Gladiator Research and Security

Happy Halloween, everybody!  This is a great holiday that brings out the kid in all of us.  Unfortunately, it also brings out the email forwards with games that could be more “trick” than “treat.”  Malware authors are quick to take advantage of any holiday to send us fun, new ways to spend our free time.  In this case, our free time may be spent cleaning up some new spyware or trojans.  CRN has a nice piece on Halloween malware from the past few years.  I suggest you check it out and let your employees know to beware of email forwards with Halloween subjects.

Related Links:

• CRN: 9 Scary Halloween Tricks (http://www.crn.com/security/211800350)

GSA Reference Number: AD081023-01

Simply Put: Normally Microsoft only releases patches on the second Tuesday of each month.  But Microsoft has just released a bulletin notifying customers they will release a patch to address a new remote code execution exploit.  The patch was posted today at 1 pm and addresses a bug in the Server Service.

Today is Patch Tuesday, Microsoft’s monthly patch release day.  There were 11 new advisories released, with 4 of them critical, 6 important and 1 moderate.  The critical patches deal with Active Directory, Internet Explorer, Host Integration Server and Microsoft Excel.  These should be applied as soon as possible.   Remember to test them on a subset of your servers first to make sure they’re compatible with all of the software you currently run.

Because more and more users are connecting to the Internet without proper edge security, Botnets are beginning to grow rapidly all around the world, continuously sending mail that wreaks havoc upon our Inboxes.  So what exactly is a Bot or Botnet, and how can you protect your network and your users?

Dark Reading, an IT security website, recently released an article on the new dangers of social engineering in this current time of financial difficulties. Specifically, the article warned of the dangers of spear phishing directed at financial institutions [spear phishing is a targeted social engineering attack directed at a specific company].  New attacks are preying on people’s fears over the current economy.  Financial institutions are seen as particularly vulnerable to these attacks since employees are more concerned with job security and institution performance in a weaker economy.  Auditors are finding it easier to trick employees by claiming to be federal regulators or by sending emails with information on how the institution is gaining ground on competitors.

We’ve seen a lot of fake antivirus sites and warnings for a while now, but they’re really starting to pick up.  If you see anything for Antivirus 2009 or Antivirus 2008, these are fakes, and will install a trojan horse onto your system.  Unfortunately, these sites look very professional and legitimate.  The malware database blog (linked below) has some good screenshots of these sites.  Remember, do not install any products from vendors you do not know.  If you are unsure if an antivirus vendor is reputable, a good list of respected AV vendors is at Virus Total (http://www.virustotal.com/sobre.html).  Be sure to inform your coworkers so they don’t install this product at work or at home.

The FBI has announced a new website to aid in the capture of robbery suspects in the state of Georgia.  The site was created in cooperation with the Georgia Association of Bank Security.  Georgiabankrobbery.com is “designed to assist law enforcement in the identification and apprehension of suspects throughout Georgia.”  The public is encouraged to visit the site, which will list photographs and descriptions of robbery suspects along with a tip form to submit information.