TribCSP.com Logo Casper, Wyoming ".$_SERVER['REMOTE_ADDR']); ?>
Presentation News Presentation Email Presentation Find It Here

Threats and Advisories

Last reviewed: October 10, 2004

Exploit for Microsoft GDI+ JPEG Parser

W32/Bagle Revisited

W32/MyDoom Revisited

W32/Sasser

Exploitation of Outlook Express MHTML cross-domain scripting vulnerability

Additional Information:

E-mail Virus and Internet Worms

Last reviewed: October 10, 2004

I-Worm.Mydoom.y [ 09/15/2004 ]
Danger : moderate risk

I-Worm.Mydoom.t [ 09/09/2004 ]
Danger : moderate risk

I-Worm.Bagle.an and I-Worm.Bagle.ao [ 09/01/2004 ]
Danger : moderate risk

I-Worm.Mydoom.q [ 08/16/2004 ]
Danger : moderate risk

I-Worm.Bagle.al [ 08/10/2004 ]
Danger : moderate risk

I-Worm.Amus.a [ 08/05/2004 ]
Danger : moderate risk

I-Worm.Mydoom.m [ 07/26/2004 ]
Danger : moderate risk

I-Worm.Bagle.ai [ 07/19/2004 ]
Danger : moderate risk

I-Worm.Zafi.b [ 06/14/2004 ]
Danger : moderate risk

I-Worm.Plexus.b [ 06/06/2004 ]
Danger : moderate risk

Additional Information:

 

Internet Security News

New Bagle version spreading

Variant said to be harder to catch

Antivirus and computer security companies warned Internet users about a new version of the Bagle e-mail worm that was spreading quickly on the Internet Monday.
The new worm goes by a number of different names and is very similar to earlier versions of the worm, but also has new features that allow it to trick antivirus software and content filtering products, said Sam Curry, vice president of e-Trust Security Management at Computer Associates International Inc. (CA).
Antivirus company McAfee Inc. and CA both rated the new version of Bagle a "medium" threat, citing increasing number of samples submitted by customers.

Story Continues

 

IBM tells users not to install Windows XP update

...a nice level-headed approach.

While developers at Microsoft may be celebrating that they finished work on Service Pack 2 for Windows XP, IT departments around the world now face the question of whether they should update their systems, or not.
IBM, for one, is holding off on installing the security focused update for Windows XP. In a note headlined "To patch - or not to patch" posted Friday on its corporate intranet, IBM tells its employees not to download SP2 when it becomes available because of compatibility issues. A copy of the note was obtained by IDG News Service.
"While this patch may be good news for other Microsoft Windows XP owners, IBM is directing XP users not to install SP2," the note states. With close to 400,000 desktops, IBM is a very large Microsoft customer.
[ Read more ]

 

Fake spyware removal programs disabling PCs

 

It's bad enough that spyware and adware are disabling millions of home computers. Now come fake programs that claim to remove these pests for a fee, but don't.
"It has been a big problem this year," says Ari Schwartz of the Center for Democracy and Technology, which has been lobbying Congress and the Federal Trade Commission for action.
Heavily touted on most search engines, these rogue programs lure users with "free" scans. Want to remove the "spyware"? Buy the full version for $29.95. A handful of these programs even install their own favored brands of adware and spyware.
The problem has been around for a while, but in recent months, has grown so bad that it has become far easier to fall for bogus products than to find the real thing, according to Eric L. Howes, a university of Illinois graduate student who runs the definitive Web site to evaluate bogus spyware eliminators (www.spywarewarrior.com). His site lists more than 75 such programs, with new ones every day. There are even sphony "review" sites that rate bogus programs, and either ignore or downgrade the legitimate ones.
According to Howes, the authors of these programs try to mimic the name or home page of one of the top two legitimate anti-spy ware programs -- Spybot Search and Destroy (www. security.kolla.de), and Ad-aware (www.lavasoftusa.com). They also use so-called "index spam" to manipulate Google and other search engines and push their products to top rankings.
[ Read more ]

 

Phishing Attacks Using Banner Ads to Spread Malware

 

Security problems involving banner advertising networks go beyond the recent distributed denial of service (DDoS) attack on DoubleClick. Banner networks, with their ability to place code on hundreds of outside sites, offer a vehicle for the rapid distribution of trojans and other malware, as well as a way to deface web pages. In a troubling development, phishing scams have recently demonstrated the ability to install keylogging trojans via banner ads.
[ Read more ]

 

Continuing Threats to Home Users

Original release date: March 19, 2004
Source: US-CERT

There are a number of pieces of malicious code spreading on the Internet through email attachments, peer-to-peer file sharing networks and known software vulnerabilities.

Intruders target home users who have cable modem and DSL connections because many home users do not keep their machines up to date with security patches and workarounds, do not run current anti-virus software, and do not exercise caution when handling email attachments. Everyone should take precautions, patch vulnerabilities, and recover if you have been compromised.

Additional Information:

 

Recommended Steps for Protection

March 18, 2004

We realize that it is impossible to keep you updated on the latest threats directly. Therefore, we offer this resource to help you identify risks, evaluate protection measures, and configure the security measures for your personal computer.

Additional Information: