Free Republic

A BusinessWeek probe of rising attacks on America's most sensitive computer networks uncovers startling security gaps The e-mail message addressed to a Booz Allen Hamilton executive was mundane—a shopping list sent over by the Pentagon of weaponry India wanted to buy. But the missive turned out to be a brilliant fake. Lurking beneath the description of aircraft, engines, and radar equipment was an insidious piece of computer code known as "Poison Ivy" designed to suck sensitive data out of the $4 billion consulting firm's computer network. The Pentagon hadn't sent the e-mail at all. Its origin is unknown, but the...

Ok, Daughter's laptop with an up to date anti-virus program and firewall has gotten infected with a worm called worm.win32.netsky. Can't find a removal program for this bugger and the scans haven't found or removed it. She was going to various School District web sites to apply for a teaching job when it happened It loaded on it's own new desktop icons, and diabled remove program from the task bar along with Ctl-Alt-Del. Anyone out there got ideas?

The origin of the human brain has been traced back to primitive central nervous systems in worms and bugs, researchers now say. Humans and other vertebrates evolved from an ancient common ancestor that also gave rise to insects and worms, scientists have long known. But they're of course quite different today. Vertebrates have a spinal cord running along their backs, but insects and annelid worms such as earthworms, which have simple organs that barely resemble a brain, have clusters of nerves organized in a chain along their bellies. So biologists have long assumed these systems—key to ultimately putting a brain...

Thursday likely marked the largest proliferation of e-mail virus attacks in more than a year, according to security company Postini. Postini said that two variations of the Storm Worm virus, which originally spread across the Internet in January, have quickly driven global virus levels 60 times higher than their daily average. E-mail users should be on alert for messages with "love"-related subject lines and an executable attachment that would contain a Trojan virus, as well as messages with "Worm Alert!" subject lines that contained a .zip file full of malicious code. Postini, which is based in San Carlos, Calif., says...

Websense® Security Labs™ has discovered that the official website of Dolphin Stadium has been compromised with malicious code. The Dolphin Stadium is currently experiencing a large number of visitors, as it is the home of Sunday's Super Bowl XLI. The site is linked from numerous official Super Bowl websites and various Super Bowl-related search terms return links to the site.

SAN FRANCISCO - A computer worm is attacking some business PCs through a flaw in antivirus software by Symantec Corp., a security company warned Friday. EEye Digital Security, based in Aliso Viejo, Calif., said the worm, dubbed "Big Yellow," began attacking some computer systems on Thursday — seven months after eEye first discovered the flaw. Symantec released a patch to address the flaw in May, but it's up to its corporate customers to install it. Officials at the Cupertino, Calif.-based security software company said Friday it had so far received three reports of systems affected by the worm. "It is...

Google Apologizes in an Update: (Nov. 10,2006) Staffers mistakenly e-mail the virus to subscribers of the Video Blog mailing list. Google accidentally sent out e-mail containing a mass mailing worm to about 50,000 members of an e-mail discussion list focused on its Google Video Blog, the company said Tuesday. "On Tuesday evening, three posts were made to the Google Video Blog-group that should not have been posted," Google said in a statement, posted late Tuesday night. "Some of these posts may have contained a virus called W32/Kapser.A@mm -- a mass mailing worm. If you think you have downloaded this virus...

The world's stocks of seafood will have collapsed by 2050 at present rates of destruction by fishing, scientists said yesterday.A four-year study of 7,800 marine species around the world's ecosystems has concluded that the long-term trend is clear and predictable.   If the rate of over-fishing continues, the world's currently fished seafoods will have reached what is defined as collapse by 2048 By 2048, to be exact, catches of all the presently fished seafoods will have declined on average by more than 90 per cent since 1950.The study, by an international group of ecologists and economists, says the loss of...

