurses are issued with smartcards that can be used to access electronic medical records.
In a survey of more than 300 GPs, Pulse found one in six were aware of NHS staff in their area sharing smartcards, usually to circumvent cumbersome log-on procedures or to make data available at several terminals. About 5% of GPs admitted sharing their own smartcard.
A Connecting for Health spokesperson said: "Healthcare staff should not share smartcards and if smartcards are used improperly disciplinary procedures should follow."
http://www.guardian.co.uk/technology/20 ... curity-nhs
- Joined
- May 3, 2004
- Messages
- 331
Greetings,
I am so fkn mad right now that I could give a programmer a very bad day.
I updated my a-squared software, and it did, indeed put maleware on my machine.
I did a system restore and lost a few files.
I wonder at some person who would try to fk with my machine, when in fact they don't even know who the hell I am.
I will tell ya, If you can break a 32pcs alfa numeric code for my diary, go for it.
This machine is for netwerk.
Nothing to see here, but, godammit, I am paranoid enough with out some programmer putting bs on my machine.
Did that happen?
I think it did.
It is my sole opinion, and in no way endorsed by anyone else on this board.
F**K YOU A-Squared!
PEACE!
Buck
I am so fkn mad right now that I could give a programmer a very bad day.
I updated my a-squared software, and it did, indeed put maleware on my machine.
I did a system restore and lost a few files.
I wonder at some person who would try to fk with my machine, when in fact they don't even know who the hell I am.
I will tell ya, If you can break a 32pcs alfa numeric code for my diary, go for it.
This machine is for netwerk.
Nothing to see here, but, godammit, I am paranoid enough with out some programmer putting bs on my machine.
Did that happen?
I think it did.
It is my sole opinion, and in no way endorsed by anyone else on this board.
F**K YOU A-Squared!
PEACE!
Buck
Mythopoeika
I am a meat popsicle
- Joined
- Sep 18, 2001
- Messages
- 51,690
- Location
- Inside a starship, watching puny humans from afar
Hi Buckeye, try downloading Malwarebytes' Anti-Malware, SUPERAntiSpyware Free Edition, and Spybot: Search and Destroy. All free of charge.
Between them, they should be able to clear out the malware.
Between them, they should be able to clear out the malware.
- Joined
- May 3, 2004
- Messages
- 331
No Doubt, I think the most common times you will find yourself getting virus's and hacked are times when your doing some flaming and making fun of people via chat programs and the such which often times will you do it enough times, you'll catch someone knowledgeable enough to do something destructive.
That or looking at porn and searching for the top search strings
That or looking at porn and searching for the top search strings
- Joined
- Sep 19, 2005
- Messages
- 264
I've actually been hearing that banner ads are one of the top sources of viruses, nowadays.
I have heard alot of scary things from reading news articles daily here :
http://www.rootsecure.net/?p=news_feeds_console
I also read somewhere this week that 4 Canadians purchased American Defensive sensitive information in Africa, as computers being shipped over there from the government, their actual hard drives have not been erased, exposing very sensitive security details. 60,000 Rupees I believe was the selling price.
Amazing to hear about all our old computers are sent to other places over the world that rip them up and do this without the safety screening and environmental concerns aside, there was a news article on this / tv show that followed these computers from American Soil claiming it was " safely disposing your computer equipment and electrical materials " where they eventually was up in China or India or Africa where they are not safely dismantled!
Also to note, JPEGS, GIFS, MP3's, MPeg4's almost all types of media formats can have virii written into them, as all these files broken down are made up of codes that can have other codes thrown into them without effecting the overall file.
As previously stated, if you keep to doing legitimate things on the internet your normally not at risk Such as life, there are no absolute guarantees 
http://www.rootsecure.net/?p=news_feeds_console
I also read somewhere this week that 4 Canadians purchased American Defensive sensitive information in Africa, as computers being shipped over there from the government, their actual hard drives have not been erased, exposing very sensitive security details. 60,000 Rupees I believe was the selling price.
