Technical Writing Geek writes "A report on threats via the Internet released by a Georgia Tech research center indicates online video may be a new avenue of attack. As the popularity of flash media continues to explode, hackers may be targeting embedded video players and more traditional video downloads with worms and virii. 'One worm discovered in November 2006 launches a corrupt Web site without prompting after a user opens a media file in a player. Another program silently installs spyware when a video file is opened. Attackers have also tried to spread fake video links via postings on YouTube ... Another soft spot involves social networking sites, blogs and wikis. These community-focused sites, which are driving the next generation of Web applications, are also becoming one of the juiciest targets for malicious hackers.'"

Juha-Matti Laurio writes "A consignment of laptops from German manufacturer Medion, sold through German and Danish branches of giant retail chain Aldi, have been found to be infected with the boot sector virus 'Stoned.Angelina', first seen as long ago as 1994. The affected notebook models (German language) Medion MD 96290 have been pre-installed with Windows Vista Home Premium and Bullguard anti-virus, which reportedly is unable to remove it. A special removal tool was released to clean the laptops. Aldi has shared the same warning as well. Two years ago several thousands of Creative Zen Neeon MP3 players were shipped with a Windows worm Wullik.B."

An anonymous reader writes "Seems like the Storm botnet that was behind the last two waves of attacks is also responsible for this new kind of social-engineering based attacks, using spam to try and convince users of the necessity of using Tor for there communications. They 'kindly' provide a link to download a trojaned version of Tor. This blog entry has a link to the original post on or-talk mailing list which has some samples of the messages."

capnkr writes "It looks like the efforts of the anti-scammers at sites like 419eater, Scamwarners, Artists Against 419, and possibly others have become the target of the Storm botnet. Spamnation has a post about it, and as of this writing none of the above listed sites are responding. Spamnation reports that CastleCops and other anti-spam forums are being DDoSed as well. Sounds like a massive, concerted effort against the folks who are fighting the good fight. Although I hate it for the owners and admins of the above sites, I think it shows without a doubt that their efforts to 'get back' at the scammers are working."

We've gotten a number of submissions about the new tricks the massive Storm botnet has been up to. Estimates of the size of this botnet range from 250K-1M to 5M-10M compromised machines. Reader cottagetrees notes a writeup at Exploit Prevention Labs on a new social engineering attack involving YouTube. The emails, which may be targeted at people who use private domain registrations, warn the recipient that their "face is all over 'net" on a YouTube video. The link is to a Storm-infected bot that attacks using the Q4Rollup exploit (a package of about a dozen encrypted exploits). And reader thefickler writes that the recent wave of "confirmation spam" is also due to Storm, as was the earlier, months-long "e-card from a friend" series of attack emails.

talkinsecurity writes "In a public, side-by-side test conducted last night at LinuxWorld, ten antivirus products were confronted with 25 known viruses. The results were surprisingly disparate. Only three of the products caught all of the viruses; three only caught 61 percent, and one caught an abysmal 6 percent. The test, which wasn't particularly complicated, proves that there still are wide differences in the effectiveness of AV tools. A lot of people think all AV tools are the same — they're not!"

The Storm worm has been an increasing problem in the last few months, but a change in tactics may mean something big is going to happen. The article discusses a bit of back story about the worm, including the somewhat frightening numbers about the millions of spam emails carrying the worm payload. They estimate between a quarter and a million infected systems usable for spam or DDOS attacks.

StonyandCher write(s) to spread news about the strange story of the reported Apple OS X worm, which is growing stranger by the day. The blog of the researcher who claimed to have created the malware reportedly received death threats. The blog was then hijacked, according to the researcher, who calls him/herself InfoSec Sellout. InfoSec blamed David Maynor for hacking the blog. For his part, Maynor apparently unmasked himself as "LMH" and InfoSec as Jon Ramsey. The post to the Fuzzing mailing list has not been independently confirmed.
Update: 07/19 13:48 GMT by KD : David Maynor wrote in and denies that he is LMH.

SkiifGeek writes "Controversy is slowly building over the development of a claimed new worm that targets OS X systems, dubbed by its inventor Rape.osx. Using a currently undisclosed vulnerability in mDNSResponder, the worm is said to give access to root as it spreads across the local network. As with a number of recent Apple-related security discoveries, the author, InfoSec Sellout, is delaying reporting the vulnerability to Apple until after completing full testing of the worm. While the worm has yet to leave a testing environment (with 1,500 OS X systems), it is bound to join the likes of Inqtana and Leap as known OS X malware."

bl8n8r writes "In July of 1982, an infected Apple II propogated the first computer virus onto a 5-1/4" floppy. The virus, which did little more than annoy the user, Elk Cloner, was authored in Pittsburgh by a 15-year-old high school student, Rich Skrenta. The virus replicated by monitoring floppy disk activity and writing itself to the floppy when it was accessed. Skrenta describes the virus as "It was a practical joke combined with a hack. A wonderful hack." Remember, he was a 9th grader when he did this."

An anonymous reader writes "An article at Net Security explores how malware has developed self-defense techniques. This evolution is the result of the double-edged sword of the malware arms race. Anti-virus technology is ever more advanced, but as a result surviving viruses are increasingly sophisticated. What Net Security offers is a lengthy look at the current state of that arms race. 'There are many different kinds of malware self-defense techniques and these can be classified in a variety of ways. Some of these technologies are meant to bypass antivirus signature databases, while others are meant to hinder analysis of the malicious code. One malicious program may attempt to conceal itself in the system, while another will not waste valuable processor resources on this, choosing instead to search for and counter specific types of antivirus protection. These different tactics can be classified in different ways and put into various categories.'"

