Posts Tagged ‘Malware’

South Korean Banks, Media Companies Targeted by Destructive Malware

No Comments »

 

Attack from just 49 IPs and 48,000 servers (Linux/HP Unix) boot records were deleted in South Korea (20-March-2013), including servers at major (4) Banks and (3) TV stations.

Read the rest of this entry »


FlashBack Checker – Tool Detects Flashback Mac Malware

No Comments »

 

A Mac developer has posted a tool that detects a Flashback malware infection on Apple's computers. Last week we posted about, More than 600000 Macs system infected with Flashback Botnet. That's slightly more than 1 percent of all 45 million Macs in the world still a relatively small number, but a worrisome one for Mac users, as the tally of infected machines continues to grow

Apple has released new security updates that check for and remove the common Flashback malware variants.
I highly encourage Snow Leopard and Lion users to run Software Update and get the official Apple tool.
http://support.apple.com/kb/HT5247

————————————————————————————————————————————————————————

Flashback checker runs the tests described in the F-Secure Bulletins:
http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_k.shtml

Download Flashback Checker 1.0: https://github.com/downloads/jils/FlashbackChecker/FlashbackChecker.1.0.zip

**Note** This utility checks and reports the presence of Flashback malware,
it does _not_ remove it!

No affiliation with F-Secure.

Supports 10.5 and up, PPC and Intel clients.
Juan I. Leon
April 6th, 2012


Retirement of Autorun

No Comments »

After a decade of abuse, Autorun is finally being retired in older versions of Windows.

Microsoft has finally removed Autorun function from earlier versions of its Windows operating system that has been widely abused by miscreants to surreptitiously install malware on users' computers.

Vista/Windows 7 introduces some new features like UAC and improved AutoPlay (aka Autorun) that disables certain functionality which has been abused by malware (like Conficker). These changes will be backported to down level platforms.

This functionality was made available for Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008 .

Please visit the following KB article for more information and how to download the new updates http://support.microsoft.com/kb/971029 for disabling Autorun abuse.

Previous update http://support.microsoft.com/kb/967715