Amazing to hear about all our old computers are sent to other places over the world that rip them up and do this without the safety screening and environmental concerns aside, there was a news article on this / tv show that followed these computers from American Soil claiming it was " safely disposing your computer equipment and electrical materials " where they eventually was up in China or India or Africa where they are not safely dismantled!
Also to note, JPEGS, GIFS, MP3's, MPeg4's almost all types of media formats can have virii written into them, as all these files broken down are made up of codes that can have other codes thrown into them without effecting the overall file.
As previously stated, if you keep to doing legitimate things on the internet your normally not at risk
Such as life, there are no absolute guarantees - Joined
- Aug 23, 2001
- Messages
- 1,587
Ubuntu is a Debian GNU/*nix distro.
There's a fair bit of nonsense on this thread it seems to me - the reason most viruses (deffo not 'virii') don't affect non-Windows OSs is not because they were authored on non-Windows OSs. Peer-to-peer file sharing, keygens and warez are not a kind of internet attack, although they can often be a form of copyright infringement. Legitimate anti-virus software you've installed doesn't act in any way like a trojan, but it may be badly written, resource-gobbling crap. Zombies don't 'switch themselves on' to participate in DDos attacks and I'm pretty sure infinitely more people infect their computers by clicking 'yes' than by angering the 'internet underworld' on MBs, IMs or IRC.
And I'd be grateful if you could tell me where in Africa I can spend my rupees, on military secrets or otherwise.
There's a fair bit of nonsense on this thread it seems to me - the reason most viruses (deffo not 'virii') don't affect non-Windows OSs is not because they were authored on non-Windows OSs. Peer-to-peer file sharing, keygens and warez are not a kind of internet attack, although they can often be a form of copyright infringement. Legitimate anti-virus software you've installed doesn't act in any way like a trojan, but it may be badly written, resource-gobbling crap. Zombies don't 'switch themselves on' to participate in DDos attacks and I'm pretty sure infinitely more people infect their computers by clicking 'yes' than by angering the 'internet underworld' on MBs, IMs or IRC.
And I'd be grateful if you could tell me where in Africa I can spend my rupees, on military secrets or otherwise.
Liz don't be a hater ! lol
Searching Warez will without a doubt find you in deeper waters Bot nets do exist and I'd consider then infected like Zombies
As for where to send rupees, you can address all of them to Blind Dog Fulton out on the Crossroads
people do tend to get them by saying " yes " but never the less its always good to note the other info
I'll look for the link for the African stuff though
Searching Warez will without a doubt find you in deeper waters
Bot nets do exist and I'd consider then infected like Zombies As for where to send rupees, you can address all of them to Blind Dog Fulton out on the Crossroads
people do tend to get them by saying " yes " but never the less its always good to note the other info
I'll look for the link for the African stuff though
http://www.cbc.ca/technology/story/...ata-british-columbia-journalism-students.html
^^^^ African Article
http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=217000166
^^^^ botnet ( zombies )
^^^^ African Article
http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=217000166
^^^^ botnet ( zombies
)- Joined
- Aug 23, 2001
- Messages
- 1,587
I'm not a hater, I'm just grumpy pedant.
Of course there are bot nets, but neither infected machines nor the infections themselves 'switch themselves on', they both have to be running in the first place when the call to DoS attack arrives - this might seem a small point, but a lot of people are very scared of their computers generally and of malware in particular, and I don't like to think of them worrying that their PCs are going to power up of their own volition in the night.
Yes, warez websites, like porn sites, can be riddled with malware, as can P2P software, keygens, that copied MSOffice cd you buy at a car boot sale, or indeed anything you download, especially if it is a bit 'dodgy' ..... but that doesn't mean any of those things are malware and anyone who hears the word 'torrent' should immediately pull out their network/modem cable to be on the safe side.
