If you are in any doubt about the importance of computer security, take a look at some of the recent news stories below.
Refer to our
Reference Material section for a collection of computer security articles that are written for business people, not computer technicians.
'Evolved' worms target all IM networks
11 August 2006 - Malware writers have developed worms capable of attacking all major instant messaging (IM) networks across both PC and Mac
platforms, security experts warned today. According to Kaspersky, there will be a sharp rise in next-generation IM worms which can spread via multiple IM networks.
Microsoft breaks patch records
11 August 2006 - Microsoft has patched almost as many critical vulnerabilities in the first 8 months of 2006 as it did in 2004 and 2005 combined,
security researchers said Wednesday. "2006 already is a record year," said Jonathan Bitle, product manager with security company Qualys. "It's great that we're finding them prior to large-scale attacks, but at the same time it's a concern about the quality of [Microsoft's] code."
Social networks riddled with malware
11 August 2006 - One in 600 profile pages on social networks host some form of malware, a new study has found. Research by security firm
ScanSafe analysed over five billion Web requests in July.
Hacker sophistication outpacing forensics
10 August 2006 - Attackers are using increasingly sophisticated methods to stay ahead of security incident response teams, said a security
consultant. In the never-ending cat-and-mouse game between hackers and those charged with stopping them, it's pretty clear who's winning--and it's not the cat.
HSBC exposed by flaw
10 AUGUST 2006 - MORE than three million customers of global banking giant HSBC have been left vulnerable while banking over the internet for
more than two years because of a security flaw.
Microsoft bug receives US-CERT alert
10 August 2006 - In a rare acknowledgement from a US Government agency of a critical software security bug, the US Computer Emergency
Readiness Team (US-CERT), has issued an alert about one of the critical bugs in Microsoft Windows addressed in the software company's August Patch Tuesday fixes.
Serious BlackBerry hack attack exposed
10 August 2006 - Many enterprises that have issued staff with BlackBerry mobile email devices will be vulnerable to a serious hack attack when
security researchers release exploit code, security experts warned today.
Skype spyware spam scam slammed
10 August 2006 - Users have been warned of a new phishing scam that is being distributed via spam emails purporting to come from Skype.
SurfControl said that it first detected the spyware attack, which is being sent in emails written in Turkish and claiming to be from Skype on the 8 August.
Microsoft fixes 23 flaws, including bug with MSBlast potential
9 August 2006 - It isn't the usual 'Patch Tuesday' at Microsoft, both the number of bugs disclosed and the tally of critical fixes broke previous
records. Microsoft on Tuesday published 12 security bulletins for Windows and Office that patched 23 vulnerabilities, 16 of which the Redmond, Wash. developer tagged as "critical." Both the number of bugs disclosed and the tally of critical fixes broke previous records.
One in three users are victims of viruses, spyware, or phishers
9 August 2006 - The odds of becoming a victim of viruses, spyware, or phishing are about one in three, Consumer Reports said in its annual report
on the Internet. In addition, U.S consumers spent at least US$7.8 billion over the last two years for computer repairs, parts and replacements, because of malware attacks, the non-profit magazine found in its 2006 State of the Net report.
Could your keyboard spy on you?
8 August 2006 - Researchers say that small devices called JitterBugs could piggyback onto network connections to discreetly send passwords and
other sensitive data over the Internet.
Trojan malware takes a bite out of BlackBerry
8 August 2006 - Security researcher Jesse D'Aguanno has developed what he bills as the first Trojan horse malware for Research in Motion Ltd.'s
(RIM) BlackBerry e-mail device. The software, which was demonstrated at the Defcon hacker conference over the weekend, appears to be a free tick-tack-toe download.
New Trojan Disguises Malicious Traffic
8 August 2006 - Websense raised the alarm Tuesday of a phishing Trojan that uses a new technique to cloak its activity. The San Diego-based
Web security company said that the Trojan, which installs itself as an Internet Explorer helper object, waits for the user to enter information in specific Web site forms -- particularly online banking sites -- then zaps the stolen data back to the attacker.
Net mafia winning security war
7 AUGUST 2006 - ORGANISED crime is winning the internet security war, specialists warned at the world's foremost gathering of computer
hackers in Las Vegas. The online peril is no longer brilliant young social outcasts penetrating networks for notoriety; it is international crime rings swiping billions of dollars with keystrokes and malicious computer codes, cyber cops agreed.
Google warns on 'unsafe' websites
7 August 2006 - Google has started warning users if they are about to visit a webpage that could harm their computer. The warning will pop up if
users click on a link to a page known to host spyware or other malicious programs.
