News Stay informed about the latest enterprise technology news and product updates.

Security Bytes: Beware Osama Trojan; Samba fixes flaws

Hackarmy Trojan lures victims with Bin Laden death message; Microsoft and FTC tackle phishing; Samba issues fixes.

Hackarmy Trojan lures victims with Bin Laden death message Users beware: A file posing as photographic evidence...

that Osama Bin Laden has killed himself is in fact infected by the Hackarmy Trojan horse, according to Sophos. The Lynnfield, Mass.-based IT security firm said thousands of messages have been posted on Internet message boards and Usenet newsgroups. It claims CNN journalists found the terrorist leader's hanged body earlier this week, but that the photographs have not been officially made public because the U.S. government wants to verify it's Bin Laden. The messages point to a Web site where a file can be downloaded, purporting to contain photographs. In reality the file contains the Trojan, which can allow hackers to gain remote control of the victim's computer. A typical message reads: "Osama Bin Ladin was found hanged by two CNN journalists early Wednesday evening. As evidence they took several photos, some of which I have included here. As yet, this information has not hit the headlines due to Bush wanting confirmation of his identity but the journalists have released some early photos over the Internet." Graham Cluley, Sophos's senior technology consultant, said, "Hackers and virus writers will try all kinds of tricks to entice people into downloading their malicious code. It seems this time that the hacker has focused on the public's morbid curiosity and appetite for news on the war against terror." More information is available here.

Samba flaws fixed
Samba recommends users download updates to fix two vulnerabilities that could be exploited for a buffer-overflow attack. Copenhagen, Denmark-based IT security firm Secunia calls them "moderately critical". The open source/free software suite provides file and print services to SMB/CIFS clients. The first vulnerability is caused by a boundary error when decoding base64 data during HTTP basic authentication. The second is caused by a boundary error in the code used to handle "mangling method = hash". The first problem affects Samba 3.0.2 to 3.0.4. The second affects Samba 3.0.0 to 3.0.4, Samba 2.2.9 and prior. Both issues have been fixed in Samba version 3.0.5. The second issue has been fixed in Samba version 2.2.10.

Microsoft aids antiphishing, antispam group
Microsoft said it will provide $46,000 worth of software and a full-time analyst to the National Cyber-Forensics & Training Alliance, an organization set up jointly by Carnegie Mellon University, the FBI, the National White Collar Crime Center and West Virginia University, according to CNET The analyst from Microsoft's Internet Safety Enforcement group will help analyze data related to Internet crime, including CAN-SPAM Act violations and phishing.

FTC to encourage e-mail authentication standard
The Federal Trade Commission, though not a standards body, plans a summit for industry experts this fall to help develop requirements for an e-mail authentication standard in hopes that it will stem the growing tide of fraud caused by phishing and other electronic methods. A study by the Anti-Phishing Working Group, said 1,125 new phishing schemes were identified in April, a 180% increase over the month before, while the Gartner Group estimated 1.8 million people have submitted information to fraudulent sites, according to a news report by Government Computer News.

Massive database company Acxiom hit by second breach
Federal prosecutors charged an online advertiser Scott Levine, 45, of Boca Raton, Fla. with stealing large amounts of consumer information from Acxiom Corp., one of the world's largest database companies. According to the Washington Post, Levine misused a legitimate password and username his company, Snipermail, had for Acxiom Corp. and secretly downloaded millions of names, e-mail and home addresses, and other details in "one of the largest network intrusions in recent memory." News of the compromised information came just one year after authorities discovered that an Ohio man, working for another company doing business with Acxiom, had illegally downloaded information from the company.

Dig Deeper on Emerging cyberattacks and threats

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.