Eye on Security: Windows Ransomware, DLL Hole, Malware, and More
- Dr. Roy Schestowitz
- 2010-09-03 06:46:58 UTC
- Modified: 2010-09-03 06:46:58 UTC
Summary: Menaces and unpleasant 'niceties' that only affect users of Windows this week
●
Russian cops cuff 10 ransomware Trojan suspects [
via]
PCs infected by the WinLock Trojan at the centre of the scam were rendered unusable because the malware disabled key Windows components. More embarrassingly pornographic images were displayed on compromised machines, IDG adds.
●
Polymorphic ransomware tops malware charts
Ransomware variant TotalSecurity is topping the malware charts, according to the latest threat report from security firm Fortinet.
August was the biggest comeback month since March for TotalSecurity, which locks out applications and data, and then demands a ransom to restore access.
●
Microsoft Releases 'Fix It' for DLL Hole
The DLL security vulnerability first grabbed headlines in August when a Slovenian security research firm pointed out that, under some circumstances, a malicious hacker could deploy a booby-trapped DLL file into a directory where Windows will load it, potentially granting the attacker control over the system. But it later surfaced that a U.S. security researcher had warned Microsoft about the DLL issue almost a year before, and had even published an academic paper on the threat last month.
●
Google Code hosting malware-spreading project
Google Code's project hosting feature has occasionally been used by malicious individuals for storing and spreading malware.
[...]
After this discovery was made public, Google removed the offending project. But this instance shows that the company must find a better way of detecting malware hosted on its sites.
●
University loses nearly 1 million dollars to malware
Thieves appear to have stolen the funds from University of Virginia after compromising a computer belonging to the University's Financial Controller. Malware intercepted the Online Banking Credentials for the University's Bank accounts and initiated a fraudulent wire transfer for $996,000 to a Bank in China.
●
25 percent of Windows malware now targets USB storage devices
In a survey of small businesses, PandaLabs discovered that 48 percent had been victims of malware in the past year. Of those businesses infected, 27 percent were able to verify that a compromised USB device was at the root of the issue.
●
New malware detects browser, shows fake malware warning page
While the malware is a pretty good attempt, it's not perfect. The goal is to get the user to download and install something, shelling out some cash in the process, which neither of the three browser vendors would ever recommend. The Firefox warning page, meanwhile, has an obvious typo ("Get me our of here"). In addition, it's suspicious that a webpage is going out of its way to tell you it is protecting your purchase. It's also not hard to check that the supposedly detected files do not actually exist on the user's computer. All of these missteps should raise red flags immediately; having said that, we've still not before seen this level of detail and effort from the bad guys.
●
Heartland pays another $5.4m for malware infection
The United States' fourth largest credit card payments processing company Heartland Payment Systems has agreed to pay a US$5 million ($5.4 million) settlement to its financial services customer Discover over a data breach caused by a malware infection.
Heartland processed card payments for Visa, Mastercard and other financial service providers to the tune of US$70 billion in 2009.
●
Rogue Win7 AV Copies the Microsoft Security Essentials Site
There are downsides to market success, and in the case of Microsoft Security Essentials is that attackers build malware designed to piggy-back ride the free security solution from Microsoft.
Recent Techrights' Posts
- A Week After a Worldwide Windows Outage Microsoft is 'Bricking' Windows All On Its Own, Cannot Blame Others Anymore
- A look back at a week of lousy press coverage, Microsoft deceit, and lessons to be learned
-
- Links 26/07/2024: Tesco Cutbacks and Fake Patent Courts
- Links for the day
- Links 26/07/2024: Grimy Residue of the 'AI' Bubble and Tensions Around Alaska
- Links for the day
- Gemini Links 26/07/2024: More Computers and Tilde Hosting
- Links for the day
- Links 26/07/2024: "AI" Hype Debunked and Elon Musk's "X" Already Spreads Political Disinformation
- Links for the day
- "Why you boss is insatiably horny for firing you and replacing you with software."
- Ask McDonalds how this "AI" nonsense with IBM worked out for them
- No Olympics
- We really need to focus on real news
- Nobody Holds the GNOME Foundation Accountable (Not Even IRS), It's Governed by Lawyers, Not Geeks, and Headed by a Shaman Crank
- GNOME is a deeply oppressive institutions that eats its own
- [Meme] The 'Modern' Web and 'Linux' Foundation Reinforcing Monopolies and Cementing centralisation
- They don't care about the users and issuing a few bytes with random characters costs them next to nothing. It gives them control over billions of human beings.
- 'Boiling the Frog' or How Online Certificate Status Protocol (OCSP) is Being Abandoned at Short Notice by Let's Encrypt
- This isn't a lack of foresight but planned obsolescence
- When the LLM Bubble Implodes Completely Microsoft Will be 'Finished'
- Excuses like, "it's not ready yet" or "we'll fix it" won't pass muster
- "An escalator can never break: it can only become stairs"
- The lesson of this story is, if you do evil things, bad things will come your way. So don't do evil things.
- When Wikileaks Was Still Primarily a Wiki
- less than 14 years ago the international media based its war journalism on what Wikileaks had published
- The Free Software Foundation Speaks Out Against Microsoft
- the problem is bigger than Microsoft and in the long run - seeing Microsoft's demise - we'll need to emphasise Software Freedom
- IRC Proceedings: Thursday, July 25, 2024
- IRC logs for Thursday, July 25, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day
- Links 26/07/2024: E-mail on OpenBSD and Emacs Fun
- Links for the day
- Links 25/07/2024: Talks of Increased Pension Age and Biden Explains Dropping Out
- Links for the day
- Links 25/07/2024: Paul Watson, Kernel Bug, and Taskwarrior
- Links for the day
- [Meme] Microsoft's "Dinobabies" Not Amused
- a slur that comes from Microsoft's friends at IBM
- Flashback: Microsoft Enslaves Black People (Modern Slavery) for Profit, or Even for Losses (Still Sinking in Debt Due to LLMs' Failure)
- "Paid Kenyan Workers Less Than $2 Per Hour"
- From Lion to Lamb: Microsoft Fell From 100% to 13% in Somalia (Lowest Since 2017)
- If even one media outlet told you in 2010 that Microsoft would fall from 100% (of Web requests) to about 1 in 8 Web requests, you'd probably struggle to believe it
- Microsoft Windows Became Rare in Antarctica
- Antarctica's Web stats still near 0% for Windows
- Links 25/07/2024: YouTube's Financial Problem (Even After Mass Layoffs), Journalists Bemoan Bogus YouTube Takedown Demands
- Links for the day
- Gemini Now 70 Capsules Short of 4,000 and Let's Encrypt Sinks Below 100 (Capsules) as Self-Signed Leaps to 91%
- The "gopher with encryption" protocol is getting more widely used and more independent from GAFAM
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, July 24, 2024
- IRC logs for Wednesday, July 24, 2024
- Techrights Statement on YouTube
- YouTube is a dying platform
- [Video] Julian Assange on the Right to Know
- Publishing facts is spun as "espionage" by the US government and "treason" by the Russian government, to give two notable examples
- Links 25/07/2024: Tesla's 45% Profit Drop, Humble Games Employees All Laid Off
- Links for the day
- Gemini Links 25/07/2024: Losing Grip and collapseOS
- Links for the day
- LWN (Earlier This Week) is GAFAM Openwashing Amplified
- Such propaganda and openwashing make one wonder...
- Open Source Initiative (OSI) Blog: Microsoft Operatives Promoting Proprietary Software for Microsoft
- This is corruption
- Libre-SOC Insiders Explain How Libre-SOC and Funding for Libre-SOC (From NLNet) Got 'Hijacked' or Seized
- One worked alongside my colleagues and I in 2011
- Why We're Revealing the Ugly Story of What Happened at Libre-SOC
- Aside from the fact that some details are public already
- Removing the Lid Off of 'Cancel Culture' (in Tech) and Shutting It Down by Illuminating the Tactics and Key Perpetrators
- Corporate militants disguised as "good manners"
- FSF, Which Pioneered GNU/Linux Development, Needs 32 More New Members in 2.5 Days
- To meet the goal of a roughly month-long campaign
- Lupa Statistics, Based on Crawling Geminispace, Will Soon Exceed Scope of 4,000 Capsules
- Capsules or unique capsules or online capsules are in the thousands and growing
- Links 24/07/2024: Many New Attacks on Journalists, "Private Companies Own The Law"
- Links for the day
- Gemini Links 24/07/2024: Face à Gaïa, Emacs Timers for Weekly Event, Chromebook Survives Water Torture
- Links for the day
- Why Virtually All the Wikileaks Copycats, Forks, and Rivals Basically Perished
- Cryptome is like the "grandpa" of them all
- A Total Lack of Transparency: Open and Free Technology Community (OFTC) Fails to Explain Why Over 60% of Users Are Gone (Since a Week Ago)
- IRC giants have fallen
- In the United Kingdom Google Search Rises to All-Time High, Microsoft Fell Nearly 1.5% Since the LLM Hype Began
- Microsoft is going to need actual products or it will gradually vanish from the market
- Trying to Put Out the Fire at Microsoft
- Microsoft is drowning in debt while laying off loads of staff, hoping it can turn things around
- GNU/Linux Growing at Vista 11's Expense
- it's tempting to deduce many people who got PCs with Vista 11 preinstalled are deleting it, only to replace it with GNU/Linux
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, July 23, 2024
- IRC logs for Tuesday, July 23, 2024