The computer security industry is buzzing with warnings that more than half a million Macintosh computers may have been infected with a virus targeting Apple machines.

Dr. Web originally reported Wednesday that 550,000 Macintosh computers were infected by the growing Mac botnet. But later in the day, Dr. Web malware analyst Sorokin Ivan announced on Twitter that the number of Macs infected with Flashback had increased to 600,000, with 274 of those based in Cupertino, Calif.

Dr. Web explained that a system gets infected with the Mac Flashback trojan "after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system." A specific JavaScript code on the site that contains the virus is then used to load a Java applet, which is how the malware makes its way onto a user's computer.

This Trojan spreads via infected web pages and exploits Java vulnerabilities that have been known for some time, yet Apple didn’t see fit to release a patch until this week (Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001). Keep reading

Removal Tool

[ source ]

The Kaspersky Virus Removal Tool application was designed to be another virus scanner and detection software from Kaspersky. The produst will scan the specified locations for any virus threats and remove them or send to Quarantine folder.
Kaspersky Virus Removal Tool 2010 is a utility designed to remove all types of threats from computers. Kaspersky Virus Removal Tool 2010 uses the effective detection algorithms realized in Kaspersky Anti-Virus and AVZ.
Kaspersky Virus Removal Tool 2010 does not provide resident protection for your computer. After disinfecting a computer, you are supposed to remove the tool and install a full version of antivirus software.
Advantages:
• Simplified interface.
• Can be installed to an infected computer (Safe Mode supported).
• Composite scan and disinfection system: signature detection and heuristic analyzer.
• Gathering system information and interactive creation of scripts for disinfection.
General functions:
• Automatic and manual removal of virus, Trojans and worms.
• Automatic and manual removal of Spyware and Adware modules.
• Automatic and manual removal of all types of rootkits.

Kaspersky Virus Removal Tool is Freeware

[ source ]

Data GFI Software, computer on 10 attacks. Variants of fake antivirus or Fake Antivirus is still crowded.

Where it comes from a fake antivirus. Most spread via spam. In the email example, given a link that leads to a site / address. When you click and go to the site then the criminals are already providing technical computer to find the weaknesses in their program can be infiltrated.

So far above techniques still used by Internet criminals, it is better not to carelessly click the link that is not clear. To keep the computer is not infected, computer users should take caution and understand what they need to click.

Most malware is stored at a particular site is not intentionally take advantage of updated computer, not in the patch and the sodium absorption ratio have antivirus system. Their target is the weakness of Microsoft and Adobe software bug.

Data GFI during the month of February, 10 variants of the attack by using fake antivirus malware, trojan or a malicious program is reported below.

Detection Type Percent

Trojan Trojan.Win32.Generic 35.63
GamePlayLabs Browser Plug-in 3.66
Adware Yontoo 2.79
INF.Autorun (v) Trojan 1:41
Trojan.Win32.Ramnit.c (v) Trojan 1:02
Trojan-Trojan Spy.Win32.Zbot.gen 0.94
Virus.Win32.Sality.at (v) 0.94 Virus.W32
Worm.Win32.Downad.Gen (v) 0.92 Worm.W32
Trojan.Win32.Jpgiframe (v) Trojan 0.87
GameVance Adware (General) 0.87

Antivirus Removal Tool

[ source ]

RIAA Spams
Spam emails a week ago appeared in the name of the RIAA
Message in the email subject with Notifications of copyright violation

Complete message below

Object: Notification of copyright violation

Dear [email address removed], we hereby notify you That your IP address has been Identified as distributing copyrighted content. Please see the attachment to this message for illicit Internet traffic details.

Failure to respond to this message within 14 days will result in Copyright Infringement accusation and standard legal procedures.

Recording Industry Association of America (RIAA)
1330 Connecticut Avenue NW Suite 300
Washington, DC 20036
tel: 202-775-0101
fax: 202-775-7253

In the attachment there are a trojan payload to a Russian site. The malicious file is report.zip Internet traffic (Internet traffic report.exe)

The payload of the Trojan Agent is activated by the recipient, will attract other file Downtraff.RU. [ ... ]

Anti Virus Removal Tools

[ source ]

Secunia PSI 3.0
Secunia Personal Software Inspector (PSI) is a free program that scans the system for programs that are installed in an outdated version.The developers have just released the first beta version of Secunia PSI 3.0 for Windows. A new version of the Personal Software Inspector (PSI) tool from vulnerability management firm Secunia automates the updating of third-party programs that don’t already have auto-updaters built-in.