Researchers warn over web worms
6th August 2006 - LAS VEGAS - Exploiting a lack of security checks in browsers and Web servers, web worms and viruses are likely to become a
major threat to surfers, security researchers speaking at the Black Hat Briefings warned on Thursday.
Intel Centrino vulnerability requires massive patch
3 August 2006 - Three major flaws in the Intel Centrino Wi-Fi device drivers have been described as horrible by a world leading security expert. The
flaws will require an enormous 129 MB patch to download and install.
Alert over stolen tax file numbers
2 August 2006 - More than 170 Australians have had their tax file numbers stolen by online scammers who captured the information from their
home computers when they were using the online e-tax system.
McAfee security programs may expose data
1 August 2006 - — Consumer versions of McAfee's leading software for securing PCs is susceptible to a flaw that can expose passwords and
other sensitive information stored on personal computers, researchers said Monday.
Black Hat: Hit spyware by punishing purveyors, experts say
3 August 2006 - With spyware a continuing plague for many computer users, some experts and IT workers are calling for stiffer penalties --
including jail time -- for convicted spyware purveyors. At a panel discussion yesterday during the Black Hat security conference here, speakers said that antispyware vendors are losing the fight against spyware creators, making more drastic measures necessary.
Identity theft virus infects 10,000 computers
3 August 2006 - MORE than 10,000 Australian computers have been infected by a trojan virus - invisible to most anti-virus software - that is
transmitting their owners' private details to identity thieves. The Australian Tax Office confirmed yesterday that 178 taxpayers had unwittingly revealed their tax file numbers while lodging tax returns online.
Microsoft plays down bug panic
2 August 2006 - Windows exploit code recently released into the wild is causing confusion in the security world, as it seems to overlap with a
critical bug Microsoft patched last month. Contrary to appearances, however, Microsoft has said the proof of concept code exploits a previously undiscovered flaw that just happens to be in the same component as one patched by last month's MS06-035 update.
Virus epidemic due to hit in August
2 August 2006 - Virus epidemic could hit in August, a month traditionally known for virus epidemics, according to Kaspersky Labs. According to
the anti-virus vendor, evidence of this can be found from previous years with Lovesan coming out in August 2003, numerous Mydoom variants in August 2004 and Mytob/ Bozori (aka Zotob) in August 2005.
Viral email traffic falls but threat remains
2 August 2006 - Clandestine threats are on the rise, despite a dramatic reduction in virus traffic. The proportion of infected email has dropped to a
new low of just one in 222 (0.45 percent), according to a security report by Sophos.
McAfee to release patch for vulnerability
1 August 2006 - McAfee Inc. will issue a patch tomorrow for a vulnerability affecting its SecurityCenter application, a security software management
tool. The vulnerability, rated "medium" by McAfee as far as its severity, could allow an unauthorized user to run code on a remote machine, the vendor said. It affects McAfee's SecurityCenter Versions 4.3 through 6.0.22.
New bot-powered Ebay scam uncovered
1 August 2006 - Scammers are using bots to create bogus Ebay accounts that boast trustworthy profiles in a new scheme to rip off buyers, a
security company said Monday. The scam, said Fortinet, is a new twist on an old con where criminals set up bogus auctions, rake in the proceeds, and then scram, never intending to ship anything to buyers.
JavaScript opens doors to browser-based attacks
31 July 2006 - Security researchers have found a way to use JavaScript to map a home or corporate network and attack connected servers or devices, such as printers or routers. The malicious JavaScript can be embedded in a Web page and will run without warning when the page is
viewed in any ordinary browser, the researchers said. It will bypass security measures such as a firewall because it runs through the user's browser, they said.
GSA warns public of e-mail scam
31 July 2006 - The General Services Administration is warning the public about an e-mail scam asking for personal credit card information. The
phishing attack is supposedly coming from GSA’s FirstGov.gov portal, fraud@firstgov.gov. It asks the recipient to click on a link for Money Access Online and submit credit card information to confirm the account as not been stolen or hacked.
Phishing scam targets Microsoft customers
31 July 2006 - US-based internet security firm SurfControl has warned email users to be on the lookout for an email phishing scam that appears to
be a message from Microsoft. The email conveys that the user has won a prize from Microsoft that can be claimed by visiting the Microsoft “Resolution Centre” and filling out a small form.
U.S. takes title as top spam-relaying nation in Q2
28 July 2006 - Sophos has published a report on the top 12 spam-relaying countries over the second quarter of 2006. Experts at SophosLabs
scanned all spam messages received in the company's global network of spam traps, revealing that for the first time in more than two years, the U.S. has failed to make inroads into its spam-relaying problem.