SPOKANE, Wash. --It's 3 feet long, pinkish in color, smells like a lily and must be saved from extinction, conservationists said Thursday in asking the federal government to protect the Giant Palouse Earthworm under the Endangered Species Act. Long thought extinct, the worm was rediscovered in the past year to occupy tiny swatches of the heavily farmed Palouse region along the Washington-Idaho border. "This worm is the stuff that legends and fairy tales are made of," worm supporter Steve Paulson declared. "What kid wouldn't want to play with a 3 foot-long, lily smelling, soft pink worm that spits?" The U.S....

Other News: McBot attack is now in the wild... Marc Maiffret, eEye Digital Security, is reportting that an automated botnet malware has been using MS06-040 to infect machines and then scan for new machines to infect. If you have *not* installed the patch for MS06-040 then you are r *at risk* and need to get a move on to patch your network.. ...99% of Arab Websites Are Insecure Islamophobic, you ask? Nope, just the facts, Ma'am.... ... Eagle Eye Walmart Employee foils terrorists by alerting authorities,...& She gets named "Employee of the Month".

Excerpt - A security researcher with expertise in rootkits has created a working prototype of new technology that is capable of creating malware that remains "100 percent undetectable," even on Windows Vista x64 systems. Joanna Rutkowska, a stealth malware researcher at Singapore-based IT security firm COSEINC, says the new Blue Pill concept uses AMD's SVM/Pacifica virtualization technology to create an ultra-thin hypervisor that takes complete control of the underlying operating system. Rutkowska plans to discuss the idea and demonstrate a working prototype for Windows Vista x64 at the end at the SyScan Conference in Singapore on July 21 and at...

CONWAY, Ark. -- The worms in Phyllis Smith's garden are trying to tell her something. They're saying "hi." Smith has found herself losing the battle against the worms. She recently found a fruit with a message on it, clearly written by one of the unwanted guests. "We got down and was pruning and got down there and just pulled open those tomato vines," Smith said. "There was a message that that bold bug had left on that tomato, and it said, 'hi.' And it just blew our minds. I laughed so hard." Smith said she couldn't believe her eyes when...

Hackers are trying to lure people to a malicious Web site using cell phone text messages, a security company has warned. The blended attack uses social engineering techniques in its attempt to trick people to the site, security vendor Websense said in an advisory. An SMS text message is sent to the targets' cell phones, thanking them for subscribing to a fictitious dating service. The message states that they will be automatically charged a fee of $2.00 per day via their phone bill, unless their subscription is cancelled online. The same message has also been sent multiple times to the...

Worm lures victims with 'Naked World Cup'- World Cup malware targets English speakers By Robert McMillan, IDG News Service June 20, 2006 Soccer purists can breathe a sigh of relief. There is no Naked World Cup. IT professionals, on the other hand, may want to be a little more vigilant, as a new e-mail worm is on the loose that preys on the intense worldwide interest in the international sporting event. Called Sixem-A, the worm began circulating earlier this week, and has just recently been blocked by antivirus vendors. So far, the worm has been detected at only a handful...

A robot designed to crawl through the human gut by mimicking the wriggling motion of an undersea worm has been developed by European scientists. It could one day help doctors diagnose disease by carrying tiny cameras through patients' bodies. The team behind the robot includes scientists from Italy, Germany, Greece and the UK. They modelled it on polychaetes, or "paddle worms", which use tiny paddles on their body segments to push through sand, mud or water. "We turned to biological inspiration because, in the peculiar environment of the gut, traditional forms of robotic locomotion don't work," says Arianna Menciassi, a...

At the Cross, piano 1. Alas! and did my Savior bleed, and did my Sovereign die? Would he devote that sacred head for sinners such as I? Refrain: At the cross, at the cross, where I first saw the light, and the burden of my heart rolled away; it was there by faith I received my sight, and now I am happy all the day. 2. Was it for crimes that I have done, he groaned upon the tree? Amazing pity! Grace unknown! And love beyond degree! (Refrain) 3. Well might the sun in darkness hide, and shut its glories...

