Staff Writers staffwriters

Symantec has posted a warning on its website that attackers are using an “undisclosed vulnerability affecting Microsoft Word.”

Click to enlarge

courtesy: www.tech2.com

Historically speaking, there have been a large number of bugs found in Microsoft’s Office software, including Word, over the past few years and in this case, the malicious code is a Trojan horse program, called Backdoor.Darkmoon, which logs the victim’s keystrokes in order to steal passwords, according to reports.

According to the anti-virus vendor, this is the second Microsoft attack reported this week, with only a few days ago cycbercriminals exploiting a bug in Microsoft’s database program, Access.

Symantec released very few other details of the new potential threat to Word.

In what could only be described as great news for those thinking of buying an iPhone 3G this Friday, Telstra says it broadband is breaking more speed records than an Olympic athletics meet.

Click to enlarge

The most recent world first is a joint trial by Telstra and Ericsson of Enhanced High Speed Packet Access (HSPA) technology using the 850MHz spectrum to deliver peak network downlink speeds of 21 Megabits per second (Mbps) in 2008 and onwards to 42 Mbps in 2009.

Enhanced HSPA uses software advancements that will maximise the potential of existing infrastructure ahead of the introduction of Long Term Evolution (LTE).

Bill Zikou, CEO of Ericsson Australia/NZ said, “Mainstream mobile network technology continues to advance with the successful trial of Enhanced HSPA, paving the way for the even faster speeds of LTE. Consumers will benefit from a greater range of richer multimedia services on a growing choice of phones and laptops.”

Prior to the HSPA+ or Enhanced HSPA trial, Telstra activated 3G Direct Tunnel technology on its live network, which will provide an increase in data capacity to meet the needs of increased broadband traffic such as data-rich services.

According to a number of overseas reports, Internet industry heavyweights are trying to fix a flaw in the foundation of the Internet that could allow hackers to control traffic on the worldwide web.

Click to enlarge

The reports note that several “major software and hardware makers worked in secret for months to create a software patch released overnight to repair the problem, which is in the way computers are routed to web page addresses.

The flaw would be a boon for bank phishing cons that involve leading people to imitation web pages of businesses such as bank or credit card companies to trick them into disclosing account numbers, passwords and other information.

According to a recent Australian Bureau of Statistics (ABS) report survey released last week, 453,100 Australians lost on average AU$2,160 each as a result of personal fraud, which included online phishing.

Attackers could use the vulnerability to “route Internet users wherever they wanted no matter what website address was typed into a web browser”, the report notes.

DNS is used by every computer that links to the internet and works similar to a telephone system routing calls to proper numbers, in this case the online numerical addresses of websites.

Automated updating should protect most personal computers. Microsoft released the fix in a software update package overnight and most importantly, the patch can’t be reverse engineered by hackers.

Many small businesses wrongly believe that they’re too insignificant to attract hackers and spend too little time on security but according to Secure Computing, since the beginning of July there are steady waves of mass-mailings hitting inboxes with fake invoices.

Click to enlarge

This includes fake UPS messages claiming that a package couldn’t be delivered and was returned, the user should print out the attached invoice – which in fact is the actual piece malware.

Just yesterday two different spoofs were on the loose, containing both the very same malware.

One in German language claiming to be an invoice from PayPal Europe and the other pretending to be from the US Custom Services.

And just today says Secure Computing, the next spam run brings in an invoice for a flight ticket. Victims are told they’ve bought an airplane ticket and their credit card was charged. The details and the flight ticket are attached – again this is malware.

Secure Computing says that users who fall prey to these common social-engineering tricks and install one of these nasties on their computer, actually install a ZBot spyware (aka ‘Wsnpoem’, aka ‘ntos.exe’). ZBot, depending on the actual variant, downloads an encrypted configuration file with further instructions from a Russian location and posts collected data back.

You wouldn’t know it but daily malware attacks are coming down in number. However, what is changing is the way they are being launched and who they are targeting.

Click to enlarge

According to Paul Ducklin, head of Technology, Asia-Pacific, Sophos, globally malware attacks are down from 25,000 per day to some 16,000 per day- a 36 per cent decrease.

However notes Ducklin, the number of infected social and blog sites has risen to “about 2 per cent of the total and recently we saw the Google-owned blogger.com being the carrier of some nasty spybot”.

Furthermore, earlier this year Sophos as a company said that 2008 has seen an explosion in malicious software, three times more than in 2007 and that Google-owned Blogger is the most common host for malicious software.

The company also found that Hackers and spammers use social sites like Facebook and MySpace with increasing frequency to spread spyware and viruses.

But says Ducklin, computer users should not be complacent about older forms of PC infection which are still as dangerous today as when they were invented.

“Last year we saw a PC that was being sold by supermarket chain Aldi, which had a pre-loaded virus dating from 1994”.
And it is SMB’s that are bearing the brunt of these attacks as SMBs have fewer resources and many don’t have an employee dedicated full-time to IT security.

And according to another security vendor, McAfee, SMBs could face critical shutdowns in business as a result of weak security.

The company notes that, “every business is hit with spam, which often is laden with malicious data-stealing programs”.
McAfee also said it expects hackers to increasingly go after VoIP phone systems, virtual systems as well as mobile devices.
However Sophos’s Ducklin thinks that the threat to mobile devices is “pretty damn small”.

Although another security vendor Symantec seems to think that potential attacks on things like the iPhone are basically “a hammer looking for a nail”.