PayPal, Ebay focus of phising scams
28 July 2006 - PayPal and Ebay users are copping the brunt of the current storm of phising emails according to Sophos. In recent analysis the
security vendor found that over 75 percent of all phishing scams this year have been targeted at users of Ebay and PayPal.
Trojan spoofs Firefox extension, steals IDs
26 July 2006 - An identity-stealing keylogger that disguises itself as a Firefox extension and installs silently in the background was discovered
Tuesday by security vendor McAfee. According to the company, the "FormSpy" trojan horse monitors mouse movements and key presses to steal online banking or credit card usernames and passwords, other login information, and URLs typed into Firefox, the popular open-source browser.
Ransomeware risks rise; backups urged
26 July 2006 - Attacks where criminals hold kidnapped data for ransom are becoming more sophisticated, a security company said Tuesday. It's
only a matter of time before hackers have the upper hand. Although "ransomware" remains relatively rare, Moscow-based Kaspersky Labs stressed in a recently-published report that the threat is quickly increasing.
Experts issue call to arms on online fraud
25 July 2006 - Online fraud is becoming more organised, smarter and more dangerous because businesses are too reliant on customer
authentication tools such as secure keys, passwords and personal information, says a visiting US security expert.
'Anti-spyware' Trojan hits 100,000 UK firms
24 Jul 2006 - An email claiming to originate from an anti-spyware company is being used to spread a new Trojan downloader, security experts
warned today. BlackSpider Technologies said that the email is a classic example of social engineering.
Ransomware getting harder to break
24th July 2006 - Hackers may soon be pushing out ransomware packages so complex that they're beyond the decryption capabilities of the anti-
virus industry, according to a study by Russian anti-virus firm Kaspersky Lab.
Fake version of Google hides Trojan horse
21 July 2006 - Bot-herders have set up an exact copy of the download page for Google’s Toolbar plug-in in an attempt to lure users to download a
Trojan back door. Reported by security outfit Surfcontrol, some versions of the scam even spoof the correct Google Toolbar Web address for Internet Explorer, using Google’s own redirection service in an attempt to hide the real, non-Google address.
PowerPoint virus warning
21 JULY 2006 - MICROSOFT has warned of a new computer virus that exploits a vulnerability in its PowerPoint presentation software. Microsoft
issued an advisory on the company's security blog on July 17 about the virus, which is carried out when a user launches a PowerPoint attachment to an email or opens a file provided to them by the attacker.
Ad dishes up malware to more than 1M PCs
20 July 2006 - More than 1 million users of MySpace.com and other Web sites may have been infected with adware spread by a banner advertisement, according to iDefense, a computer security group. The advertisement, for a site called deckoutyourdeck.com, appeared in user
profiles on MySpace, an online community with at least 70 million users, said Ken Dunham, director of the rapid response team at iDefense, which is owned by VeriSign Inc.
Malicious Trojan disguised as Google Toolbar
20 July 2006 - UK-based Internet security firm SurfControl has detected a malicious threat disguised as a link to the widely used Google Toolbar.
Beginning late yesterday, an email began circulating that claimed to be from Google and offered information on what appears to be the latest version of the Google Toolbar.
Rootkits get better at hiding
19 July 2006 - A new Trojan horse is so good at hiding itself that some security researchers claim a new chapter has begun in their battle against
malicious-code authors. The new pest, dubbed "Rustock" by Symantec and "Mailbot.AZ" by F-Secure, uses "rootkit" techniques crafted to avoid the detection technology used by security software, Symantec and F-Secure said in recent analyses.
The State Of Spam
19 July 2006 - If billions of spam messages travel throughout the Internet every day, but consumers see just a few of them in their inboxes, do they really exist? Unsolicited bulk e-mail, otherwise known as spam, accounted for about 80 percent of all the e-mail traffic on the Internet during the first
three months of 2006. This was the conclusion reached by the international Messaging Anti-Abuse Working Group, whose members include AOL, Bell Canada, Cingular Wireless, EarthLink, France Telecom, Microsoft, Verizon, and Yahoo.
Eighty percent of new malware defeats antivirus
19 July 2006 - The most popular antivirus applications on the market are rendered useless by around 80 percent of new malware, according to
AusCERT. At a security breakfast hosted by e-mail security firm Messagelabs in Sydney on Wednesday, the general manager of the Australian Computer Emergency Response Team (AusCERT), Graham Ingram, told the audience that popular desktop antivirus applications "don't work".
Microsoft: Shun unexpected Office docs
19 July 2006 - Microsoft reacted to the growing attacks using unpatched exploits against its Office suite by issuing a security advisory Monday that
gave users one piece of advice: don't open or save unexpected Office files, even those received from trusted sources.
McAfee apologizes for tardy alert about flaw fix
18 July 2006 - Security firm McAfee did not have its finest hour last week. First it discovered that it had a flaw in a major corporate security software
product. Then it discovered that it had accidentally fixed the flaw. Then it took six months to alert users to the fact.
Unsecured email sparks dispute
18 JULY 2006 - A LARGE Melbourne hospital has sparked a dispute among doctors by sending out sensitive health information as email. One
doctor described unencrypted email as akin to a message being sent on a postcard through Australia Post.
Attackers let loose more PowerPoint exploit code
18 July 2006 - Three new proof-of-concept exploits targeting Microsoft's PowerPoint have been posted to public security mailing lists, Symantec
said Monday, increasing the danger posed by maliciously-crafted presentation files. The security vendor's researchers weren't certain whether the three exploits were distinct, or even if they attacked new vulnerabilities rather than the zero-day bug discovered last week.
Worm hits MySpace
18 July 2006 - A worm spreading through MySpace is embedding JavaScript code into users' profiles that redirects visitors to a site claiming the US government was behind the 9/11 terrorist attacks, a security company warned Monday. The unnamed worm isn't malicious, said Symantec
researchers, but the malformed Shockwave Flash (.swf) file containing the payload embeds JavaScript into the profile of any MySpace user who views the .swf file.
Hackers turn to Open Source
18 July 2006 - Hackers have borrowed the same open-source development techniques used to build Firefox, Apache, and Linux as they collaborate on malware projects, a security company's researchers claimed Monday. The McAfee Avert Labs researchers who contributed to the debut issue of
the company's "Sage" security journal laid out their case in several articles, ranging from one on open-source software in Windows rootkits to another on open-source and profit.
Phishers edge past banks' strong authentication
14 July 2006 - Scammers have found a way around new token-based authentication systems that have been adopted by some banks. Over the past few weeks, approximately 35 phishing Web sites have been set up that use the new attack. They attempt to trick users into divulging the
temporary passwords created by the security token devices used by banks such as Citigroup Inc., said Rich Miller, an analyst with Internet research company Netcraft Ltd.
Spam ratios on the rise
14 July 2006 - Spam rates are rising while cyber threats such as viruses and phishing attacks are shifting from traditional methods to more targeted
attacks, according to a report from security firm MessageLabs. The global ratio of spam in email traffic rose to 64.8 per cent in June, an increase of 6.9 per cent over the previous month.
Adobe fixes PDF reader flaws
13 July 2006 - Adobe Systems joined Microsoft on "Patch Tuesday" and delivered fixes for two security flaws in the ubiquitous Adobe PDF reader
software. The vulnerabilities affect Adobe's Acrobat and Reader software for both the Windows operating system and Apple Computer's Mac OS, Adobe said in two separate security advisories.
Phishers crack two-factor authentication
13 July 2006 - Security experts have detected a new type of phishing attack that could render two-factor authentication useless. A dual factor
security system typically uses a password and some kind of hardware security device such as a smartcard or a token that issues temporary passwords. Smartcards are commonly used within corporations while online transaction systems and banks opt for tokens.
New worm targets virus researchers
13 July 2006 - A new virus is targeting put virus researchers by attempting to disable the software tools they use to disseminate online pests. The
W32/Gatt virus was first detected earlier this month. The virus infects all .idc files, a format that is used for scripts for the Interactive Disassembler Pro application that is commonly used by virus researchers to analyse malware.
New PowerPoint flaw used in attacks
13 July 2006 - Attackers have found another hole in Microsoft Corp.'s Office products. On Thursday, Symantec Corp. reported that it has discovered
a targeted attack that takes advantage of an unpatched vulnerability in Microsoft's PowerPoint software.
Researcher to show code for 'wormable' Windows flaw
13 July 2006 - With security vendors worrying that a recently patched Windows bug may lead to a major worm outbreak, the researcher who discovered the flaw said Wednesday that he is weeks away from releasing code that exploits the problem. HD Moore, developer of the Metasploit
hacking tool, has developed software that could be used to crash a system that has not received Microsoft's MS06-035 update. However, the software could not be used to create the kind of self-replicating worm that some vendors see as a possibility, he said.
Win98, ME finally abandoned
12 JULY 2006 - MICROSOFT has stopped supporting its Windows 98 and Millennium Edition (ME) operating systems, effectively abandoning the
old version of its software. Microsoft no longer provides security updates, telephone advice or other technical support for Windows 98, Windows 98 Second Edition, and Windows ME.
Microsoft plugs worm hole in Windows
12 July 2006 - Microsoft on Tuesday made available fixes for 18 security vulnerabilities in Windows and Office software. The patches were delivered
in seven security bulletins, five of which Microsoft deems "critical," its most serious rating. One of the urgent fixes addresses a flaw in a Windows component that could be used to spread a worm. Other updates deal with Office flaws that have already been used in targeted attacks.
Gmail phishing email offers $500 prize
12 July 2006 - Low-rent conmen have crafted a phishing campaign that seeks to dupe gullible punters in emails posing as a random cash prize from
Gmail, Google's popular web mail service. The bogus email claims that prospective marks have been selected for a $500 cash prize.
Italians jailed for breaching Australian defence website
12 July 2006 - AN ITALIAN court has sentenced a group of hackers who penetrated the Australian Department of Defence's website and about 700
others, including the Pentagon's and NASA's. The Italian hackers penetrated the Defence Department's website on March 9, 2001.
Microsoft patches 18 bugs; two-month total swells to 39
12 July 2006 - Microsoft on Tuesday rolled out seven security updates for Windows and Office that fixed 18 bugs, a total that almost matched last
month's 2006 record of 21 vulnerabilities. Among them, said one security analyst, was the first flaw since August 2005 that could end up being used by a massive, network-attacking worm along the lines of Zotob, or even 2003's MSBlast.
Phishing with Google
12 July 2006 - IT security vendor Sophos has warned of a widespread phishing email campaign that tries to trick users out of money by pretending
to be a cash prize from Gmail- Google's popular free email service. The emails claim that the recipient has been randomly selected for the 500 US dollar cash prize and that the money can be automatically paid to them if they click on the embedded web link.
Hackers target State Dept. computers
11 July 2006 - The State Department is recovering from large-scale computer break-ins worldwide over the past several weeks that appeared to
target its headquarters and offices dealing with China and North Korea, The Associated Press has learned.
Microsoft releases seven security patches
11 July 2006 - As part of its monthly roundup of security patches for July, Microsoft Corp. today released seven bulletins detailing fixes for
vulnerabilities in a wide range of its products. Five of the bulletins address critical vulnerabilties, while two provide fixes for less severe flaws. Among the critical flaws disclosed today are two that exist on the server side.
Windows 98, Me support Ends, WinXP SP1 next
11 July 2006 - After two stays, Microsoft will drop all support for Windows 98, 98 SE, and Millennium after Tuesday. Microsoft has reminded users
several times that all support - including delivery of critical security updates - will cease after the regularly scheduled July 11 patch date for the operating systems, and has recommend users upgrade to Windows XP.
Spam careens out of control in June
9 July 2006 - According to a newly released report, the incidence of spam mail has once again careened out of control, jumping 6.9% in June to a
massive 64.8% of all emails sent in June. Email and web security provider, MessageLabs, announced the results of its MessageLabs Intelligence Report for June and the second quarter of 2006.
Consumers confused about online security
7 July 2006 - A recent survey shows consumers are totally confused about the level of online threats and how best to protect themselves. The
study from online shopping portal MutualPoints showed that of the 9,790 people surveyed almost all claimed to have taken steps to protect their computer and 88 per cent felt they had adequate security.
Security threats grow exponentially
7 July 2006 - McAfee has reported that security threats have grown at record speed over the last two years. While it took 18 years for the security
vendor to log its first 100,000 known viruses, it has taken less than two years for the company to log its 200,000th threat.
OneCare Firewall: a light-weight approach to a heavy-duty problem
7 July 2006 - Since Microsoft released its Windows Live OneCare security kit in June, there has been much discussion as to how the product
would benefit ordinary PC users and whether it really delivers on its mission of providing reliable, yet easy-to-use, PC protection for consumers.
Windows genuine disadvantage
7 July 2006 - Comment A recent lawsuit filed against Microsoft should have all companies reexamining their privacy policies to determine what
information they are actually collecting about customers and what they can possibly do with it.
Britain to hand over hacker
07 JULY 2006 - BRITAIN has approved the extradition a computer expert accused by the US of perpetrating the "biggest military hack of all time".
Gary McKinnon was arrested in June last year following charges by US prosecutors that he illegally accessed 97 US government computers - including Pentagon, army, navy and NASA systems - causing $US700,000 ($939,000) worth of damage.
Britain Agrees to Extradite Hacker Suspect to U.S.
6 July 2006 — Britain on Thursday approved the extradition of a computer expert accused by the United States of perpetrating the world's "biggest
military hack of all time." Gary McKinnon was arrested in June last year following charges by U.S. prosecutors that he illegally accessed 97 U.S. government computers—including Pentagon, army, navy and NASA systems—causing $700,000 worth of damage.
