Latest News
W32/Gibe-F
A new Windows worm, named W32/Gibe-F (also known as Swen), which arrives as
an email attachment masquerading as a security patch.
The emails sent out by the worm include a message which is randomly constructed
from a wide range of realistic-sounding phrases, so there is no fixed text to
watch out for. But companies such as Microsoft never send out
security patches by email.
Spam report calls on ISPs for solution
An investigative report into the problem of spam email has focused on Internet Service Providers, recommending that they take the lead on offering long-term solutions.
The 'Spam' report by the influential All Party Internet Group (APIG) concluded a wide-scale inquiry into the problem, and contained submissions from a wealth of key industry bodies including the European Forum for Electronic Business (EEMA) and the Internet Service Providers Association (ISPA), along with corporations such as AOL and Microsoft.
Contributors to the report claimed that a company of 1000 computer users with no anti-spam policy will lose over $200,000 per year on reduced productivity (Vircom Ltd), and this amounts to a total of £3.2bn per year for UK-based businesses (MessageLabs Ltd).
AOL quietly changes Windows to combat spam
Even more annoying than junk e-mail are all the spam messages that "pop up" through a little-used feature in Windows. As part of its spam-fighting efforts, America Online has been turning off that feature for its customers without telling them.
AOL spokesman Andrew Weinstein said the feedback has been all positive, and he knows of no complaints to AOL call centers about side effects on other applications that may need that feature.
Nonetheless, AOL's action worries some security experts who were told about it by The Associated Press.
"They are trying to do the right thing ... but you sort of feel dirty after you hear it," said Bruce Schneier, chief technology officer for Counterpane Internet Security Inc. "It's a very dangerous precedent in having companies go into your computer and turn things on and off."
W32.Blaster Worm
A malicious worm that exploits the RPC DCOM vulnerability reported by Microsoft
in July 2003 struck the Internet, targeting unpatched Windows 2000, XP, and
2003 machines.
For more information please visit www.microsoft.com
Not sure if you have been infected by the MS Blast, then you can download the
scanner here.
The scanner will automatically install itself in the C:\Program Files\KB823980Scan
directory.
You can download the MSBlast patches from Prolateral Consulting
W32/Sobig-F
The worm sends itself, using its own SMTP engine, as an attachment to email addresses
collected from various files on the victim's computer. When it distributes itself
via email it forges the sender's email address, making it difficult to know who
is truly infected.
The email has the following format:
Subject line:
Re: Approved
Re: Details
Re: That movie
Re: Re: My details
Re: Your application
Re: Wicked screensaver
Thank you!
Your details
Message text:
Please see the attached file for details.
See the attached file for details
Attached file:
application.pif
details.pif
document_9446.pif
document_all.pif
movie0045.pif
thank_you.pif
wicked_scr.scr
your_details.pif
your_document.pif
W32/Sobig-F also attempts to spread by copying itself to Windows network shares.
Prolateral Consulting recommends you download the latest anti-virus signatures.
For more information on W32/Sobig and how to remove it click
here.
|
+44 (0)8450 763 760 
+44 (0)8450 763 761
