New “SSL” Spam trying to spread Malware
Oct 14, 2009 Security Events, Security News
I, and others, have been receiving spam messages that claim to be from the “System Administrator” advising people to go to a linked URL that tries to spoof the targets domain somewhat to make it more credible. Mine looked like this (edited slightly for privacy):
Attention!
On October 16, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.
The changes will concern security, reliability and performance of mail service and the system as a whole.
For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.
This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That’s all.http://updates.<mysite>.com.secure.admin-data.net/ssl/id=731758587-admin@<mysite>.com-patch66701.aspx
Thank you in advance for your attention to this matter and sorry for possible inconveniences.
System Administrator
Seems that these links direct victims to a site that then installs some nastiness on their PCs:
Threat characteristics of ZBot – a banking trojan that disables firewall, steals sensitive financial data (credit card numbers, online banking login details), makes screen snapshots, downloads additional components, and provides a hacker with the remote access to the compromised system.
(see the entire ThreatExpert report here).
When is the Windows-based malware insanity going to stop? This, folks, is why I have used Linux for my computing needs for the past five years. Brian Krebs at the Washington Post agrees. Anti-virus/anti-malware/personal firewall/PC-prophylactics are not going to stop this kind of thing from happening, so catch the clue-train now and go download a nice Linux distro for your home computer.
Bruce Schneier at InfoSecurity.be Expo
Mar 27, 2009 Security Events
I had the chance to hear eminent security guru Bruce Schneier give the keynote talk at the 2009 InfoSecurity Expo in Brussels.
I have always appreciated his work and his writing, so this was a real treat for me. He speaks as well as he writes and I found his talk to be very interesting and timely. If you ever have the chance to hear him speak, definitely do yourself a favor and go.