Washington -- National Security Advisor Samuel R. Berger announced June 16 the appointment of Mary O'Neil McCarthy as Special Assistant to the President and Senior Director for Intelligence Programs.

Excerpt - LAKE BUENA VISTA, Fla. — In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at...

If six billion humans died, the world would be a better place. That's the message a professor from the University of Texas is proclaiming. An article in The Gazette-Enterprise details Professor Eric Pianka's doomsday beliefs. "In his estimation, 'We've grown fat, apathetic and miserable,' all the while leaving the planet parched. The solution? A 90 percent reduction." Can anyone say "Thomas Malthus wannabe" (high school flashback: Malthus was the guy who said the earth's population would outgrow its food supply). Pianka tells the Gazette, "[Disease] will control the scourge of humanity. We're looking forward to a huge collapse." The professor...

Sophos sees OS X virus ghostsAnti-virus software mistakes real applications for pests, breaks systems Anti-virus vendor Sophos has released an update of the Inqtana-B virus identity file for it Sophos Anti-Virus for OS X software due to false positives. The company initially released an antidote that incorrectly flagged various files in Microsoft Office 2004 and in Adobe Acrobat Reader as being infected with the OS X worm. Users in some cases reported that the anti-virus software claimed over 1,000 infections. The false positives have a great impact on users, as the anti-virus program will block access or delete all "infected"...

Doctors at a clinic in Kragujevac, central Serbia, have removed an 11 centimetre-long intestinal worm from a woman's eye socket. According to preliminary results, the worm taken from the 37-year-old patient's eye belongs to the Ascaris family, a common intestinal parasite in pigs that is also found in humans. No similar case has ever been recorded in Serbia and probably in Europe, Radomir Stojicevic, a doctor at the Kragujevac clinic, told the Tanjug news agency. The parasite had probably travelled through the patient's blood from the digestive tract into the eye socket, doctors at the clinic believe.

Microsoft has joined computer security experts to warn of a malicious software worm that may have already infected hundreds of thousands of PCs and is set to wreak havoc tomorrow. The worm, known variously as "Kama Sutra," "Blackworm" and "My Wife," entices users to open an e-mail attachment purportedly containing sexually explicit images. Once a computer is infected, Microsoft warned, the virus could "permanently corrupt a number of common document format files on the third day of every month." Users should be on the lookout for e-mails with subject headings such as "Hot Movie," "Sex.mpg," "Miss Lebanon 2006" and other...

Security analysts are warning computer users about a new and potentially destructive Internet worm that can obliterate important documents. The worm, called Kama Sutra, is making the rounds now, but is scheduled to execute its first massive attack on February 3. Detected last week, the malicious worm targets computers running Windows and spreads primarily by copying itself to shared network locations and then sending itself to e-mail addresses found on afflicted computers. With subject lines that read "the best videoclip ever," "give me a kiss," and "school girl fantasies gone bad," the worm entices computer users to open the attached...

Computer security experts were grappling with the threat of a newweakness in Microsoft’s Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses. The news marks the latest security setback for Microsoft, the world’s biggest software company, whose Windows operating system is a favourite target for hackers. “The potential [security threat] is huge,” said Mikko Hyppönen, chief research officer at F-Secure, an antivirus company. “It’s probably bigger than for any other vulnerability we’ve seen. Any version of Windows is vulnerable right now.” The flaw, which allows hackers to infect computers using...

This alert is a follow-up to a post made yesterday on our blog: http://www.websensesecuritylabs.com/blog/ Websense® Security Labs™ has discovered numerous websites exploiting an unpatched Windows vulnerability in the handling of .WMF image files. The websites which have been uncovered at this point are using the exploit to distribute Spyware applications and other Potentially Unwanted Soware. The user's desktop background is replaced with a message warning of a spyware infection and a "spyware cleaning" application is launched. This application prompts the user to enter credit card information in order to remove the detected spyware. The background image used and the "spyware...

Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied.

