Internet Security Online

New Definitions:
========================
Adware.Henbang
WareOut

Updated Definitions:
========================
180Solutions +1
404search
ABetterInternet.Aurora +3
Adintelligence.AproposToolbar +9
Adware.Look2Me +12
Adware.ZenoSearch
AlfaCleaner
Alset
Coulomb Dialer
DealHelper
Dialer
e2give
ErrorSafe +3
eUniverse
GetMiraR
Lop +14
Malware.SpywareStrike
Purityscan +3
SCBAR
SpyAxe +2
SpywareNo +2
Tracking cookie
WebHancer
Win32.Trojan.Downloader +11
Win32.Trojan.Mirc +3
Win32.TrojanDownloader.Qoologic +2
WinFixer +3
Virtumonde +2
Zango

The MD5 checksum for the defs.ref file is 88ba24f7b36c3f3fb5ee88617db856dc

Red Hat has opened its knowledge base to the general public today. You no longer need to login to access it.

Red Hat Knowledgebase is a library of tips, troubleshooting advice, and current information
updated daily by Red Hat technicians.

Go to Red Hat Knowledgebase

Hijacker
+ MaxSearch + CoolWWWSearch.Feat2Installer + CoolWWWSearch.Service +
CoolWWWSearch.Feat2DLL

Malware
+ SpyFalcon + Vcodec.eMedia + Winsoftware.WinAntiVirusPro2006 +
MyNetProtector + SpywareStrike + AzeSearch + Smitfraud-C.Toolbar888 +
Look2Me.Topconverting + Web-Nexus + Smitfraud-C. + Command Service +
Vcodec

Security
+ Windows.RedirectedHosts

Spyware
+ KillSec + UCmore + Torpig

Trojan
+ Jupilites + Win32.VB.un + Win32.VB.vg + Win32.Winspg.a +
Zlob.Downloader + Spyware Disinfector + BPS Spyware Remover +
BraveSentry + Nous-Tech.UDefender

A significant vulnerability has been discovered in the Sendmail open-source e-mail application that could allow attackers to take over control of any devices running the affected software.

The flaw, first reported by security researchers at Atlanta-based Internet Security Systems, is present in Sendmail’s e-mail server software and could be exploited by someone sending malicious data to a computer running the software at specific time intervals, ISS said.

RealNetworks has issued a security patch for a number of its products to address vulnerabilities that could allow for remote execution of code on devices running the software.

The company said that it has not been advised of any known exploitations of the flaws, which are present in its RealPlayer multimedia application Version 10.4 and 10.5 for Windows, and in both its RealPlayer 10.4 and Helix Player 1.4 for Linux.

A do-it-yourself malware creation kit is being hawked on a Russian Web site for less than $20, according to security researchers tracking the seedier side of the Internet.

Virus hunters at SophosLabs discovered the spyware kit, called WebAttacker, on a Web site run by self-professed spyware and adware developers. The kit is available for sale directly from the site, which even offers tech support to buyers.

The first wave of zero-day attacks against an unpatched flaw in Microsoft’s Internet Explorer browser has begun and security experts warn that the threat will grow significantly over the weekend.

Less than 24 hours after Microsoft issued an advisory with interim workarounds for IE users, malware hunters have started detecting drive-by downloads on more than 20 maliciously rigged Web sites.

The unpatched CreateTextRange vulnerability in Internet Explorer is already being used by at least one Web site to install spyware on users’ machines, a security organization said Friday.

“We just received a report that a particular site uses the vulnerability to install a spybot variant,” the SANS Institute’s Internet Storm Center (ISC) warned Friday in an alert. “It is a minor site with insignificant visitor numbers according to Netcraft’s ‘Site rank.’”

In Illinois, riding piggyback on someone else’s Wi-Fi could cost you some money.

David M. Kauchak, 32, pleaded guilty this week in Winnebago County to remotely accessing someone else’s computer system without permission, the Rockford Register Star newspaper reported. A Winnebago County judge fined Kauchak $250 and sentenced him to one year of court supervision.

Read full story

A newly discovered Trojan is intercepting the TAN codes used as security tokens by customers of two major German banks, Postbank and Deutsche Bank, according to antivirus experts.