Virus and Anti-virus Information
Y2K History -- Free Anti-Virus Downloads and Links -- Y2K Bug-Fix Downloads and Links
Computer Virus Bulletin Board: For the latest Emergency related news and noticesAround the period of the Year 2000 transition it is expected that computer viruses will be spread by people seeking to destabilize the Internet.
Nov. 11, 1999 Patch Available for "scriptlet.typelib/Eyedog" Vulnerability Microsoft has released a patch that eliminates security vulnerabilities in two ActiveX controls. The net effect of the vulnerabilities is that a web page could take unauthorized action against a person who visited it. Specifically, the web page would be able to do anything on the computer that the user could do.
Frequently asked questions regarding this vulnerability Business Continuity Planning and Preparation for Disasters
About the CIH VirusYesterday and today April 26, 1999 we have received a number of requests for information about the virus for this reason we are posting the information below
Once the virus is triggered the first 2048 sectors of each hard drive in the computer are overwritten with random data. This area of the hard drive contains important information about the files on the computer. Without this file information the computer will think the hard drive is empty. The virus will also write one byte of data to the BIOS boot block which is critical for booting a computer. Writing to the system BIOS can be prevented by setting a jumper on most motherboards. Contact the computer vendor or motherboard vendor for assistance with their product. If the virus succeeds in reprogramming the flash BIOS ROM, there is no software remedy for it: your PC will no longer be bootable and the flash BIOS will need to be replaced or re-programmed in a special EEPROM programming device. Where the flash BIOS ROM is permanently attached to the motherboard, the entire motherboard will need replacing. The damage caused to the information on the hard disk is possibly recoverable by using data recovery services, and the success depends on the disk size, format, fragmentation etc. Volunteer opportunities through the Disaster Center Disaster Center Bulletin Board Directory.
Nov. 11, 1999 Patch Available for "scriptlet.typelib/Eyedog" Vulnerability Microsoft has released a patch that eliminates security vulnerabilities in two ActiveX controls. The net effect of the vulnerabilities is that a web page could take unauthorized action against a person who visited it. Specifically, the web page would be able to do anything on the computer that the user could do.
Frequently asked questions regarding this vulnerability Business Continuity Planning and Preparation for Disasters
About the CIH VirusYesterday and today April 26, 1999 we have received a number of requests for information about the virus for this reason we are posting the information below
Once the virus is triggered the first 2048 sectors of each hard drive in the computer are overwritten with random data. This area of the hard drive contains important information about the files on the computer. Without this file information the computer will think the hard drive is empty. The virus will also write one byte of data to the BIOS boot block which is critical for booting a computer. Writing to the system BIOS can be prevented by setting a jumper on most motherboards. Contact the computer vendor or motherboard vendor for assistance with their product. If the virus succeeds in reprogramming the flash BIOS ROM, there is no software remedy for it: your PC will no longer be bootable and the flash BIOS will need to be replaced or re-programmed in a special EEPROM programming device. Where the flash BIOS ROM is permanently attached to the motherboard, the entire motherboard will need replacing. The damage caused to the information on the hard disk is possibly recoverable by using data recovery services, and the success depends on the disk size, format, fragmentation etc. Volunteer opportunities through the Disaster Center Disaster Center Bulletin Board Directory.
National Infrastructure Protection Center,DOS Anti-virus packages, Mac Anti-virus packages, Virus Bulletin Home Page, Anti-virus Comparative Review, Doug Muth's Anti-Virus Help, ZDNet Software Library - Windows Utilities, Courtney Identifies the use of SATAN, NIST/CSL, IBM AntiVirus Hype Alert, How to Spot a Virus Hoax,IBM Emergency Response Service Virus History, Dr. Solomon's Virus Central, Network Associates McAfee and More, Symantec Norton AntiVirus and More, Panda Software Anti - Virus, AVP Software Anti - Virus, Rob's 'Computer Virus Myths' page, NH&: A Software Anti - Virus, Aladdin Knowledge Systems. E-Safe The Virus Bulletin, Sandrin Anti-Virus Connection, Virus Information Center, Joe Well's Wild Lists - Viruses in the wild, Open University Anti-Virus Information, Henri Delger's Virus Help and Information, Thomas Jefferson U's Virus Information, NIST Virus Information Page, Willems Free Anti-Virus Consultancy, J and A Virus Info, ICSA consortia. Anti-Virus Pages, Alt.Comp.Virus Newsgroup, Alt.Comp.Virus.Sourcecode Newsgroup, Computer Associates: Virus Information Center, MS-DOS Anti-virus Tools, NT bug exploit, AVP Virus Encyclopedia, Computer Virus Information, FAQs on VIRUS-L/comp.virus, Virus Library -- Hoaxes, Safetynet Security and Anti-Virus Cafe,' Threat Assessment, NIST virus information, IBM AntiVirus, Microsoft two ActiveX controls security vulnerabilities, Microsoft Security Advisor Program, Disinfectant TruSecure AntiVirus Policy Guide ,
Computer Virus Bulletin Board: For the latest Emergency related news and notices
Computer Virus Bulletin Board: For the latest Emergency related news and notices
ANITVIRUS SOFTWARE
How quickly the Web community reacts... Late yesterday evening, Symantec released an unsigned patch containing the file 'PIFTS.EXE'. Because the file was unsigned, it caused firewall alerts in Norton Internet Security and Norton Antivirus when the file attempted to access the Internet. It's not yet been revealed exactly what the purpose of the file was, but it's actions were to create a URL consisting of version information for certain Norton products. But though the actions of the file were pretty benign, reactions from users were anything but calm. Instead, spammers immediately began flooding Symantec forums, theory crafting many evil scenarios, leaving nonsense posts, and generally creating havoc. That led to Symantec deleting the threads, which in turn led to even more conspiracy theories and finger pointing.