Sober Helps Catch Child Porn Offender By BetaNews Staff, BetaNews December 20, 2005, 3:13 PM For once the never-ending Sober worm actually did some good. A 20 year-old child porn offender turned himself in earlier this week after mistaking a message generated by the worm as an actual communiqué from Germany's Federal Criminal Police Office. The e-mail said "an investigation was underway," which apparently spooked the man into believing the authorities were aware of his online activities. He was charged after police found pornographic images of children on his computer. A spokesman for the Paderborn, Germany police credited the worm...

The pesky Sober worm is to blame for disrupting e-mail traffic between Comcast account holders and users of Microsoft-based e-mail, Redmond said on Friday. A variant of Sober known as Win32/Sober.Z@mm is pummeling servers at Hotmail and MSN with "unusually high mail load," causing delays in e-mail delivery to Hotmail and MSN customers, said Brooke Richardson, MSN's lead product manager. Richardson also indicated that Internet service providers besides Comcast may be having problems directing e-mail to Hotmail and MSN servers. "We are working with Comcast and other ISPs to address (the) issues," Richardson said. "We're actively working to take the...

A new variation of the long-running Sober worm uses extremely effective tactics to trick users into infecting their PCs, security companies said Tuesday, including posing as messages from the FBI and CIA. Sober.w -- called Sober.x by Symantec, and Sober.z by Sophos and F-Secure -- is spreading rapidly, said security experts, fast enough for vendors to have amplified their threat levels Tuesday. Symantec raised its warning to a "3" in its 1 through 5 scale, the first time since the Zotob outbreak in August that the Cupertino, Calif.-based anti-virus vendor has taken a worm to that threat level. "The rate...

Sony's controversial copy-protection scheme had been in use for seven months before its cloaking rootkit was discovered, leading one analyst to question the effectiveness of the security industry. "[For] at least for seven months, Sony BMG Music CD buyers have been installing rootkits on their PCs. Why then did no security software vendor detect a problem and alert customers?" asked Joe Wilcox, an analyst with JupiterResearch. "Where the failure is, that's the question mark. Is it an indictment of how consumers view security software, that they have a sense of false protection, even when they don't update their anti-virus and...

When the news first broke in the mainstream press that Windows expert and blogger Mark Russinovich (he wrote a book about Windows for Microsoft) had found that Sony's anti-piracy efforts had gone too far and that Sony's DRM was installing an undetectable rootkit on customers' computers which they couldn't safely remove, the first reaction from Microsoft was guarded. They were concerned, they said, and were evaluating what, if anything, to do: Microsoft, which also ships an anti-spyware program, recently renamed "Windows Defender," hasn't yet decided whether it will also flag the Sony DRM software as malicious code, the spokesperson said....

More than one-half million networks infected by Sony including U.S. military and various countries. Dan Kaminsky, http://www.doxpara.com/ ,is the expert who broke this and did the work. His U.S. and Europe infection maps are shown below and are frightening. Dan did a hell of a good job. Search Google News for "sony numbers trouble" for more in an excellent article today that is very worth reading.

New worm targets Linux systems By Joris Evers Staff Writer, CNET News.com Published: November 7, 2005, 5:12 PM PST A new worm that propagates by exploiting security vulnerabilities in Web server software is attacking Linux systems, warned antivirus companies on Monday. The worm spreads by exploiting Web servers that host susceptible scripts at specific locations, according to antivirus software maker McAfee, which has named the worm "Lupper." Lupper blindly attacks Web servers, installing and executing a copy of the worm when a vulnerable server is found, McAfee said in its description of the worm. A backdoor is installed on infected...

Here is where I am. Running XP Home. Was surfing a sports board. Got a BSOD. And since then cannot boot at all. lsass.exe system error invalid parameter Did enough searching to convince me I got the Sasser worm or some variation thereof. Booted from CD; tried repair console. No success. So I am ready to hopefully reinstall. I want to save my programs. Data I need is backed up on a second hard drive. So when I get to the point of selecting which drive to install on. I get the message that I will lose data, apps, etc....

