June 2010 Archives
Posted By Netgear Threat Lab at 2:05 PM, June 30, 2010
On June 10th, security researcher Tavis Ormandy discovered and released to the public details on a new vulnerability in the Microsoft Windows Help Center. We have since found a lot of new malware trying to take advantage of this loophole.
HCP is a protocol similar to HTTP. It can use a URL to open documents wthin Windows Help and Support Center. Help and Support Center (HSC) is the built-in help function of Windows which provides users with the ability to download and install software updates and other help documents. Internet Explorer by default can use the protocol to open the Help and Support Center.
In this case, if the user opens a Web page which exploits the HCP vulnerability, hidden malicious scripts automatically run and attempt to infiltrate the system.
Another way malicious attackers attack is embedding the HCP exploit code into a number of advanced audio formats files. When the user opens the audio stream file, the operating system also will be subject to malicious intrusions.
As this vulnerability was announced recently, there is no existing patch yet. We recommend users to temporarily shut down the HCP related functions manually until a patch is released.
Posted by: Netgear Threat Lab at 2:05 PM
Categories: Netgear Threat Lab
Posted By Pete at 5:13 PM, June 17, 2010
I'm pleased to announce that we have released firmware version 1.0.26-0 for the UTM 5/10/25 series. 1.0.26-0 contains the long anticipated Windows 7 (32 and 64bit) SSL VPN support. I thank all our customers for waiting patiently while we worked through some bugs during the beta.
Also in this release is support for our upcoming Windows 7 compatible IPsec VPN client as well as support for the native iPhone IPsec VPN client.
On the horizon, we are working on a lot of enhancements to the current UTM platform that I think a majority of our users will find extremely helpful. We are also working very hard on "beefier" UTMs. Stay tuned!
Posted by: Pete at 5:13 PM
Posted By Pete at 11:01 AM, June 10, 2010
What do you look for when you purchasing a digital camera? More mega pixels? more zoom? or better manual controls?
Well, here's a feature that definitely not on anyone's checklist: PC infecting worm.
1709 Olympus Stylus Tough 6010s came preloaded with a worm on the camera's internal memory. The worm itself does no harm to the camera, however as soon as the user connects the camera to their PC via USB the worm attacks and attempts to infect the PC.
Olympus has issued an apology but the damage has been done. Imagine taking some pictures on your new shiny camera only to get your PC infected when you try to view the pictures.
This is not the first time a product has shipped with malware and it certainly won't be the last. Companies will just have to be more careful in the manufacturing process and take the necessary security measures to secure their network.
Posted by: Pete at 11:01 AM
Posted By Netgear Threat Lab at 4:05 PM, June 8, 2010
With the 2010 FIFA World Cup closely approaching and the world going into a frenzy, spammers armed with malicious emails are also joining in on the festivities.
So far we've seen two types of these mal-emails:
The first is your typical Nigerian scam - The email claims that the recipient was just drawn as a winner in the online sweepstakes held by the International Federation of Association Football (FIFA). In order to receive the winnings the victims are required to provide detailed personal information. Further emails will eventually require them to pay a fee to secure their winnings. The personal information provided will be used in a vast array of crimes such as identity theft, distribute spam, phishing, and other types of fraud.
The other type of spam contains a PDF attachment. The message body has content such as a detailed guide to South African tourism, ticketing services, and other information to induce the user to open the PDF attachment.
The PDF file actually contains malicious code that exploits a known vulnerability in Adobe Reader. Once the user opens the PDF, it will automatically download and install a variety of malware.
FIFA has recently alerted fans about similar online scams on their blog. With the start of the World Cup approaching in a couple of days, expect to see more and more of these scams.
Posted by: Netgear Threat Lab at 4:05 PM
Categories: Malware , Netgear Threat Lab , Phishing , Spam
« May 2010 |
Main Index |
| July 2010 »