centre{source}

Check out our latest product, Dekko Time. After 2 long years we have finally reached a beta stage in the development and we are working hard towards a full launch SOON!

All account types are being offered for free during this beta stage. Use the coupon code ‘free’ on the payment tab when signing up for single and multi-user premium account types. Using this coupon will allow you to bypass the payment step and get your premium account for FREE!

Click here to signup for Dekko Time today.

A rather nasty bug in Windows has a rather unfortunate result:

What started like a nice and quiet day ended with the potential for lots of nasty surprises. A reader alerted us to a vulnerability note published by Secunia that on first sight did not appear to be overly scary. Once we started to play with it, though, the nastiness became apparent: An overly long registry entry can be added, but won’t be shown by regedit and regedt32. Even better, all registry entries that get added afterward under the same key, even if not overly long, will be hidden as well.

Continue reading "long registry entries"...

This is pretty incredible — and ballsy. Hackers are now using an IE vulnerability to break into PCs, encrypting data, and then leaving a ransom note for a sum of money to get the key to decrypt their personal data.

Pretty sneaky.

The F-secure weblog reports that though the Sober.Q worm appears to be checking web locations for new updates, none of the locations it is checking are available, so it may not get another chance for another round of infections.

We have received word of a fake e-mail making the rounds posing as a Microsoft security update that points you at a URL which will infect you with the Pinfi/Parite virus. We haven’t seen a sample of this yet, but if anyone runs across it please let us know.

Microsoft provides a reference which tells you how to determine whether an MS security bulletin is authentic or not.

On or around the 10th of May, Sober.P suddenly stopped spreading and started checking some locations periodically, presumably to download a variant and continue spreading.

Yesterday, a new variation was detected, as expected, and was downloaded to these infected machines and has become active as of today.

This variant, however, rather than spreading, is simply sending out spam. Given the volume of proliferation that Sober.p enjoyed, this could be quite a headache.

Swirbo is blocking this new variant, although it doesn’t appear to be spreading via e-mail at this time.

Continue reading "new sober variation"...

Hot on the heels of the vulnerabilties discovered in Firefox, Mozilla has released Firefox 1.04. It’s not on the front page, yet, but you can get it here.

Details on these vulnerabilities can be found on our post as well as this mozillazine article.

There’s a new cross-site scripting vulnerability in Mozilla FireFox 1.03. If you are using Firefox, take the following steps to work around the problem until a fix is issued by Mozilla:

Solution:
1) Disable JavaScript.

2) Disable software installation: Options –> Web Features –> “Allow web sites to install software”

NOTE: A temporary solution has been added to the sites “update.mozilla.org” and “addons.mozilla.org” where requests are redirected to “do-not-add.mozilla.org”. This will stop the publicly available exploit code using a combination of vulnerability 1 and 2 to execute arbitrary code in the default settings of Firefox.

Sophos is claiming that this latest Sober.P variant now accounts for almost 79% of all viruses that the anti-virus firm sees on their protected networks. They also estimate it’s over 2% of all e-mail, although an estimate like this is likely to be harder to make.

Swirbo can definitely vouch for this increase — the number of instances of this virus we have blocked more than doubled between the 3rd and the 4th, making it a much larger portion — nearly 90% — of all our virus traffic.

Continue reading "sober.p spreads"...

Kasperky’s site has some more details on the latest variation of Sober.P going around.