Of course, malware distributors were quick to pick up on the controversy and immediately began seeding malware through search engines by posting links to malicious files using the keyword 'PIFTS.EXE'.
Symantec has since issued the following statement, which will hopefully put fears to rest and warn folks away from malware links appearing on search engine results pages:
Symantec released a diagnostic patch "PIFTS.exe" targeting Norton Internet Security and Norton Antivirus 2006 & 2007 users on March 9, 2009. This patch was released for approximately 3 hours (4:30 - 7:40 PM March 9, 2009 Pacific Time). In a case of human error, the patch was released by Symantec "unsigned", which caused the firewall user prompt for this file to access the Internet. The firewall alert for the patch caused understandable concern for users and began to be reported back to Symantec. Releasing a patch unsigned is an extremely rare occurrence that does not pose any security issues to our users. The patch reached a limited number of Norton customers and has subsequently been pulled from further distribution. Norton users are fully protected and do not need to take any action as a result of this issue.
There has been activity in the Norton User Forum related to PIFTS.exe which has generated additional concern and media speculation. At approximately 10:30pmET Monday March 9, Symantec detected that our User Forum boards were being abused by an individual or individuals. One individual created a new user account and posted about the name of the patch executable, PIFTS.exe. Within minutes, several dozen user accounts were created commenting on the initial thread, and/or creating new threads on the topic. Over the next few hours, over 200 user accounts were created. Within the first hour there were 600 new posts on this subject alone. While the intent of the spammer(s) remains unclear, there were no malicious links and it simply resulted in a widespread communications challenge for Symantec. Below are some examples of the forum spam we received from these new user accounts. These forum posts contained no text in the body of the message, simply a subject:
* O LAWD IM CHOKIN ON PIFTS PLZ HALP
* OH GOD YOU GOT CHOCOLATE IN MY PIFTS
* If you wanna be my NORTON/ you gotta deal with my P ! F T S . E X E
* IF PIFTS.EXE WAS HERE, THEN WHO WAS PHONE? * PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE * I LOVE MY PIFTS.EXE
Symantec strictly adheres to its Norton Community Terms of Service and does not delete postings unless they are in violation of these guidelines. Upon determining that our User Forums were being abused, Symantec began removing the spam posts.
Finally, it has also been reported by the Washington Post that hackers are taking advantage of this situation. "Some of the top searches (currently the 3rd and 4th result in a Google search) are Web sites that try to install malicious software when you visit them." When searching for information on "pifts.exe," Symantec strongly advises all users to be wary of following links to unknown sites as malicious users are attempting to use this hot topic to distribute malware.
Three things are clear to me from this incident. One - never, ever release an unsigned file if you're a security/firewall vendor. Two - Symantec's presence is so vast that even the simplest mistake can become an Internet sensation in mere hours. And three - malware distributors will miss no opportunity to capitalize on an event in order to do harm.
Is Firefox really safer than Internet Explorer?
Monday March 9, 2009
The short answer to the Firefox safety question is, "Well, yes, but..."
The longer answer is that out of the box (i.e. freshly installed), Firefox isn't really any safer. Like Internet Explorer, Firefox is prone to its own share of security vulnerabilities and exploits. However, if you add the free NoScript addon for Firefox and you disable Firefox http header refresh, Firefox becomes much safer than Internet Explorer or any other browser.
Beware the Online Scammer
The Internet makes it easier to accomplish many things - banking, research, travel, and shopping are all at our virtual fingertips. But just as the Internet makes it easier for legitmate pursuits, it also makes it easier for scammers, con artists, and other online miscreants to carry out their virtual crimes - impacting our real life finances, security, and peace of mind. These Internet scams are constantly evolving - here are some of the more common tactics used.
A Patch a Day...
Chances are, there are dozens of security vulnerabilities waiting to be exploited on your system. And it's not just the latest Excel vulnerability or the Windows operating system you need to be concerned about. Adobe Flash, Acrobat Reader, Apple Quicktime, Sun Java and a bevy of other third-party apps may host security vulnerabilities waiting to be exploited. To check your system, use the free Secunia Software Inspector service at least once a month.
Antivirus information
A virus is a computer program which can duplicate itself and 'infect' other computers automatically and can cause file deletion, system corruption and even cause computers to be formatted. With 10 to 15 new viruses discovered per day, the threat is growing exponentially with leading antivirus firm McAfee stating that more than 58,000 virus threats are currently in existence.
Viruses can be spread via any transferable media whether in the form of floppy disks, CDs, email attachments or in material downloaded from the Web. The most common form of transfer is via email, in the form of an attachment which, when opened, activate a virus and infect a com
No comments:
Post a Comment