Discussion in 'DSL & Info Tech News' started by cybrzn, Mar 26, 2009.
http://tech.yahoo.com/blogs/null/128643 ... e-april-1/
takot naman ako...hindi updated xp ko...andami kasing update e
oo nga minsan kasi pag nag update ka lalong nagiging shonga ang XP hehehe
kaso prone ka naman sa mga worms eklats
Pwede naman i-uninstall ang updates kung nagkaroon ng problems. Sakin naman almost fully patched XP ko, un nga lang ung mga importante lang. Also, pwede naman gumamit ng Microsoft Baseline Security Analyzer para i-check yung mga missing updates at nagpoprovide din un ng links sa Microsoft ukol sa missing updates, at least may info kung kailangan ba yung update o hindi.
ohh...lala.. mag uupdate na rin ako..
natawa ako dito... oo totoo nga yan....
kakatakyut naman yang conflicker C na yan...si bill gates kasi mayaman na nagpapayaman pa lalo..hahahaha...
Ganyan talaga tech business...
Buti nalang tong new version ng ESET na trap nya ang mga incoming intruders na nakisabay sa pag update mo operating system. Di ko lang na screen shot yun while nag update aku ESET detect worms na papasok sa system ko pero buti nalang interrupted ng ESET.
Ingat talaga sa pag update lalo na sa pag download ng kung anu anu.
wew another buklakte will be on the loose soon hekhek ako updated ako kaso SP3 nalng hekhekhek
chikka lg yan....alam yu bakit?walang specific binigay kung anu ang tinitira na vulnerability, just to make sure, install security tools and update your box.
Posted on PIT also
http://www.pinoyit.co.nr/viewtopic.php? ... 42&start=0
repapepzzz pakibasa nyo din to, emails sa akin ng Trend Micro...
WORM_Downad.KK –Activates on April Fool’s Day
Trend Micro would like to caution about a possible widespread infection on April Fool’s day. Please read the details and recommended actions below for your information.
Worm_downad had infected more than 15 million computers, making it one of the widespread infections in recent times.
A new variant of worm_downad (aka Conficker) is expected to be launched on April Fool’s day.
Trend Micro detects this new variant as worm_downad.kk. More information can be found at http://www.trendmicro.com/vinfo/virusen ... KK&VSect=T. Trend Micro detects this malware starting with pattern file 5.885.00.
Compared to the old variants, worm_downad.kk is more sophisticated. Here are a few of the payloads :
* Connects to various time servers to determine the current date and time.
* Register itself as a system service to ensure auto execution every startup.
* Deletes a registry key to prevent system startup in safe mode.
* Terminates security-related processes (i.e. procexp, regmon, autoruns, gmer etc.)
* Blocks access to security and antivirus websites.
* Generates 50,000 malicious URLs and attempts to connect to around 500 random generated URLs at a time.
* Enable Web Threat Protection
* Make sure that you have the latest virus definitions (at least pattern file 5.885 .00 )
* Run a FULL system scan to ensure that malware does not exist on your PC
Recommended Actions from External Sources
* How to protect against internet threats when you surf online?
* How to protect against threats when accessing Webmail?
Trend Micro APAC team
I am using McAfee as my Internet Security. I checked their website, and they included the malware in question. Although this is not a guarantee, I guess, tama suggestions ng karamihan. Keep your OS & Security programs up to date. That way, protected ka lagi. :wink: [
April's fools day nga eh..hehehe...chika lg yan...
additional protection, use openDNS and you'll get this setting
Mas nakakatakot ito, kung mapunta ang technique na 'to sa masamang mga kamay
Researchers unveil persistent BIOS attack methods
Apply all of the browser, application and OS patches you want, your machine still can be completely and silently compromised at the lowest level--without the use of any vulnerability.
That was the rather sobering message delivered by a pair of security researchers from Core Security Technologies in a talk at the CanSecWest conference on methods for infecting the BIOS with persistent code that will survive reboots and reflashing attempts. Anibal Sacco and Alfredo Ortega (above) demonstrated a method for patching the BIOS with a small bit of code that gave them conplete control of the machine. And the best part is, the method worked on a Windows machine, a PC running OpenBSD and another running VMware Player.
"It was very easy. We can put the code wherever we want," said Ortega. "We're not using a vulnerability in any way. I'm not sure if you understand the impact of this. We can reinfect the BIOS every time it reboots."
Sacco and Ortega stressed that in order to execute the attacks, you need either root privileges or physical access to the machine in question, which limits the scope. But the methods are deadly effective and the pair are currently working on a BIOS rootkit to implement the attack.
"We can patch a driver to drop a fully working rootkit. We even have a little code that can remove or disable antivirus," Ortega said.
The work by the Core team follows on to research done on persistent rootkits by John Heasman of NGSS, who was able to devise a method for placing rootkits on PCs using the memory space on PCI cards. In a presentation at Black Hat DC in 2007, Heasman showed a completely working method for loading the malware on to a PCI card by using the flashable ROM on the device. He also had a way to bypass the Windows NT kernel and create fake stack pointers.
In an interview at the time, he told me: "At that point it's game over. We're executing 32-bit code in ring zero."
As application and operating system protection mechanisms continue to become more sophisticated and more difficult to evade, expect to see more and more attacks targeting the hardware and low-level software, where there are still opportunities for success.
Tanong ko lang kung Pano kakalat? Nakakinis!!! Wait lang Conficker Hintayin mo lang ako MagVista ah!!! Kakainis ka eh!
ESET muna ako. Kasi wala akong AV dito eh
hinde din paano kung gawin nga diba better be prepared and get ur OS updated
Attacks may happen anytime, I have no worries, all my boxes is updated and firewall is up and kicking. :lol:
pagnaging masakit sa ulo yan isa lang solusyon dyan.. gawan ng paraan.. ask friends kung infected ka...
here's an interesting blog from f-secure...
Questions and Answers: Conficker and April 1st
from trend micro...
Downad/Conficker, who’s the April Fool?
Separate names with a comma.