Computer users are being urged to be on guard for a bogus e-mail that pretends to offer news updates about Hurricane Katrina as a means to infect their PCs. The malicious e-mail gives a brief news bulletin on the disaster before urging people to click "read more" and be taken to the full story on a website. Yet once directed to the website, a virus is sent to the user's computer. People are also being told to watch out for fraudulent e-mail scams pretending to raise cash for Katrina victims. It's sickening to think that hackers are prepared to exploit...

Creative Technology Ltd. has accidentally shipped almost 4,000 digital music players in Japan that contain a Windows worm, according to an advisory from Finnish security company F-Secure Corp. The 5GB Zen Neeon players, which have been shipping for two months, contain the Wullik.B e-mail worm, also known as Rays.A, F-Secure said. The worm is buried in a file in the Neeon’s file system. The worm will not infect PCs unless a user browses through the files on the player and clicks on the infected file, F-Secure said. Creative, based in Tokyo, did not immediately reply to a request for comment....

Authorities in Morocco and Turkey have arrested two people believed responsible for a computer worm that infected networks at U.S. companies and government agencies earlier this month. Farid Essebar, 18, was arrested in Morocco, while Atilla Ekici, 21, was arrested in Turkey on Thursday, Louis M. Riegel, the FBI's assistant director for cyber crimes, said Friday. They will be prosecuted in those countries, Riegel said. Essebar wrote the code that attacked computers that run Microsoft Corp. operating systems and Ekici paid him for it, Riegel said. It's unclear they ever met, "but they certainly knew each other via the Internet,"...

In Marokko und der Türkei sind die mutmaßlichen Urheber einer Variante des Computerwurms Zotob festgenommen worden, der vor zwei Wochen die Systeme zahlreicher amerikanischer Medienunternehmen und Regierungsbehörden befallen und gestört hatte. Wie das FBI bekannt gab, wurden die 18 und 21 Jahre alten jungen Männer am Donnerstag beziehungsweise Freitag festgenommen. Ihnen soll in ihren Heimatländern der Prozess gemacht werden. Bei der Ermittlung der Täter hat dem FBI zufolge Microsoft eine Rolle gespielt.

Suspects allegedly created worm that disrupted computer networks of major U.S. news organizations. WASHINGTON (CNN) - An 18-year-old Moroccan national and a 21-year-old resident of Turkey have been arrested for creating and spreading computer worms that disrupted services on computer networks of major U.S news organizations and other institutions earlier this month, the FBI announced Friday. Farid Essebar, a Moroccan who used the screen name "Diabl0," and Atilla Ekici of Turkey, who used the moniker "Coder," were arrested in their home countries by authorities who cooperated with U.S. investigators in tracking the origins of the Mytob worm; a damaging variant,...

WASHINGTON (CNN) -- A fast-moving computer worm Tuesday attacked computer systems using Microsoft operating systems, shutting down computers in the United States, Germany and Asia. Among those hit were offices on Capitol Hill, which is in the midst of August recess, and media organizations, including CNN, ABC and The New York Times. Caterpillar Inc., in Peoria, Illinois, reportedly also had problems.

I just tuned into Wolf Blitzer’s new show, The Situation Room. While Israel is in the process of a historic pullout from Gaza, CNN is reporting on… computer worms! Yes, you heard me right. Computer worms. This is quite honestly the saddest spectacle I’ve ever seen on TV.

<p>UPDATE: MSM PCs under attack by Zotob worm - CNN, NYT, ABCNEWS - update your virus defs NOW!</p> <p>Live on CNN right now ... Most PCs running Win2000 or older are now dead at MSM locations all over NYC, as well as some PCs at CNN Atlanta, and it's spreading.</p>

Microsoft Security Bulletin MS05-039 Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) Issued: August 9, 2005Version: 1.0Summary Who should read this document: Customers who use Microsoft WindowsImpact of Vulnerability: Remote Code Execution and Local Elevation of PrivilegeMaximum Severity Rating: CriticalRecommendation: Customers should apply the update immediately.Security Update Replacement: NoneCaveats: None Tested Software and Security Update Download Locations:Affected Software: • Microsoft Windows 2000 Service Pack 4 – Download the update • Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 – Download the update • Microsoft Windows XP Professional x64...