Pabugs writes with a CNN story about an uncomfortable development in world politics and information technology. According to General Robert Elder, an Air Force military man setting up a 'cyber command' in Louisiana's Barksdale Air Force Base, the nation of China is already in the process of developing their own 'cyber warfare' techniques. While Elder described the bulk of China's operations as focusing on espionage, they and others around the world have more serious goals in mind. "The Defense Department said in its annual report on China's military power last month that China regarded computer network operations -- attacks, defense and exploitation -- as critical to achieving "electromagnetic dominance" early in a conflict. China's People's Liberation Army has established information warfare units to develop viruses to attack enemy computer systems and networks, the Pentagon said. China also was investing in electronic countermeasures and defenses against electronic attack, including infrared decoys, angle reflectors and false-target generators, it said."

An anonymous reader writes "When Yahoo!'s Jeremy Zawodny recently asked What the heck is Web 2.0 anyway? he received a set of responses reminiscent of those garnered by The Register back in 2005, which famously concluded, based on its readers' responses, that Web 2.0 was made up of 12% badger's paws, 6% JavaScript worms, and 26% nothing. Nonetheless, as Social Computing (SoC) widens and deepens its footprint, another Jeremy — Jeremy Geelan — has asked if we are witnessing the death of 'Personal' Computing. SoC, Geelan notes, has already become an academic field of study. But perhaps Social Computing too is just badger's paws?"

quixote9 writes "Calorie restriction while maintaining nutrient levels has long been known to dramatically increase life spans. Very different lab animals, from worms to mice, live up to 50% longer (or even more) on the restricted diets. However, so far, nobody has been able to figure out how this works. Scientists at the Salk Institute have found a specific gene in worms (there's a very similar one in people) that is directly involved in the longevity effect. That opens up the interesting possibility that doctors may someday be able to activate that gene directly and we can live long and prosper . . . without giving up chocolate."

dasButcher writes "Is a conventional signature-based antivirus technology dead? Trend Micro CEO Eva Chen says no, but more is needed. Her answer: reputational analysis. Not a bad idea, but many have tried and failed to make this type of approach work. We've seen it all before: RBLs, integrity grading, etc. What will make this different? If we're not careful, Trend Micro might give us all a bad Web reputation. "

An anonymous reader writes "An increase in malware originating from China has not gone unnoticed by security researchers, according to the site ITWeek. The aggravating software has been increasing over the last three months, to the point where some unlucky persons may be getting some every day. Individuals interviewed for the article are seeing an increasing sophistication and independent use of rootkits, new to the Chinese malware scene. 'China has traditionally been a hotbed of password stealers who go after log-in names and passwords for online games such as World of Warcraft. The criminals are after virtual currencies and goods which can be sold on auction websites.' These new types of software are actually encrypted, and can prove hard to dismantle."

jimbojw writes "In a recent security advisory Fortinet is reporting that due to Blogger's popularity, hackers have started to embed malicious scripts on some blogs. 'These scripts have shown up on hundreds of Blogger.com sites. In some cases, a variant of the Stration mass mailer is responsible for directing traffic to the Blogger.com sites.' CNET reports on the situation, quoting an unnamed Google representative as saying 'These are not legitimate blogs that were compromised. They appear to be deliberately set up to promote phishing, which is against our terms of service. We are investigating, and blogs found to include malicious code or promote phishing will be deleted.' The blogs in question use meta or JavaScript redirection to push traffic to a phishing or malware site. Links to the blogs are subsequently mass-mailed by infected visitors — typically via worms in the Stration family. We can only hope that this will not cause Google to remove Blogger.com's templating engine — which is both a source of its strength, and a potential liability as illustrated by these recent attacks."

MichaelSmith writes "Several news sites are reporting that a worm is starting to exploit the Solaris Telnet 0-day vulnerability. By adding simple text to the Telnet command, the system will skip asking for a username and password. If the systems are installed out of the box, they automatically come Telnet-enabled. 'The SANS Internet Storm Center, which monitors Internet threats, has noticed some increase in activity on the network port used by Solaris' telnet feature, according to an ISC blog posted on Tuesday. "One hopes that there aren't that many publicly reachable Solaris systems running telnet," ISC staffer Joel Esler wrote.'"

With some brand-new content, modern classics, and old favorites thrown together, Microsoft has announced the details for 10 new Xbox Live Arcade titles. Starting with the first week of February, a series of games will bring some new blood back to Xbox Live Wednesdays. While it's nice to see them announcing new titles like Eets and Band of Bugs, some of these titles have been vaguely expected since the middle of last year. Catan, Alien Hominid, and Worms have been expected for months now, so it's definitely gratifying to see these slated to be released in the near future. Here's hoping the company keeps up this initiative moving forward into 2007.

An anonymous reader writes "The Washington Post is reporting that Microsoft received help from the National Security Agency in protecting the Vista operating system from worms and viruses. The Agency aimed to help as many people as they could, and chose to assist Vista with good reason: the OS still has a 90 percent lock on the PC market, with some 600 million Vista users expected by 2010. From the article: 'The Redmond, Wash., software maker declined to be specific about the contributions the NSA made to secure the Windows operating system ... Microsoft said this is not the first time it has sought help from the NSA. For about four years, Microsoft has tapped the spy agency for security expertise in reviewing its operating systems, including the Windows XP consumer version and the Windows Server 2003 for corporate customers.'"