Security Bytes: Spam that glitters isn't gold

By SearchSecurity.com Staff 24 Jul 2006 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

In a posting to the ISC Handler's Diary Sunday, ISC Director Marcus Sachs detailed the contents of an email that has started making the rounds in recent days.

The text of the message includes information about an alleged transaction involving e-Gold Ltd., an electronic payment site. The author attempts to convince the recipient that she lost currency from a transaction, but includes a screenshot detailing the problem called screen.zip. When opened, that file drops a series of executables and .dll files on a victim's machine, one of which includes a spyware-spreading Trojan that attempts to steal e-Gold account information.

Sachs said the issue and analysis were submitted to the ISC by a reader. "Readers… are the backbone of the SANS Internet Storm Center and we really appreciate those who send in their own analysis for us to turn around in alerts to others," Sachs said.

SiteDepth subject to .php vulnerability
The French Security Incident Responst Team (FrSIRT) is one of several organizations warning of a flaw in SiteDepth, a content management system used primarily by adult Web site operators, that could enable attackers to execute arbitrary commands.

Late last week FrSIRT warned of the issue, which was first reported by David "Aesthetico" Vieira-Kurz of German security firm Major Security.

"This flaw is due to an input validation error in the 'constants.php' script that fails to validate the 'SD_DIR' parameter, which could be exploited by remote attackers to include malicious files and execute arbitrary commands with the privileges of the Web server," said FrSIRT.

The issue affects SiteDepth version 3.0.1 and prior. A patch has not yet been issued by the vendor.

McAfee warns of adware on MySpace
Social networking site MySpace may be popular among young and old alike, but not all the media clips being shared there are for harmless fun.

In its Avert Labs Blog, antivirus vendor McAfee Inc. warned that not only have a pair of MySpace viruses circulated this year, but it's also become a hotbed for adware.

More specifically, McAfee's Allysa Myers noted the recent Washington Post report that an advertisement posted on MySpace used the Windows Meta File (WMF) exploit that Microsoft patched earlier this year to install adware. Plus, another organization has reportedly created fake MySpace profiles to increase adware installations.

That means harmless MySpace surfing during the workday may not be so harmless after all. "There's really nothing to prevent profiles being created for questionable purposes," Myers wrote.

Tags: Web Application Security,  Email and Messaging Threats (spam, phishing, instant messaging),  Security Awareness Training and Internal Threats,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Web Application Security nCircle statistics show rising Web application vulnerabilities Twitter bugs, DNSSEC and broswer security Month of Twitter Bugs project to document Twitter flaws Are Web application penetration tests still important? IT pros can detect, prevent website vulnerabilities, thwart attacks PCI compliance requirement 6: Systems and applications Trust eroding as social engineering attacks climb in 2009, says Kaspersky expert US-CERT warns of Gumblar, Martuz drive-by exploits XSS bugs, information leakage top list of website vulnerabilities How to find and stop automated SQL injection attacks Email and Messaging Threats (spam, phishing, instant messaging) How to prevent brute force webmail attacks Unified communications: Securing a converged infrastructure Chained Exploits: How to prevent phishing attacks from corporate spies 3FN.net ISP shutdown interrupts spam campaigns Swine flu outbreak results in spam pandemic What does 'invoked by uid 78' mean? Economy fuels malware, spam Internet Explorer 8 includes a bevy of security features Adobe JBIG2 exploits being spammed, IBM warns Fierce competition prompted new Cisco email security options Email and Messaging Threats (spam, phishing, instant messaging) Research Security Awareness Training and Internal Threats Twitter risks, Facebook threats trouble security pros Social engineering training could disrupt botnet growth How to write a risk methodology that blends business, security needs Risk management must include physical-logical security convergence Tabletop exercises sharpen security and business continuity Security policies need simplifying, expert says Microsoft IE 8 security only benefits educated users Security book chapter: The Truth About Identity Theft How to integrate the security of both physical and virtual machines Laid off workers likely to steal company data, survey warns

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary anonymous Web surfing  (SearchSecurity.com) buffer overflow  (SearchSecurity.com) cache cramming  (SearchSecurity.com) cookie poisoning  (SearchSecurity.com) dictionary attack  (SearchSecurity.com) distributed denial-of-service attack  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) National Computer Security Center  (SearchSecurity.com) threat modeling  (SearchSecurity.com) trigraph  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary