This Week In Security
Lots of Microsoft news this week!
Spyware/Malware/Phishing/Virus/etc:
More Brits than ever are placing themselves at risk of identity fraud, despite awareness campaigns warning them of the dangers.
http://www.theregister.co.uk/2006/10/16/id_fraud_prevention_week/
McDonalds Japan has launched a recall after discovering that MP3 players it offered as a prize were loaded with a particularly nasty strain of malware. Up to 10,000 people might have been exposed to the problem after claiming a Flash MP3 player pre-loaded with ten tunes and a variant of the QQpass spyware Trojan.
http://www.theregister.co.uk/2006/10/16/mcd_spyware_mp3_recall/
The image to the left is something that surfaced on the murky waters of the web a few days ago - Zango is just one of a number of words I monitor on a regular basis to see if anything's kicking off on the Internet. Well, my Zangometer suddenly off the scale and I just had to get to the bottom of it.
http://www.vitalsecurity.org/2006/10/anyone-know-what-deal-is-with-zango.html
A nice little scam making the rounds victimizes sellers of computer hardware as the scamster asks for benchmarks of the system for sale, provides a link to Fraps for the vicitm to use, and delivers a keylogger with it.
The marketplace for phishing toolkits, which can allow technophobe criminals to quickly and easily set up spoofed versions of banking Web sites, is booming, with kits changing hands for as little as $30.
Tipper Nic directs our attention to this forum post, where we read of a disheartening little slip of paper that suggests some seriously gross spyware will be installed along with Battlefield 2142, all in the name of in-game advertising:
http://www.kotaku.com/gaming/centipedes/battlefield-2142-with-a-dash-of-spyware-207955.php
Spyware researcher Ben Edelman has documented several issues with toolbars distributed by IAC Search and Media's FunWebProducts that lead him to criticize how those toolbars function.
Apple said that a small number of video iPods made after Sept. 12 included the RavMonE virus. It said it has seen fewer than 25 reports of the problem, which it said does not affect other models of the media player, nor does it affect Macs.
http://news.com.com/Apple+loads+Windows+virus+on+iPods/2100-7349_3-6126804.html?tag=nefd.top
Microsoft has blocked the attack vector used to slip unsigned drivers past new security policies being implemented in Windows Vista, according to Joanna Rutkowska, the stealth malware researcher who created the exploit.
http://www.eweek.com/article2/0,1895,2034307,00.asp
An email promising racy pictures of teenage Russian pop group Tatu is, yes, a new Trojan.
http://www.techworld.com/security/news/index.cfm?newsID=7149&pagtype=all
Security & Legal:
The Spamhaus Project Ltd. has told a U.S. court that it plans to appeal a recent ruling that threatened the volunteer organization with millions of dollars in legal fines and a possible shutdown of its database of known spammers.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9004179
Hackers are developing new software that will help hide browser attack code from some types of security software.
http://www.pcworld.com/article/id,127542-c,hackers/article.html
The phishing scheme that targeted an unnamed midsized bank arrived in employee inboxes personally addressed, without spelling or grammar errors, and claimed to be from a journalist.
Microsoft:
Microsoft Corp. is limiting the number of machines to which users can transfer Windows Vista licenses as part of licensing changes the company has made to its Windows client operating system.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9004176
It is handbags at dawn after Microsoft has hit out at claims that a virus which was discovered in Apple's iVideo machine was its responsibility.
http://www.theinquirer.net/default.aspx?article=35199
It's been a long time coming, but Internet Explorer 7 is here at last. If you're dying to get your hands on the new browser, you can go download it right now, but there's really no need -- IE7 will soon come knocking on your door.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9004205
Less than 24 hours after the launch of Internet Explorer 7, security researchers are poking holes in the new browser.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9004259
The launch of Internet Explorer 7 soon saw a followup advisory that a vulnerability had been found in the browser, which Microsoft disputed. That was promptly followed by some heated rhetoric from security firm McAfee over Vista security.
Windows users have raised concerns about Microsoft Corp.'s new licensing for Windows Vista that will allow them to transfer a Vista license to only one machine other than the computer for which it was purchased.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9004276
Microsoft has quietly pushed back the third official service pack for Windows XP to 2008. Whether or not this is an issue seems to be one for debate.
http://www.internetnews.com/dev-news/article.php/3639101
Misc/Humour:
The US population has hit 300 million people, just 39 years after it reached 200 million, according to US Census Bureau estimates.
http://news.bbc.co.uk/2/hi/americas/6057004.stm
It's been said that the average American will see two million TV commercials by the time he or she turns 65. Doing some quick math in my head, I believe that means that I've seen...well, a terrifyingly large number of commercials for PCs and related products over the past 26 years or so. You too, maybe. (Some great old PC commercials here! JG)
http://blogs.pcworld.com/techlog/archives/002950.html
A US casino mogul has blown a deal to offload a Picasso painting for £74m ($139m) after accidently sticking his elbow through it, the BBC reports.
http://www.theregister.co.uk/2006/10/18/magnate_holes_picasso/
It's not exactly the dreaded Y2K problem, but the way computers and other electronic devices handle dates and times could soon be a source of headaches again.
http://www.theglobeandmail.com/servlet/story/RTGAM.20061018.wxtw-dst19/BNStory/Front/home
The US's largest consumer ISP has started its controversial scheme to make people will have to pay to send AOL members email.
