Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

Shop online 24hrs a day or call us Mon-Fri
8:30AM-4:30PM EST - 1-800-915-2088
WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me
looking for freeware

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe

October Security Bulletin

Friday, October 6th, 2006 by | Filed Under: Security Help
 
Loading...


October Security Bulletin

Hey, it’s October and I have a ton of security issues to go over with you folks this week. First of all, Kaspersky’s Online Scanner for September 2006 has uncovered the truth behind social engineering and the spread of malware. Of course, I also have a few vulnerabilities and attacks to talk about, so let’s get the show on the road and take a look at October’s security landscape.

Kaspersky Online Scanner for September

August was the month of the worms, which is a little out of place according to Kaspersky laboratories, but the online scanner in September brought things back to normal with malware leading the assault on PCs. Trojan Droppers and Trojan Downloaders, in particular, seem to be gaining ground. One specifically, is even the new kid in town and it took home the “most popular” award for online threats in September. That was the .win32.Delf.awg threat. It was sent out under the disguise of a young woman wanting to share her summer vacation pictures with you. That is social engineering at its best. It is one of the most talked about topics in the Kaspersky monthly scanner. There are discussions about it and the success rate of its use all over the place. People can’t seem to stop themselves from opening these e-mails and all they end up doing is infecting their machines.

Microsoft PowerPoint Vulnerability

I don’t know how often you use Microsoft’s PowerPoint throughout your day, but keep your head up. The popular presentation software can leave your machine open to attacks.

This Trojan silently runs an .exe file, which installs two .DLL files that operate as backdoors. The backdoors then post information entered in Internet Explorer to an outside Web site, according to McAfee.

This exploit affects PCs and Macs running certain versions of Microsoft’s PowerPoint. Those are Microsoft PowerPoint 2000, Microsoft PowerPoint 2002, Microsoft Office PowerPoint 2003, Microsoft PowerPoint 2004 for Mac and Microsoft PowerPoint 2004 v. X for Mac, according to a company spokesman.

Malicious E-mails Posing as Security Warnings are Infecting PCs

According to security analysts at MicroWorld Technologies, there is a worm going around using security warnings as bait and people are opening them up like crazy. This is just like the social engineering e-mail I was discussing earlier in this article. The attackers are using an enticing subject in order to trick the recipient into opening the infected e-mail. The “bait” is working well, because this mass mailing worm has been putting up some impressive numbers.

The virus has its own SMTP server, which means it can send out e-mail on its own and it needs this, because one of the first things it’s going to do in your system is harvest all the e-mail addresses it can from you and mail a copy of itself out to them. The second thing it’s going to do is log onto some malicious sites and try to bring more applications into your machine. Here’s an example of some of the message bodies you might find in an infected e-mail:

  • Mail Transaction failed. Partial message is available.
  • The message contains Unicode characters and has sent as a binary file. The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment

These messages can be tempting, but that again, is social engineering. Hackers want you to open their e-mails and they don’t want you to just ignore them. Unfortunately, they are pretty good at it. Almost everything I talked about today revolves around social engineering and there is no software to protect you against that. You just have to have good sense. Stay away from all the e-mails out there that you are not 100 percent sure of or can verify. There is just too much going on and there are too many unpatched vulnerabilities in Windows to take any chances.

Until next week, stay safe out there.

~ Chad Stelnicki

Leave a Reply


Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.


Enter Email Address:

Subscribe

Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup



Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Subscribe


Love Worldstart? Refer A Friend!

looking for freeware
WorldStart's Premium Membership

Tip Archive


Categories:
Archives: