Pages in topic: [1 2] > | Urgently update your antiviruses Thread poster: Uldis Liepkalns
| Uldis Liepkalns Latvia Local time: 04:23 Member (2003) English to Latvian + ...
I received already about 20 of them today, and until update my antivirus didn't detect them. Sincerely- Uldis "Kaspersky Labs, an international data security software developer, reports the detection of a new version of the Internet worm Tanatos. The new version of this malicious program, called Tanatos.b, has dangerously destructive capabilities for infecting computer files. Kaspersky Labs will make more details covering Tanatos.b available shortly. ... See more I received already about 20 of them today, and until update my antivirus didn't detect them. Sincerely- Uldis "Kaspersky Labs, an international data security software developer, reports the detection of a new version of the Internet worm Tanatos. The new version of this malicious program, called Tanatos.b, has dangerously destructive capabilities for infecting computer files. Kaspersky Labs will make more details covering Tanatos.b available shortly. The defense against Tanatos.b has already been added to the Kaspersky Anti-Virus database. Kaspersky Labs recommends all computer users to update their anti-virus databases." ▲ Collapse | | | Myron Netchypor Ukraine Local time: 04:23 Member (2003) English to Ukrainian + ... MODERATOR Thank you Uldis | Jun 5, 2003 |
Could you please also specify if this virus comes in attachement or in message body?
[Edited at 2003-06-05 12:23] | | | Uldis Liepkalns Latvia Local time: 04:23 Member (2003) English to Latvian + ... TOPIC STARTER I can not say | Jun 5, 2003 |
as in my system it ends up in Eudora>Spool as file named "temp.in". I guess it may be different on other systems. Since I updated antivisus bases, I do not see them any more, only my antivirus program keeps reporting successful anihilations. But it seems to be serious- since I posted the first message, I have received about 10 more of these worms. Please visit www.kaspersky.com for more info. Uldis Myron Netchypor wrote: Could you please also specify if this virus comes in attachement or in message body? [Edited at 2003-06-05 12:23] [Edited at 2003-06-05 12:45]
[Edited at 2003-06-05 13:01] | | | Nikita Kobrin Lithuania Local time: 04:23 Member (2010) English to Russian + ... + one more (W32/Bugbear.B-mm) | Jun 5, 2003 |
New virus alert: W32/Bugbear.B-mm Beware of the a new email-borne mass-mailing virus: On 4th June 2003, MessageLabs the email security company intercepted copies of a new mass-mailing virus called W32/Bugbear.B-mm, and intercepted the first copy originating from the United States. Name: W32/Bugbear.B-mm Aliases: W32/Kijmo-mm, W32/Shamur-mm Number of copies intercepted so far: 300+ Time & Date first Captured: 4th June 2003... See more New virus alert: W32/Bugbear.B-mm Beware of the a new email-borne mass-mailing virus: On 4th June 2003, MessageLabs the email security company intercepted copies of a new mass-mailing virus called W32/Bugbear.B-mm, and intercepted the first copy originating from the United States. Name: W32/Bugbear.B-mm Aliases: W32/Kijmo-mm, W32/Shamur-mm Number of copies intercepted so far: 300+ Time & Date first Captured: 4th June 2003 11:59GMT Origin of first intercepted copy: United States Number of countries seen active: 20 (currently mostly in US and Australia) Email characteristics: The sender address may be spoofed, and may not indicate the true address of the sender. The virus contains a number of domains that it appears to be capable of spoofing. Emails that we have thus far seen have varying subject lines, seemingly relating to information or documents plagiarised from the recipient’s infected machine. The body-text of the message is variable and appears to be taken from documents and files found on the recipient’s infected machine. The attachment is compressed in a modified UPX format. The file size is 72,192 bytes. Attachment names are also variable, possibly based on from filenames found on the infected machine with an extension of either .scr, .pif or .exe For example: Crimbo.exe.scr, Lotto.mbd.pif, 052003.ptx.exe, My Money Backup.mbf.scr, Captletterhead.doc.scr Virus Behaviour Initial analysis suggests that the virus is a mass mailer. It appears to be very polymorphic in nature and compressed using a variant of UPX, however, it seems to have the ability to repack or modify itself during each generation, presumably in an attempt to foil simple anti-virus signature fingerprinting techniques. In some copies that we have stopped, the MS01-020 auto-open exploit has been found, which will automatically execute the attachment just by reading the email on an unpatched Windows system. Virus Payload Initial analysis indicates that this virus may also be able to disarm local security software, such as anti-virus or firewall software. It may also be able to spread via network shares, as was the case with the earlier Bugbear.A strain. Furthermore, it may also install a key-logging trojan component that will enable an unscrupulous hacker to take control of the infected machine and download a file containing the user’s keystrokes, including information entered on websites such as passwords or credit-card details for example. Comment The virus includes a number of domain names that it appears to be capable of spoofing, including many major international banks, financial institutions and government authorities. Paul Wood, Chief Information Analyst at MessageLabs said, “This is a particularly worrying trend in terms of the social engineering techniques now almost customary for any new virus to take hold. Particularly worrying is the fact that not only can Bugbear leach confidential information from an infected machine, but it may also leave a backdoor wide open for hackers to take control of the machine and misappropriate passwords, credit-card details or for some other nefarious purpose. “From the pattern of Bugbear.B emails that we have stopped already this morning, we anticipate that this is likely to reach high-level outbreak very soon, particularly as the US begin to come online.” Detection MessageLabs detected all strains of this virus proactively, using its unique and patented Skeptic™ predictive heuristics technology. For further information, please visit the MessageLabs website at: http://www.messagelabs.com and http://www.messagelabs.com/viruseye/info/default.asp?virusname=W32/BugBear.B-mm&frompage=virus%20search&fromurl=/viruseye/search/default.asp ▲ Collapse | |
