Cybercons
contributes regular monthly feature articles to the prestigious
Hotel
Motel and Resort News monthly industry magazine.
Articles are relevant to Internet issues and in depth treatment of requested topics by Tourism Industry readers in Australia and New Zealand.
The content of this section is derived from monthly publications and provides an easy link to materials and resources referred to in our contributions in the Alert Box!
rn October 2007 Protect your computer with Internet Tools.
Security Software is available from links on our Free Pages
http://www.cybercons.org/free2.htm
Online Scans
by Trend Micro
http://housecall.trendmicro.com/
by Symantec ( Norton)
http://security.symantec.com/sscv6/home.asp?langid=ie&venid=sym&plfid=23&pkj=MHTOJABOKQYWTFVRHRM
Software Inspector
by Secunia
http://secunia.com/software_inspector/
We suggest you revisit all our Free pages for many other useful resources.
rn March 2006 How to protect your own security.
Security Update Summary
http://www.microsoft.com/athome/security/update/bulletins/200601.mspx
Viruses and Worms
http://www.microsoft.com/athome/security/viruses/default.mspx
Install MS Security Scanner
http://safety.live.com/site/en-US/scanner/install.htm?scanner=default&g
oback=%2Fsite%2Fen-US%2Fdefault.htm
Firewall Protection -an absolute necessity!
All listed on this site. Just click here!
MS list of AV vendors
http://support.microsoft.com/?kbid=49500
or check out the AV information right here!
rn March 2006 Trojans, phishing and Software updates.
Update MS Security Sytem and Software
The systems affected are Microsoft Windows XP Service Pack 1 and
Microsoft Windows Server 2003 (including the version for Itanium
systems). The updates to correct the error, along with further
information, can be found at:
http://www.microsoft.com/technet/security/Bulletin/ms06-011.mspx.
The second update, in bulletin MS06-012, corrects an error similar to
the previous one, as it can also allow an attacker to take control of
the system, in this case if the user starts a session as the
administrator.
According to this second bulletin, the affected systems are Office 2000
SP 3, Office XP SP 3, Office 2003 SP 1 or 2 and Microsoft Works Suites,
from version 2000 to 2006. In addition, Office for Mac (Versiones X and
2004) is affected. Microsoft offers more information at:
http://www.microsoft.com/technet/security/Bulletin/ms06-012.mspx.
New phishing attempts.
As well as email spoofing techniques, attacks can be carried out from
Internet domains with similar phonetics to the attacker's domain, such
as using 'companny.com' instead of "company.com". At a glance, this
deception can go unnoticed.
Phonetic similarities are not the only problem; graphic similarities can
also be used to confuse users. For example, the letters 'r' y 'n' can
have a similar graphics to the letter 'm', so that "cornpany.com' can
pass for 'company.com', especially in certain fonts and letter sizes.
What's more, the high resolution of monitors with extremely small pixels
also adds to this confusion.
Trojans Win32/Mywife.E@mm and Win32/Wmfap are prevalent. The links will take you to the resources on our virus page.
rn JUNE 2006 Trojans threat updates.
The Clickbot.A and Kitty.Kat Trojans and the Hoots.A worm are the focus of this week's report.
Clickbot.A is a Trojan which is part of a system for defrauding 'pay per click' systems, registering fraudulent clicks on adverts which are not actually receiving hits. PandaLabs has uncovered a network with thousands of compromised computers being used for this purpose. It does not spread automatically, but requires user interaction in order to infect the system. These actions can include opening files attached to e-mails, downloading files from the Internet or from P2P file-sharing networks. When run, the Trojan registers as a BHO (Browser Helper Object), allowing it to activate every time Internet Explorer is started. Clickbot.A can update its own code, notify the controller of the botnet that the computer is infected and available, and can be used fraudulently to click on-demand.
KittyKat.A is a Trojan that cannot spread on its own, but needs user intervention in order to activate, e.g. opening e-mail attachments, downloading files from the Internet or across P2P networks. It always appears compressed in a RAR file, which also includes the original packaged files and a series of files with random sizes and names, along with another file called Start.bat. If the latter is run, a new executable called Nrk.exe is created which searches for all RAR files and inserts its code. When this process is complete, the following message is displayed on screen: Eppur si muove! - Defend your opinion!. The infection has no other malicious effects.
Hoots.A is a worm that spreads across shared resources and mapped drives on a local network. It is easily recognized because it sends a picture of a snowy owl to network printers with the text "O RLY?" written across the image. The worm creates a file called O RLY.exe in the Start folder, in order to run every time Windows starts up and another file called Check.exe, both of which are copies of its own code. Once the worm detects a network, it starts various actions in order to spread, such as using commonly used passwords to try to gain access to shared drives, creating an inventory of mapped drives in order to create a copy of itself in all of them.
For details click here http://www.pandasoftware.com
The
content is fluid and not all articles appear in our headline
box above. For a full listing please click on the indicated
link.