When you start the program for the first time after installation, you are asked to run a scan on the system. Secunia compares the list of installed software with the latest versions stored in their database. A list of outdated programs are then displayed in the program interface. Keep reading

Anti Virus Removal Tool

[ source ]

DNSChanger Network

The Internet could go dark for millions of users as early as March 8 because of a virus that has corrupted computers in more than 100 countries.
The computer script, called DNSChanger Trojan, taps into fraudulent servers, sending users of the Web to unintended – and sometimes illegal – sites.
Though the FBI has shut down the DNSChanger network and put up surrogate servers, they warned the solution was only temporary – and the court-ordered deadline is March 8.
‘DNSChanger’ could cause millions – including Fortune 500 companies – to lose their Internet if the FBI shuts down surrogate servers

[ source ]

PandaLabs reports a new botnet called Ainslot.L. Botnets are categorized as malware and botnets.
Made to record any activity of a computer, download other malware to infect the victims computer and take over the computer.
This Ainslot.L jobs like banking trojan, steal important data such as online banking and financial transactions. Ainslot.L even able to scan the computer and look for another bot then kicked it, so that only he himself in power.
The spread of counterfeit Ainslot.L via email, as if sent from the email address of UK online clothing store Cult.

Anti Virus Removal Tool

A new piece of Android malware named Android.Bmaster, first highlighted by researcher Xuxian Jiang at North Carolina State University, was uncovered on a third-party marketplace and is bundled with a legitimate application for configuring phone settings, Symantec researcher Cathal Mullaney wrote in a blog.

This Malware is estimated to affect between 10,000 and 30,000 phones on any given day. The malware, mostly found on Chinese phones, works by using GingerBreak, a tool that gives users root access to Android 2.3 Gingerbread. RootSmart is designed to escape detection by being named “com.google.android.smart,” which the same name as a settings app included by default with Android operating systems.

Mullaney explained that once the malware is installed on the Android phone, an outbound connection from the infected phone to a remote server is generated.“The malware posts some user and phone-specific data to the remote address and attempts to download and run an APK file from the server. The downloaded file is the second stage in the malware and is a Remote Administration Tool (RAT) for Android, detected as Android.Bmaster. This type of malware is used to remotely control a device by issuing commands from a remote server”. Keep reading

Removal Tool

[ source ]

Zscaler has launched a new freE online service called Zulu that can assess the security risk associated with URLs by analyzing the content they point to, as well as the reputation of their corresponding domain names and IP addresses.

Zulu allows security savvy users who investigate various web attacks to choose what User-Agent and Referrer headers the scanner will use when accessing a URL. “A unique benefit of this approach is that we can deliver a risk score even when the page content is no longer available,” said Michael Sutton, vice president of security research at Zscaler. “While we can’t access the page, we can still assess the URL and host and when they deliver a high risk score despite a lack of page content, one can often conclude the page was indeed malicious but has since been taken down,” he explained. Keep reading

[ source ]

SP Toolkit – Open Source Phishing Education Toolkit

A new open source toolkit makes it ridiculously simple to set up phishing Web sites and lures. The software was designed to help companies test the phishing awareness of their employees, but as with most security tools, this one could be abused by miscreants to launch malicious attacks.

The spt project is an open source phishing education toolkit that aims to help in securing the mind as opposed to securing computers. Keep reading

Kaspersky Virus Removal Tool

[ source ]

From last week premium rate SMS Trojans surfaced in the Android Market. Google has pulled 22 apps that are masquerading as legitimate versions of popular games like Angry Birds and Cut the Rope. Security researchers have discovered a way to bypass an Android smartphone owner’s permissions and access private data stored on their smartphone.

Avast Blog explain this as – For example, if someone tried to look for “Cut the rope free”, this malicious application was in the fourth place in the search results. Apps published by the developer Miriada Production may look like well known Android games (Angry birds, Need for speed, World of Goo and others) and users could be easily confused.

The fake apps include “Cut the Rope”, “Need for Speed”, “Assassins Creed”, “Where’s My Water? “,”Riptide GP”, “Great Little War Game”, “World of Goo”, “Angry Birds”, “Shoot The Birds”, “Talking Tom Cat 2″, “Bag It!” and “Talking Larry the Bird”. The apps have been pulled from the Android Market.
The fraudulent apps would install a premium rate SMS Trojan that would rack up hidden charges on the user’s phone bill. The apps would lure customers into clicking on options that would send text messages to premium line numbers leaving the user to foot the bill. According to Lookout Mobile Security, the new threat called RuFraud has been found in an initial batch of apps on the Android Market that include horoscope apps, wallpapers, and game apps that pretend to be legitimate games like Angry Birds.

