Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
11 July 2005  
Untitled Document
Sections

Market
Management
Technology
Technology Life
Columns

Between The Bytes

Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Exp. Hotelier & Caterer
Exp. Travel & Tourism
feBusiness Traveller
Exp. Pharma Pulse
Exp. Healthcare Mgmt.
Exp. Textile
Group Sites
ExpressIndia
Indian Express
Financial Express
Home - Technology - Article

Updates

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same

Worm reported by Sophos

Security vendor Sophos has reported a worm called W32/Sdbot-YL. This worm installs itself in the registry, weakens security of a system, allows unauthorised access to a computer, drops more malware, and spreads across the network. It affects Windows operating systems. Additional information about this vulnerability is available at www.sophos.com/virusinfo/analyses/w32sdbotyl.html

PGPCoder.A—a high-risk virus

McAfee has reported a virus called PGPcoder.A. It is a Trojan that encrypts documents based on file extension. It has been distributed as a 56,832-byte, Win32 executable. PGPCoder.A traverses directories on all fixed and remote drives, searching for files with extensions .txt, .zip, .rtf, .rar, .dbf, .html, .jpg, .xls, etc. When a suitable file is found, the Trojan encrypts the file and prefixes the filename with the string ‘coder’ (for example, document.doc becomes coder document.doc). This is certified as a high-risk virus.

More information is available at www.secunia.com/virus_information/18268/win32.pgpcoder.a/

Symantec detects a Trojan

Malware Top 10
TROJ_BAGLE.BB WORM_MYTOB.HN WORM_MYTOB.HQ WORM_KELVIR.BK
WORM_WURMARK.A
VBS_IPNUKER.A
SYMBOS_SKULLS.M
WORM_MYTOB.GV
WORM_MOFEI.J
WORM_MYTOB.FQ

(from June 13 to
June 27)

Source: Trend Micro

Symantec has announced the detection of a virus that, according to its assessment, is high on the threat-scale. PWSteal.Bancos.W is a Trojan that logs keystrokes and steals information entered into certain banking Web sites. Furthermore, it has the ability to take screenshots of pages on banking sites in an attempt to collect passwords and other user information. It affects Windows client and server versions. Symantec has issued removal instructions at www.sarc.com/avcenter/venc/data/ pwsteal.bancos.w.html

 

 

 

 

WebLogic vulnerability

A BEA WebLogic administration console error page cross-site scripting vulnerability affects BEA WebLogic Server 7.0 and 8.1 versions. The attack usually involves crafting a hyperlink with malicious script code embedded within it. A valid user is likely to click on this link since it points to a resource on a trusted domain. Clicking the link executes the attacker-injected code in the context of a Web application and the code steals session cookies which can then be used to impersonate a valid user.

Patches are available at bea.com

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.