Most enterprises admit IT security failures
6 July 2006 - Almost 85 per cent of large US enterprises admit to having suffered an IT security incident over the past 12 months, and the number of
breaches continues to rise, new research warned today. According to a Computer Associates poll of 642 US enterprise corporates, security breaches have increased by 17 per cent since 2003.
Email gives way to new virus distribution tactics
6 July 2006 - The number of viruses transmitted by emails dropped to a record low in June, but spam is becoming an increasing problem for
businesses, according to research published this week. Figures from security services firm BlackSpider Technologies show that just 0.68 per cent of all emails sent in June contained viruses, breaking the previous record of 0.73 per cent in May.
ISPs fear zombie attacks
6 July 2006 - ISPs say the spam sent by zombie PCs is their biggest challenge and is the biggest threat to the security of their business users,
according to the results of a survey published this week by StreamShield Networks, a provider of managed internet security. ISPs said they were worried by the potential "disruption to service that spam zombie machines can cause".
July will be 'month of browser bugs'
06 July 2006 - Each day this month, a prominent security expert will highlight a new vulnerability found in one of the major Internet browsers. HD Moore, the creator of Metasploit Framework, a tool that helps test whether a system is safe from intrusion, has dubbed July the Month of Browser
Bugs. Already, the security researcher has featured five security flaws, three for Microsoft's Internet Explorer and one apiece for Mozilla's Firefox and Apple's Safari.
Spammers increase pump-and-dump scams
06 July 2006 - Spammers are profiting from share manipulation by coaxing victims into investing in junk bonds. The spammers purchase cheap
shares (which artificially raises the stock price) and sell them off as victim investment raises their value further.
Report: Targeted Trojan attacks on the rise
06 July 2006 - Computer hackers are increasingly tailoring attacks using Trojan horse programs for certain businesses in hopes of filching
intellectual property, a new security report released Thursday said. MessageLabs Ltd. said its latest research data shows these kinds of attacks have risen six-fold over the same period in 2005.
20 Years Of PC Viruses
5 July 2006 - In the first half of the 1980s, computer viruses -- programs that reproduce themselves by "infecting" other programs -- existed mostly
in labs. A few had managed to find their way into the wild on the Apple II platform, but for the most part they were tightly controlled by computer researchers.
The 10 Most Destructive PC Viruses Of All Time
5 July 2006 - Computer viruses are like real-life viruses: When they're flying around infecting every PC (or person) in sight, they're scary. But after
the fact...well, they're rather interesting, albeit in a gory kind of way. With this in mind, we shamelessly present, in chronological order, the 10 most destructive viruses of all time.
New worm poses as Microsoft anti-piracy alert to trick users
4 July 2006 - A new instant messaging (IM) worm that poses as a security notification from Microsoft's anti-piracy program has been identified by
Sophos. If opened it switches off the firewall in Windows XP so the PC can be hijacked remotely. Called Cuebot-K, the worm is spreading via AOL's IM application AIM.
Netsky blown away in June virus charts
4 July 2006 - Netsky.q has been pushed off the top of the virus charts for the first time since 2004, according to monthly statistics released by
Kaspersky Lab. Netsky.q has been the most widespread email worm since 2004 and its variant Netsky.t has risen rapidly since the beginning of 2006.
Hackers steal thousands from internet bank accounts
04 July 2006 - Hackers have penetrated internet banking facilities and gained access to the accounts of clients of three major banks, the Cape
Times reported on Tuesday. Its website said hackers had in the past three months gained access to the online accounts of clients from First National Bank, Standard and Absa banks.
Data is main cost in laptop theft
04 JULY 2006 - REPORTS of data theft often conjure up images of malicious hackers breaking into remote databases to filch social security
numbers, credit card records and other personal information.
Windows Genuine Disadvantage malware sighted
03 July 2006 - Perfidious virus pushers have created a worm that poses as Microsoft's anti-piracy program, Windows Genuine Advantage (WGA).
The Cuebot-K worm spreads via AOL instant messenger in the guise of WGA.
OpenOffice update fixes security bug trio
03 July 2006 - OpenOffice.org has released a security update to its alternative office productivity suite following the discovery of three potentially
serious security vulnerabilities during an internal audit. Both 1.1.x and the newer 2.0.x releases of the software are affected.
Windows 98 users on their own says Microsoft
02 July 2006 - Windows 98 and Millenium Edition users will no longer be supported by Microsoft from July 11, leaving an estimated 70 million users
exposed to hackers. In addition, security vendors are following Microsoft's lead and phasing out support for the ageing Windows versions, leaving users open to new virus attacks, according to a report in the Washington Post.