What will happens if these threats are installed in your mobile devices?
It will attempts to send text messages containing the string “798657” to premium-rate numbers using the infected device’s current default SMS Center (SMSC) by exploiting the Permissions function (android.permission.SEND_SMS), Capable of sending an affected user’s GPS location via HTTP POST, Opens several ports and connects to specific URLs to receive and execute commands from a remote user, Gathers information like International Mobile Equipment Identity (IMEI) and International Mobile Subscriber Identity (IMSI) numbers from infected systems, which is then sent to a specific site and Secretly forwards all incoming text messages to a remote user.

Keep reading

[ source ]

Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are again down for maintenance due to a security breach that was discovered on September 8, 2011. Investigators yet can’t elaborate the source of attack. Regarding coming back online , Linux.com says “Our team is working around the clock to restore these important services. We are working with authorities and exercising both extreme caution and diligence. Services will begin coming back online in the coming days and will keep you informed every step of the way.” The added “We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information.”

Keep reading

As US senators mull over the SOPA(Stopping Online Piracy Act) and PIPA(Protecting Intellectual Property Act) bills, the world stands witness to a historic moment. Almost all big IT companies like Google, Wikipedia, Facebook, Mozilla, Godaddy, etc are speaking in one unanimous voice against SOPA and Internet Censorship. The draconian provisions of SOPA/PIPA are bound to create the deathbed of internet freedom and free speech, and if a careful reading of the proposed legislation is done, one realizes that it is likely to have the same impact on India

Keep reading

The Kaspersky Virus Removal Tool

More than 800 members is on Facebook. Making social networking site Facebook as the world’s largest. In addition to the large member, Internet criminals are also interested in the existence of Facebook.
Facebook members should be ready to receive spam every day. 20% risk of malware attacks and 600 thousand pirated accounts reportedly used every day.
How to cope with attacks on Facebook. Can be started from a few tips below.
Use strong passwords with a combination of numbers and letters long.
Never accept an unknown friend.
Remember always your friends who do the sharing and sending messages to you.
Enable HTTPS feature of the settings in Facebook.
Do not click unnecessary links or unclear.
Download Free Security software is also software for security.

The Kaspersky Virus Removal Tool

[ Thatcoin.com ]

Win32/Ramnit virus penetrated into networking site Facebook. Win32/Ramnit virus has managed to steal more than 45 thousand Facebook members login worldwide. The majority are exposed to the virus in England and France. Win32/Ramnit brought some parts of other malware to infect Windows systems.
Win32/Ramnit found in April 2010 as a category of Malware. Microsoft Malware Protection Center attack portray Ramnit Windows executable file (EXE), SCR, DLL and HTML, then steal important data and store data FTP and browser cookies.

July 2011, a report from Symantec estimates Ramnit new variants appear. August 2011 from Tusteer mention, Ramnit designed to steal financial data. During September to December 2011, an estimated 800 thousand computers have been infected Ramnit. Varian Ramnit re-emerged, allegedly targeting a Facebook account as a member login.


The Kaspersky Virus Removal Tool


Keep reading

The BackBox team is proud to announce the release 2.01 of BackBox Linux.The new release include features such as Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8.0. The ISO images (32bit & 64bit) can be downloaded from the following location: http://www.backbox.org/downloads

What’s new

System upgrade
Performance boost
New look
Improved start menu

Bug corrections

Keep reading

Blackberry OS 10 News

For you who longing for free Android antivirus, this is an exciting THN news for you. Avast, one of the famous antivirus vendors, now has launched Android Antivirus you can use for free! This Antivirus mobile is named Avast Mobile Security.
Avast Free Mobile Security supports a number of features that are usually available only in paid-for Android security software. These include privacy reports, call and SMS filtering, SIM-card change notifications, firewall and application management.
By using Avast Mobile Security in your Android phone, your cell phone will be protected from virus, threat, hacker, even it’s able to minimize your loss if your Android cell phone is stolen. The antivirus component supports real-time protection and automatic updates. Updates can be configured to only be downloaded over certain types of connections and the interface can be protected with a password.

Keep reading

[ Thatcoin.com ]