SINGAPORE (Reuters) - A new Internet virus has been detected that can infect Microsoft's Windows platforms faster than previous computer worms, said an anti-virus computer software maker. The ZOTOB virus appeared shortly after the world's largest software maker warned of three newly found "critical" security flaws in its software, including one that could allow attackers to take complete control of a computer. The latest worm exploits security holes in Microsoft's Windows 95, 98, ME, NE, 2000 and XP platforms and can give computer attackers remote access to affected systems, said Trend Micro Inc.. "Hundreds of infection reports were sighted...

Microsoft Corp. warned users of its Windows operating system on Tuesday of three newly found "critical" security flaws in its software, including one that could allow attackers to take complete control of a computer. Computer security experts urged users to download and install the patches, which are available at www.microsoft.com/security. "Users (should) apply the updates as quickly as possible," said Oliver Friedrichs, senior manager of Symantec Security Response, part of security software company Symantec Corp. SYMC.O. Microsoft said that vulnerabilities exist in its Internet Explorer Web browser, the most severe of which could allow an attacker to take complete control...

Microsoft on Tuesday issued alerts on several security flaws in Windows, the most serious of which could allow an attacker to gain control over a victim's computer. Microsoft released six security bulletins as part of its monthly patching cycle, three of which it deems "critical." The Redmond, Wash., software gives that rating to any security issue that could allow a malicious Internet worm to spread without any action required on the part of the user. One bulletin addresses three flaws in Internet Explorer. Of all the issues Microsoft offered fixes for Tuesday, these put users at most risk of attack,...

Microsoft's "monkeys" find first zero-day exploit Robert Lemos, SecurityFocus 2005-08-08 Microsoft 's experimental Honeymonkey project has found almost 750 Web pages that attempt to load malicious code onto visitors' computers and detected an attack using a vulnerability that had not been publicly disclosed, the software giant said in a paper released this month. Known more formerly as the Strider Honeymonkey Exploit Detection System, the project uses automated Windows XP clients to surf questionable parts of the Web looking for sites that compromise the systems without any user interaction. In the latest experiments, Microsoft has identified 752 specific addresses owned by...

Forget the Fantastic Four. As I write, the forces of Good (the White Hats) and Evil (the Black Hats) are fighting for control of the Internet as we know it. At stake is the exploitation of flaws affecting the once-invincible Cisco router hardware, which currently carries most of the Internet's traffic on a daily basis. Once a working exploit for the Cisco IOS Shellcode is available on the Internet, it'll be only a matter of days before someone finds a way to craft it into a network worm. And then it's going to be a rough ride for everyone who...

Computer worms may soon wriggle around the early warning systems that detect an impending attack, a study by US scientists has revealed. John Bethencourt and colleagues at the University of Wisconsin in Madison discovered that carefully probing network addresses can reveal the location of hidden sensor networks that alert network operators to an impending attack. Armed with this information, the creator of a computer worm could create code that bypasses these traps and infects more computers as it spreads. The researchers say the same principle could enable troublemakers to bypass other forms of network defences, including blocks against intruders probing...

A serious flaw has been discovered in a core component of Windows 2000, with no possible work-around until it gets fixed, a security company said. The vulnerability in Microsoft's operating system could enable remote intruders to enter a PC via its Internet Protocol address, Marc Maiffret, chief hacking officer at eEye Digital Security, said on Wednesday. As no action on the part of the computer user is required, the flaw could easily be exploited to create a worm attack, he noted. What may be particularly problematic with this unpatched security hole is that a work-around is unlikely, he said. "You...