I've heard so much nonsense from genuinely frightened people over the years - 'someone told me this virus would cook my hard drive like a microwave and I'm worried the radiation will harm the cat' etc - that I think it pays to be quite careful when discussing these things in general company.
The African article says the dodgy data cost $40, not 60000 rupees - I only pointed that one out because I don't think anywhere in Africa has used the rupee as currency for coming on a century ...... but I could very easily be wrong on that one.
I don't know who Blind Dog Fulton is - not a blues musician, surely?
Of course there are bot nets, but neither infected machines nor the infections themselves 'switch themselves on', they both have to be running in the first place when the call to DoS attack arrives - this might seem a small point, but a lot of people are very scared of their computers generally and of malware in particular, and I don't like to think of them worrying that their PCs are going to power up of their own volition in the night.
Yes, warez websites, like porn sites, can be riddled with malware, as can P2P software, keygens, that copied MSOffice cd you buy at a car boot sale, or indeed anything you download, especially if it is a bit 'dodgy' ..... but that doesn't mean any of those things are malware and anyone who hears the word 'torrent' should immediately pull out their network/modem cable to be on the safe side.
I've heard so much nonsense from genuinely frightened people over the years - 'someone told me this virus would cook my hard drive like a microwave and I'm worried the radiation will harm the cat' etc - that I think it pays to be quite careful when discussing these things in general company.
The African article says the dodgy data cost $40, not 60000 rupees - I only pointed that one out because I don't think anywhere in Africa has used the rupee as currency for coming on a century ...... but I could very easily be wrong on that one.
I don't know who Blind Dog Fulton is - not a blues musician, surely?
yeah Blind Dog Fulton was from a Movie called Crossroads where a blues guy sells his soul to the Devil and the Karate Kid ( lightning boy ) a classical trained guitarists quits school and joins this old Dog on his last trip back to Mississippi to have a guitar battle with the devil to try to win Fultons soul back haha
I hear you with the widespread panic, I'm a bit of an Agent of Chaos sometimes and usually cross my facts with perceptions !
I hear you with the widespread panic, I'm a bit of an Agent of Chaos sometimes and usually cross my facts with perceptions !
- Joined
- Aug 23, 2007
- Messages
- 107
Ubuntu is free.
- Joined
- Jul 31, 2001
- Messages
- 5,823
My daughter has picked up a trojan, she has AVG but it still got through, anyone know of a free download that will get rid?
- Joined
- Oct 29, 2003
- Messages
- 3,534
- Joined
- Aug 10, 2005
- Messages
- 11,990
Malwarebytes is worth a go, too. I've used it successfully, in the past.
http://www.malwarebytes.org/
http://www.malwarebytes.org/
- Joined
- Jul 31, 2001
- Messages
- 5,823
Thanks, I'll look int those.
ramonmercado
CyberPunk
- Joined
- Aug 19, 2003
- Messages
- 58,269
- Location
- Eblana
Peripart said:
Ah! You found his Achilles Heel.
- Joined
- Mar 9, 2002
- Messages
- 13,692
Enough of the hectoring.
Anyhoo, since switching to Comodo for both firewall and AV I've (touch wood) had no problems whatsoever.
Anyhoo, since switching to Comodo for both firewall and AV I've (touch wood) had no problems whatsoever.
ramonmercado
CyberPunk
- Joined
- Aug 19, 2003
- Messages
- 58,269
- Location
- Eblana
stuneville said:
Ajax is good for cleaning up a mess.
Err, nothing to add that will help with virus' though.
Avira is a very good anti-virus, top of a poll in PC Advisor (free email newsletter, lots of reviews)
Spybot S&D also very good .I used to have AVG but something got past it .Did this trojan get in via a torrent or download? They are full of bugs.
Spybot S&D also very good .I used to have AVG but something got past it .Did this trojan get in via a torrent or download? They are full of bugs.
