Poor Passwords Exploited by MySQL Bot

Weak passwords chosen by people who should know better -- system administrators -- are the target of a new worm called 'MySQL bot.'
According to the Internet Storm Center, which monitors network threats, some 8,000 databases have been affected.
The worm's programming allows it to guess simple user names and passwords -- 'weak passwords,' in industry parlance -- on computers running the Microsoft (Nasdaq: MSFT - news) Windows operating system and mySQL, an open source database.
Once the worm guesses the password, it then accesses a flaw in MySQL to take control of the bot software, which gives it full control of the system.
'The bot will brute-force the password,' the Internet Storm Center says in its advisory.
[more..]

New Worm Piggybacks on MSN Messaging

A new worm called 'Bropia.A' spreads through the MSN Messenger and Windows Messenger instant messaging clients, security firms report. The worm loads a Trojan horse that can log keystrokes, collect system information and spread IM spam.
[more..]

Mac Users Face Malware Threat

Security experts are warning users about a malicious script for Apple's Mac OS X . The worm can harvest passwords, destroy data and install remote control software and backdoors onto a user's computer.
Dubbed 'Opener' by Mac user Web sites, the worm is a Unix shell script that tries to turn off OS X's firewall, and then downloads and installs various remote-control and password-cracking applications.
Further information about the malware, which antivirus companies Sophos and Symantec are calling 'Renepo,' can be viewed at Sophos' Web site.
[more..]

Computer Worm Exploits Tsunami to Spread Virus

Well this took longer then I thought it would to appear, but appear it did, nonetheless. A mass e-mail posing as a plea for aid to help the victims of last month's Asian tsunami disaster is actually a vehicle for spreading a computer virus, Web security firm Sophos said Monday.
The worm appears with the subject line: "Tsunami donation! Please help!" and invites recipients to open an attachment called "tsunami.exe" -- which, if opened, will forward the virus to other Internet users.
[more..]

New Internet Explorer Flaws Ranked 'Extremely Critical'

Today (Jan 10th) is the big day for the Microsoft Security Bulletins for January. The preliminary word is that at least one of the January Security Bulletins will be rated 'Critical' by Microsoft. Hopefully that 'Critical' bulletin will address the 'Extremely Critical' flaw in Internet Explorer as identified by Secunia. The reason Secunia bumped it to 'Extremely Critical' is that there is working exploit code available which would allow an attacker to exploit systems including Windows XP with Service Pack 2 applied. Secunia is recommending that users disable ActiveX controls in Internet Explorer or use another Web browser, such as Firefox, at least until Microsoft patches these flaws.
To disable Active X controls in Internet Explorer go to Tools at the top of a browser window & click on it.
Then click on Internet Options & then on the Security tab.
From there you can click 'disable' for Active X controls.
Then click OK & close all IE windows before continuing.
Be sure to add this page to your favorites prior to doing that.

McAfee FREE Stinger Tool

McAfee AVERT Stinger
Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations. The often updated tool is not for Spyware or Adware but instead it is scan tool for Trojans & Viruses.
Directions & Download can be found at McAfee Inc.

Microsoft Offers FREE Virus-Removal Programs

"WASHINGTON - Microsoft Corp., whose popular Windows software is a frequent target for Internet viruses, is offering a free security program to remove the most dangerous infections from computers.
The program, with monthly updates, is a step toward plans by Microsoft to sell full-blown antivirus software later this year.
Microsoft said that starting Thursday, consumers can download the new security program from the company's Web site www.microsoft.com and that updated versions will be offered automatically and free each month!
[more..]

McAfee Warns on Top Viruses

The number of new viruses released into the wild increased in 2004 after three consecutive years of decline, according to U.S. anti-virus software company McAfee.

McAfee's Avert anti-virus and vulnerability emergency response team warned that bots and mass-mailers are expected to remain the predominant methods by which virus writers attack enterprises in 2005.
In addition, Avert predicted that exploits and adware will account for over 60 percent of security problems for home users.
[more..]

Downloader.GK 'Worst Trojan of 2004'

The Downloader.GK Trojan was named as the worst piece of malicious code of 2004, according to Spanish anti-virus firm Panda Software.

Downloader.GK infects Internet users who unknowingly visit Web sites that were designed to spread the Trojan.
'We offer users a free anti-virus scanner tool that they download from our Web site,' Panda Software spokesperson Javier Merchan. 'We use the results from these scans to rate the top viruses, worms and Trojans.'
Double Trouble
Downloader.GK was responsible for 14 percent of all attacks on computers detected by Panda Software last year -- more than double the attacks of any other virus this year.
When Internet users visit a Web site containing Downloader.GK, they are enticed to install a specific ActiveX application, which secretly installs spyware and adware on their systems.
Trojans Top Viruses
2004 was the first year that a Trojan topped Panda's annual threat list. In addition, four out of the top 10 threats that Panda tracked in 2004 were Trojans.
Trojans are malicious programs that do not spread on their own, unlike viruses or worms.
Below are the remaining top 10 threats that Panda tracked, followed by the percent of attacks for which they were responsible.
2. Netsky.P (6.92 percent)
3. Sasser.ftp (4.97 percent)
4. Gaobot.gen (4.31 percent)
5. Mhtredir.gen (4.22 percent)
6. Netsky.D (3.98 percent)
7. Downloader.L (3.56 percent)
8. Qhost.gen (3.48 percent)
9. Netsky.B (3.45 percent
10. StartPage.FH (3.34 percent)