|
|
Marc P (X) Local time: 03:23 German to English + ... General solution | Jun 5, 2003 |
Thank you to all who have provided helpful advice on the subject of virsues. I wonder, though, why it is not possible for those who are vulnerable to attack to make their systems secure. No one should be running a system which automatically executes malicious code. If they are, shouldn't they change the configuration? And if the configuration can't be changed, shouldn't they move over to a more secure system? Saying "look out for this car thief, he is wearing a red swea... See more Thank you to all who have provided helpful advice on the subject of virsues. I wonder, though, why it is not possible for those who are vulnerable to attack to make their systems secure. No one should be running a system which automatically executes malicious code. If they are, shouldn't they change the configuration? And if the configuration can't be changed, shouldn't they move over to a more secure system? Saying "look out for this car thief, he is wearing a red sweater and white running shoes" is all very well. Is it not better to tell people to lock their cars? Just a thought. Marc ▲ Collapse | | | Bill Greendyk United States Local time: 21:23 Member (2002) Spanish to English + ... Good logic, Marc! | Jun 5, 2003 |
MarcPrior wrote: Saying \"look out for this car thief, he is wearing a red sweater and white running shoes\" is all very well. Is it not better to tell people to lock their cars? Just a thought. Marc What a clever way of putting it, Marc! I like that! I quite agree with you. With all the anti-virus software out there, who would even dare run their computer these days without it? Bill | | | Marc P (X) Local time: 03:23 German to English + ...
Bill Greendyk wrote: What a clever way of putting it, Marc! I like that! I quite agree with you. With all the anti-virus software out there, who would even dare run their computer these days without it? How can I put this... there is no anti-virus software for Linux, so... Marc | | | As far as I know... | Jun 5, 2003 |
MarcPrior wrote: Bill Greendyk wrote: What a clever way of putting it, Marc! I like that! I quite agree with you. With all the anti-virus software out there, who would even dare run their computer these days without it? How can I put this... there is no anti-virus software for Linux, so... Marc there is no virus for linux... Quite nice! | |
|
|
Uldis Liepkalns Latvia Local time: 04:23 Member (2003) English to Latvian + ... TOPIC STARTER I see the discusion has taken | Jun 5, 2003 |
quite a turn. Why I posted this warning in the first place- my antivirus provider Kaspersky normally releases one update a day, and I have set the automatic update time to 7 PM. Normally that's enough, but if the virus starts spreading at 10 AM... Kaspersky guarantees update within 2 hours the new virus is sighted anywhere in the World, and when after sigting the first 10 viruses visually I updateded, the update was there. But there are other antivirus providers, who offer automatic updates week... See more quite a turn. Why I posted this warning in the first place- my antivirus provider Kaspersky normally releases one update a day, and I have set the automatic update time to 7 PM. Normally that's enough, but if the virus starts spreading at 10 AM... Kaspersky guarantees update within 2 hours the new virus is sighted anywhere in the World, and when after sigting the first 10 viruses visually I updateded, the update was there. But there are other antivirus providers, who offer automatic updates weekly Yes, I do not execute files named “Britney_Spears_naked.exe” more often than I do run ordinary “Virus.exe”, but none the less, it’s much more comfortable, when your antivirus is updated and you do not have to delete viruses manually. By the way, most of them can not be deleted simply by a command Del, you have to use Shift+Del. My editing was caused because command description written in parenthesis for whatewer reason doesn't appear in the post... [Edited at 2003-06-05 19:31]
[Edited at 2003-06-05 19:53] ▲ Collapse | | | Rick Henry United States Local time: 20:23 Italian to English + ... False sense of security. | Jun 6, 2003 |
While a virus or trojan isn´t common on Linux, it is possible to write malicious code on any platform. The damage may be confined to the user´s space instead of the entire operating system, but it can be done and has been done. Bottom line, it still comes down to the user acting responsibly. R. == Francisco Herrerias wrote: there is no virus for linux... Quite nice! | | | Marc P (X) Local time: 03:23 German to English + ... Viruses for Linux | Jun 6, 2003 |