IE and Firefox hit by bug
30 June 2006 - Two new security flaws have been discovered in Microsoft's Internet Explorer, and one could also affect Mozilla's Firefox, security
experts have warned. Code for both the vulnerabilities has been published, but there have been no reports of attacks taking advantage of the flaws, the SANS Internet Storm Center, which monitors network threats, said in an advisory released on Wednesday.
Co-Founder of ID Theft Web Site Sentenced
30 June 2006 - The co-founder of a Web site that investigators claimed was one of the largest online centers for trafficking in stolen identity information and credit cards was sentenced Thursday to two years and eight months in prison. The sentence for Andrew Mantovani was the longest
of the five imposed to date involving the site http://www.shadowcrew.com which had about 4,000 members who dealt with at least 1.5 million stolen credit card numbers and caused more than $4 million in losses, federal prosecutors said.
PC failure rates better but notebooks still outrageous
28 June 2006 - PC vendors have reduced hardware annual failure rates by approximately 25% in the past two years, but 15% of notebooks break
down in the first year and nearly a quarter of notebooks owners will have to replace them after three years, according to a new benchmark study.
Three M00P hackers arrested
28 June 2006 - Authorities in the UK and Finland said Tuesday that they had arrested three men suspected of being part of the M00P hacker gang,
which has created and distributed numerous worms and trojan horses for at least the last year.
Exploit code out for critical bug, warns Microsoft
27 June 2006 - Microsoft on Friday acknowledged that "detailed exploit code" for a critical Windows vulnerability has been published on the
internet, and issued a security advisory to help users who haven't been able to patch. Although the developer issued a security update - MS06-025 - on June 13 to fix the flaw in Windows' Routing and Remote Access (RRA) service, unpatched systems are at risk because of the new exploit code.
Computers break down less often: survey
27 Jun 2006 - Computers have become more reliable in recent years as manufacturers have improved designs, but one in every six new notebooks
still needs to be repaired within a year after purchase, a survey found on Tuesday. Failure rates of both desktop and portable notebook computers have improved in the 2005-2006 period compared with 2003-2004, market research group Gartner found.
Malicious code targets critical Windows flaw
27 June 2006 - Computer code that exploits a "critical" vulnerability in Windows has been released on the Internet, prompting Microsoft to issue a
security advisory. The attack code takes advantage of a flawed Windows routing and remote-access component for which Microsoft released a patch two weeks ago, the company said in its advisory published late Friday.
Spam once again on the rise
27 June 2006 - Spam is again on the rise, led by a flood of junk images that spammers have crafted over the past few months to trick e-mail filters,
according to security vendors. Called "image-based" spam, these junk images typically do not contain any text, making it harder for filters that look for known URLs or suspicious words to block them.
Data market angers Washington
26 JUNE 2006 - ALMOST every piece of personal information that Americans try to keep secret - including bank account statements, email
messages and telephone records - is semi-public and available for sale.
Police bungle exposes bank files
26 june 2006 - THE banking details of thousands of Australians have been revealed and an international police investigation jeopardised in a bungle
by Australia's peak internet crime-fighting agency.
Bungle exposes bank files
26 JUNE 2006 - THE banking details of thousands of Australians have been revealed and an international police investigation jeopardised in a
bungle by Australia's peak internet crime-fighting agency.
Identity thieves lurking in P2P networks
23 June 2006 - Users of peer-to-peer file-sharing services may be sharing more than they bargained for, a former White House cybersecurity adviser
warned Thursday. Security researchers have found thousands of files with sensitive information by searching through file-sharing networks, said Howard Schmidt, CEO of R&H Security Consulting LLC. Schmidt.
Researcher finds third zero-day Excel flaw
23 June 2006 - Another unpatched flaw in Excel has surfaced, a security company said Thursday, making the bug the third in the last week. The
new vulnerability, said Symantec in an alert to enterprise customers, will let attackers execute Flash files along with JavaScript that run when Excel opens.
Phone phishing attack hits US
23 June 2006 - Criminals have launched a blended attack which attempts to lure users to a malicious Web site via text message. IT managers have
been warned to alert their staff to the attack, which uses social engineering techniques to try to trick users to the phishing site, according to security vendor Websense.
Wi-Fi hacked in 'digital drive-by'
22 June 2006 - Security researchers have found a way to seize control of a laptop computer by manipulating buggy code in the system's wireless
device driver. The hack will be demonstrated at the upcoming Black Hat USA 2006 conference during a presentation.
Microsoft to re-patch June patch
22 June 2006 - Microsoft announced Tuesday that it will re-issue one of the 12 security updates unveiled last week after the fix broke direct dial-up
for some users. Late last week, users reported problems with dial-up after installing the MS06-025 critical patch for Windows' Routing and Remote Access (RRA) service. Microsoft immediately opened a case file for the bug.
Firefox, iTunes, Skype tops most dangerous list
22 June 2006 - Firefox, iTunes and Skype were the top three applications in a list of 15 with the most security vulnerabilities, said security vendor
Bit9. The list from Bit9 looks at applications frequently downloaded by individuals (and perhaps not sanctioned by the company) which have at least one critical vulnerability, and that relies on the end user and not the IT department, to manually patch or upgrade to fix bugs.
Locking the wireless network
22 June 2006 - As the popularity of wireless networks in homes and small businesses continues to soar, so do the chances that outsiders will
hack unsecured networks and use them for malicious purposes. It is often up to solution providers to solve the problem, and fortunately, several methods and products are available to help mend the holes.
Internet fraud nabs record haul
22 June 2006 - INTERNET frauds have been caught trying to trick record numbers of Aussies into revealing their banking details. Complaints to the
Australian Securities and Investment Commission about online phishers have soared 25 per cent to record levels this financial year.
Worm lures victims with 'Naked World Cup'
20 June 2006 - Soccer purists can breathe a sigh of relief. There is no Naked World Cup. IT professionals, on the other hand, may want to be a little
more vigilant because a new e-mail worm is on the loose that preys on the intense worldwide interest in the international sporting event.
Aussies weighed down by net concerns
20 June 2006 - Abstract security threats continue to weigh heavily on the minds of Australians, services outfit Unisys has found. In its new quarterly
Security Survey & Index, the company found terrorism, health pandemics and internet related threats were of higher concern than immediate threats to personal safety.
Spike in finance attacks
20 JUNE 2006 - A SURGE in attacks on financial institutions signals a new reality, the Deloitte 2006 Global Security Survey warns. The fourth
annual survey of 150 leading banks and finance companies finds that 78 per cent had a security breach in the past year, up from 26 per cent in 2005.
Trojan forwards details of Oregon taxpayers
19th June 2006 - Workers at Oregon’s department of revenue have been banned from using their PCs for “non-business” purposes after a porn-
hunting employee accidentally downloaded a Trojan which spirited away personal details of over 2,000 taxpayers.
Flurry of new data breaches disclosed
19 June 2006 - The dizzying pace of data-breach notifications in recent months shows no signs of slowing, as several more organizations have
disclosed major data compromises over the past few days.
Unpatched Excel flaw surfaces, attacks made
19 June 2006 - Hard on the heels of Tuesday's massive security update, on Thursday Microsoft disclosed that an attack is in play which exploits an
unpatched bug in the popular Excel software. The attack allowed hackers to hijack PCs.
Hackers use Google Pages to host Trojan horse
19 June 2006 - Google Inc.'s Web site hosting service is apparently being used by hackers to try to steal money using a malicious program, a
security company said. Security vendor Websense Inc. warned on Friday that a Trojan horse is being hosted on a site with the same IP address as the main Google Pages Web site, at
http://googlepages.com.
Trend Micro: Microsoft sets June record for patches
19 June 2006 - Microsoft’s latest set of patches released on 13 June, ties the record for the highest number of patches and a high number of
'criticals', said Trend Micro.
Zero Day vulnerability discovered in Excel
19 June 2006 - A new zero day vulnerability in Microsoft Excel has come to light that is actively being leveraged by attackers to compromise
systems. The attack is launched when a user opens an infected Excel attachment in an e-mail or a document posted on a website, and doesn't require any user interaction beyond opening the infected document.
Trojan nabs 1,000 customers at Australian bank
16 June 2006 - A hoax e-mail that claims that the National Australia Bank is bankrupt has already infected 1,000 customers with malicious code in
the form of a Trojan horse. The e-mail is sent specifically to NAB customers globally, as well as the customers of up to 12 other banks worldwide.
PNC bank warns customers of fraudulent e-mails
16 June 2006 - PNC Bank in Pittsburgh, part of The PNC Financial Services Group Inc., is warning customers not to fall for phishing e-mails
purporting to come from the bank. "We are aware of fraudulent phishing e-mails purporting to be from PNC Bank that may have been recently received.
Cybercrime losses on the slide
15 June 2006 - For the fourth straight year running, the financial losses incurred by businesses due to incidents such as hacked PCs have fallen,
according to the 2006 annual survey by the Computer Security Institute and the FBI. Robert Richardson, editorial director at the CSI, discussed the survey's findings in a presentation at the CSI NetSec conference in Arizona on Wednesday.
