Update

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same

Phishing alert for Kotak Mahindra

Indian Banking is certainly having tough time in safeguarding its customers. Banks are regularly falling prey to hacking or phishing. A recent victim of this trend is Kotak Mahindra Bank. Websense Security Labs recently received reports of a phishing attack that targets customers of Kotak Mahindra Bank. A spoofed e-mail message is being used to lure customers to a fraudulent Web site. The message includes a link to a phishing site, which attempts to collect personal and account information. This phishing site is hosted in the United States and was not active at the time of this alert. Customers of Kotak Mahindra Bank are advised to make a note of this security warning and avoid being trapped by the fraudulent messages..

Cyber crime attacks US Lab

More than a dozen employees fell prey to a sophisticated cyber attack at Oak Ridge National Laboratory (ORNL) which exposed a database containing visitors’ personal information. The federally funded lab recommended in an advisory that people who have visited the lab between 1990 and 2004 place fraud alerts on the credit reports. According to the lab, the attack did not gain access to classified information.

A hacker illegally gained access to lab computers with the help of staff e-mails that appeared to be official legitimate communications. When the employees opened the attachment or accessed an embedded link, the hacker planted a program on the employees’ computers that enabled the hacker to copy and retrieve information.

According to ORNL, the attacks were a part of a coordinated attempt to gain access to computer networks at numerous laboratories and other institutions across the country.

Warning for media player users

According to some security researchers, media players offered by Microsoft and AOL are vulnerable to attacks that can completely compromise a user’s machine.

Attack code has already been released for the bug, which has been confirmed in a codec used by older versions of Windows Media Player, made by Microsoft, and in AOL’s Winamp. A Symantec researcher has warned that users of other players may also be at risk because the vulnerability resides in a commonly used MP4 codec produced by a company called 3ivx Technologies.

The exploit works by supplying victims with a maliciously formed MP4 file. In this, when a victim unknowingly clicks on a link that appears safe, the MP4 content is delivered, causing the exploit to run. A researcher released exploit code that targets Windows Media Player 6.4 and Windows Media Player Classic, which are made by Microsoft, and AOL’s Winamp version 3.5. Each uses the 3ivx MP4 codec, which is vulnerable to a stack overflow.

Secunia describes the Windows Media Player vulnerabilities as highly critical. The vulnerability reporting service didn’t have a rating for the Winamp vulnerability.

Currently, no patch is available. It is recommended that users remove the codec or disable media players that use the MP4 codec until the hole is plugged. Taking care not to click on suspicious links in browsers and e-mail programs should suffice.