Tag Archives: Viruses

Tip #17 Free Antivirus Protection from Fordham

Image: Caules son los mejores antivirus para Android? androidzone.org

Image: Caules son los mejores antivirus para Android? androidzone.org

Did you know that Fordham University provides free antivirus protection to all students, faculty and staff? We provide this protection because a protected computer is essential to keeping your personal information safe and, in some cases (especially for faculty and staff), information about other people at Fordham. 

For more information and a download link for free software, see our Antivirus Protection webpage.

Maintain antivirus software on your computer and run regular scans to ensure that your system is safe and sound. This will give you the assurance that all is running smoothly. It will secure your computer against any hidden viruses or phishing hooks lurking in the depths of your computer.

To detect the latest viruses, use the most current version of your antivirus software. Make sure to run a full virus scan of your computer at least once a month. Your software can be configured to run automatic updates and scans that run in the background.

By Nicole Kagan, Fordham IT News Editor

Wire Transfer – Malicious Email Sent to the Fordham Community on 12/03/2014

This is Malicious email that has been reported. This message was received on or about December 10th, 2014. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact IT Customer Care at 718-817-3999 or via email: helpit@fordham.edu.


  
——————–Begin Message ———————

From: User@domain.com
Date: Tue, Dec 9, 2014 at 4:46 PM
Subject: Re:Re: Wire Transfer
To:

Hello Sir,

please kindly reconfirm the bank details once again,  as we are about to
initiate the second Wire transfer ,find attached the confirmation of the
first amount wired
.Please reply ASAP

Thanks
Leanne James
P.N.N.S. Palitha
(Accountant)

—————————–End Message ———————–

Internet Explorer 7 Zero Day Attacks In The Wild

Date:12.10.2008

Threat Type: Malicious Web Site / Malicious Code

Websense® Security Labs™ is currently monitoring the use of an unpatched vulnerability (0-day) in Microsoft Internet Explorer 7. No user interaction is necessary for the exploit to be successful. A computer may become infected by simply visiting a malicious Web site. This vulnerability exists in the way XML is processed within Internet Explorer 7. This zero day was first made public on a Chinese discussion forum one day before Microsoft shipped its December set of monthly patches.

The majority of the exploits that we analyzed download a malicious Trojan from Web sites that have been categorized by Websense since September of this year. This indicates that the exploit writers have been operating for some time. They may have purchased the exploit, or possibly discovered it on their own, and timed the attack to follow Microsoft’s regular patch cycle.
Our research finds that the majority of malicious sites serving this exploit are originating from China (e.g ASN number AS4134 – CHINANET-BACKBONE No.31, Jin-rong Street).

Screenshot of the malicious code in the wild:

References:
http://www.pcworld.com/article/155190/new_web_attack_exploits_unpatched_ie_flaw.html
http://www.breakingpointsystems.com/community/
http://blogs.zdnet.com/security/?p=2283
http://blog.zoller.lu/2008/12/in-wild-ie7-0day-update.html
http://www.scanw.com/blog/archives/303

Microsoft to Issue Emergency Security Update Today

Microsoft said late Wednesday that it plans to break out of its monthly patch cycle to issue a security update today for a critical vulnerability in all supported versions of Windows. Redmond rarely releases security patches outside of Patch Tuesday, the second Tuesday of each month. The software giant isn’t providing many details yet, but the few times it has departed from its Patch Tuesday cycle it has always done so to stop the bleeding on a serious security hole that criminals were using to break into Windows PCs on a large scale. By Security Fix’s count, this would be the fourth time since January 2006 that Microsoft has deviated from its monthly patch cycle to plug security holes. As shown by the stories in the linked examples above, Microsoft has fixed problems, each time, that were being actively exploited by bad guys to break into PCs. Microsoft’s advanced notification

Microsoft to Issue Emergency Security Update Today

Phishers, Virus Writers Exploit Global Financial Crisis

Security experts and the federal government are warning that scam artists are leveraging public concern over the global financial crisis to steal sensitive financial data and spread malicious software. In an alert posted Thursday, the Federal Trade Commission urged Internet users to be on guard against e-mails that look as if they come from a financial institution that recently acquired a consumer’s bank, savings and loan, or mortgage. “In fact, these messages may be from ‘phishers’ looking to use personal information — account numbers, passwords, Social Security numbers — to run up bills or commit other crimes in a consumer’s name,” the FTC said. Security firm Arbor Networks details two recent malware attacks that try to trick recipients into opening an e-mail attachment. One e-mail, claiming to have been sent by the Federal Deposit Insurance Corp., warns recipients that their bank accounts were involved in fraudulent activity. The attached file…..

Phishers, Virus Writers Exploit Global Financial Crisis

Adware.FakeAntiVirus.M

Adware.FakeAntiVirus.M

Adware.FakeAntiVirus.M