As Rick says, Linux viruses do exist. I was just pointing out that Linux virus detection software doesn't exist, to my knowledge. (Software which detects Windows viruses does exist for installation on Linux servers.) Rick is also right about the false sense of security. Linux is generally more secure than Windows, but that is not the main reason for the lack of Linux viruses. The main reason is that Linux software generally has a very defensive default configuration, and also that L... See more As Rick says, Linux viruses do exist. I was just pointing out that Linux virus detection software doesn't exist, to my knowledge. (Software which detects Windows viruses does exist for installation on Linux servers.) Rick is also right about the false sense of security. Linux is generally more secure than Windows, but that is not the main reason for the lack of Linux viruses. The main reason is that Linux software generally has a very defensive default configuration, and also that Linux desktop users (the few that there are) are generally more aware of the security issues. Like most people, I have been receiving lots of e-mails with .pif attachments of late. But: 1) my system does not open/execute them automatically; 2) if I click on them to try to open/execute them, a security warning dialog appears before anything is done; 3) before opening/executing them, I have to select and/or acknowledge what application will be used (and if, for example, it's Acrobat Reader, I can be confident that whatever the attachment contains is harmless). On Linux, it's far easier to delete a file by mistake (and, unlike Windows, a deleted file can't be retrieved) than it is to open/execute an attachment by accident. Surely Windows can be configured to behave the same way - it's not THAT bad. Marc ▲ Collapse | | | Anybody with this e-mail address ? "[email protected]" Scan your computer! | Jun 6, 2003 |
I have just got an e-mail with an attchment (97 kb) from this sender. Sender: [email protected] Subject: [ProZ.som Kudoz] tie-tamping ( English>Portugese) I didn't open it. Probably it's infected with virus. If somebody has that e-mail address, or knows it, please update your antiviruses and scan your computer! Kind regards, Katalin | |
|
|
Milos Prudek Czech Republic Local time: 03:23 English to Czech + ... Not entirely true | Jun 6, 2003 |
[quote]Rick Henry wrote: While a virus or trojan isn´t common on Linux, it is possible to write malicious code on any platform. The damage may be confined to the user´s space instead of the entire operating system, but it can be done and has been done. This is not the whole picture. If your Linux system is set up properly, it is impossible to suffer any damage from a wanna-be virus. The proper setup in three steps: 1. Normal users are prohibited to install software. Period. (You need to put user home directories on a separate disk partition and specify this partition as "no execute") 2. System administrator installs only verified software, using digital signatures to verify authenticity. 3. System administrator also logs in as a regular user, UNLESS he is going to administer the system. Immediately after finishing his admin role, he relinquishes his admin permissions and becomes a normal user. Very simple, 100% effective. | | | Rick Henry United States Local time: 20:23 Italian to English + ... Not to distract from the topic, but... | Jun 6, 2003 |
that´s a pretty Draconian way of looking at things. First, we´re talking about desktops and laptops, not servers or mainframes. I highly doubt most people using PCs for translation purposes are going to have an administrator at their disposal (unless they work for a huge translation agency). Second, under your scenario I wouldn´t even be allowed to write a script to do anything - sort, calculate, whatever. Maybe it´s just me, but I think computers should serve people, ... See more that´s a pretty Draconian way of looking at things. First, we´re talking about desktops and laptops, not servers or mainframes. I highly doubt most people using PCs for translation purposes are going to have an administrator at their disposal (unless they work for a huge translation agency). Second, under your scenario I wouldn´t even be allowed to write a script to do anything - sort, calculate, whatever. Maybe it´s just me, but I think computers should serve people, not the other way around. Sorry for the little rant, but BOFH biases are a pet peeve of mine (for those that don´t know what BOFH stands for, I´ll leave you to do a search online). Suffice it to say it´s a stage that every admin. goes through at some point in their career (usually early on). I was an admin. for 18 years, and I went through that stage as well R. == Milos Prudek wrote: This is not the whole picture. If your Linux system is set up properly, it is impossible to suffer any damage from a wanna-be virus. The proper setup in three steps: 1. Normal users are prohibited to install software. Period. (You need to put user home directories on a separate disk partition and specify this partition as "no execute") 2. System administrator installs only verified software, using digital signatures to verify authenticity. 3. System administrator also logs in as a regular user, UNLESS he is going to administer the system. Immediately after finishing his admin role, he relinquishes his admin permissions and becomes a normal user. Very simple, 100% effective. ▲ Collapse | | | two2tango Argentina Local time: 22:23 Member English to Spanish + ... Computers are tools to be used | Jun 7, 2003 |
Rick Henry wrote: Maybe it´s just me, but I think computers should serve people, not the other way around. Not just you, Rick, there´s at least two of us. Regards Enrique | | | Pages in topic: [1 2] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Urgently update your antiviruses Anycount & Translation Office 3000 | Translation Office 3000
Translation Office 3000 is an advanced accounting tool for freelance translators and small agencies. TO3000 easily and seamlessly integrates with the business life of professional freelance translators.
More info » |
| Protemos translation business management system | Create your account in minutes, and start working! 3-month trial for agencies, and free for freelancers!
The system lets you keep client/vendor database, with contacts and rates, manage projects and assign jobs to vendors, issue invoices, track payments, store and manage project files, generate business reports on turnover profit per client/manager etc.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |