| Страниц в теме: [1 2] > | Urgently update your antiviruses Автор темы: Uldis Liepkalns
|
|---|
Uldis Liepkalns 
Латвия
Local time: 10:01
Член ProZ.com c 2003
английский => латышский
+ ...
I received already about 20 of them today, and until update my antivirus didn't detect them.
Sincerely- Uldis
"Kaspersky Labs, an international data security software developer, reports the detection of a new version of the Internet worm Tanatos. The new version of this malicious program, called Tanatos.b, has dangerously destructive capabilities for infecting computer files.
Kaspersky Labs will make more details covering Tanatos.b available shortly.
... See more I received already about 20 of them today, and until update my antivirus didn't detect them.
Sincerely- Uldis
"Kaspersky Labs, an international data security software developer, reports the detection of a new version of the Internet worm Tanatos. The new version of this malicious program, called Tanatos.b, has dangerously destructive capabilities for infecting computer files.
Kaspersky Labs will make more details covering Tanatos.b available shortly.
The defense against Tanatos.b has already been added to the Kaspersky Anti-Virus database. Kaspersky Labs recommends all computer users to update their anti-virus databases." ▲ Collapse
| | | | Myron Netchypor
Украина
Local time: 10:01
Член ProZ.com c 2003
английский => украинский
+ ...
МОДЕРАТОР | Thank you Uldis | Jun 5, 2003 |
Could you please also specify if this virus comes in attachement or in message body?
[Edited at 2003-06-05 12:23]
| | | | Uldis Liepkalns
Латвия
Local time: 10:01
Член ProZ.com c 2003
английский => латышский
+ ...
Автор темы | I can not say | Jun 5, 2003 |
as in my system it ends up in Eudora>Spool as file named "temp.in". I guess it may be different on other systems. Since I updated antivisus bases, I do not see them any more, only my antivirus program keeps reporting successful anihilations.
But it seems to be serious- since I posted the first message, I have received about 10 more of these worms.
Please visit www.kaspersky.com for more info.
Uldis
Myron Netchypor wrote:
Could you please also specify if this virus comes in attachement or in message body?
[Edited at 2003-06-05 12:23]
[Edited at 2003-06-05 12:45]
[Edited at 2003-06-05 13:01]
| | | | Nikita Kobrin
Литва
Local time: 10:01
Член ProZ.com c 2010
английский => русский
+ ...
| + one more (W32/Bugbear.B-mm) | Jun 5, 2003 |
New virus alert: W32/Bugbear.B-mm
Beware of the a new email-borne mass-mailing virus:
On 4th June 2003, MessageLabs the email security company intercepted copies of a new mass-mailing virus called W32/Bugbear.B-mm, and intercepted the first copy originating from the United States.
Name: W32/Bugbear.B-mm
Aliases: W32/Kijmo-mm, W32/Shamur-mm
Number of copies intercepted so far: 300+
Time & Date first Captured: 4th June 2003... See more New virus alert: W32/Bugbear.B-mm
Beware of the a new email-borne mass-mailing virus:
On 4th June 2003, MessageLabs the email security company intercepted copies of a new mass-mailing virus called W32/Bugbear.B-mm, and intercepted the first copy originating from the United States.
Name: W32/Bugbear.B-mm
Aliases: W32/Kijmo-mm, W32/Shamur-mm
Number of copies intercepted so far: 300+
Time & Date first Captured: 4th June 2003 11:59GMT
Origin of first intercepted copy: United States
Number of countries seen active: 20 (currently mostly in US and Australia)
Email characteristics:
The sender address may be spoofed, and may not indicate the true address of the sender. The virus contains a number of domains that it appears to be capable of spoofing.
Emails that we have thus far seen have varying subject lines, seemingly relating to information or documents plagiarised from the recipient’s infected machine.
The body-text of the message is variable and appears to be taken from documents and files found on the recipient’s infected machine.
The attachment is compressed in a modified UPX format. The file size is 72,192 bytes. Attachment names are also variable, possibly based on from filenames found on the infected machine with an extension of either .scr, .pif or .exe
For example: Crimbo.exe.scr, Lotto.mbd.pif, 052003.ptx.exe, My Money Backup.mbf.scr, Captletterhead.doc.scr
Virus Behaviour
Initial analysis suggests that the virus is a mass mailer. It appears to be very polymorphic in nature and compressed using a variant of UPX, however, it seems to have the ability to repack or modify itself during each generation, presumably in an attempt to foil simple anti-virus signature fingerprinting techniques.
In some copies that we have stopped, the MS01-020 auto-open exploit has been found, which will automatically execute the attachment just by reading the email on an unpatched Windows system.
Virus Payload
Initial analysis indicates that this virus may also be able to disarm local security software, such as anti-virus or firewall software. It may also be able to spread via network shares, as was the case with the earlier Bugbear.A strain. Furthermore, it may also install a key-logging trojan component that will enable an unscrupulous hacker to take control of the infected machine and download a file containing the user’s keystrokes, including information entered on websites such as passwords or credit-card details for example.
Comment
The virus includes a number of domain names that it appears to be capable of spoofing, including many major international banks, financial institutions and government authorities.
Paul Wood, Chief Information Analyst at MessageLabs said, “This is a particularly worrying trend in terms of the social engineering techniques now almost customary for any new virus to take hold.
Particularly worrying is the fact that not only can Bugbear leach confidential information from an infected machine, but it may also leave a backdoor wide open for hackers to take control of the machine and misappropriate passwords, credit-card details or for some other nefarious purpose.
“From the pattern of Bugbear.B emails that we have stopped already this morning, we anticipate that this is likely to reach high-level outbreak very soon, particularly as the US begin to come online.”
Detection
MessageLabs detected all strains of this virus proactively, using its unique and patented Skeptic™ predictive heuristics technology.
For further information, please visit the MessageLabs website at: http://www.messagelabs.com and
http://www.messagelabs.com/viruseye/info/default.asp?virusname=W32/BugBear.B-mm&frompage=virus%20search&fromurl=/viruseye/search/default.asp ▲ Collapse
| | |
|
|
|
Marc P (X)
Local time: 09:01
немецкий => английский
+ ...
| General solution | Jun 5, 2003 |
Thank you to all who have provided helpful advice on the subject of virsues.
I wonder, though, why it is not possible for those who are vulnerable to attack to make their systems secure. No one should be running a system which automatically executes malicious code. If they are, shouldn't they change the configuration? And if the configuration can't be changed, shouldn't they move over to a more secure system?
Saying "look out for this car thief, he is wearing a red swea... See more Thank you to all who have provided helpful advice on the subject of virsues.
I wonder, though, why it is not possible for those who are vulnerable to attack to make their systems secure. No one should be running a system which automatically executes malicious code. If they are, shouldn't they change the configuration? And if the configuration can't be changed, shouldn't they move over to a more secure system?
Saying "look out for this car thief, he is wearing a red sweater and white running shoes" is all very well. Is it not better to tell people to lock their cars?
Just a thought.
Marc ▲ Collapse
| | | | Bill Greendyk
США
Local time: 03:01
Член ProZ.com c 2002
испанский => английский
+ ...
| Good logic, Marc! | Jun 5, 2003 |
MarcPrior wrote:
Saying \"look out for this car thief, he is wearing a red sweater and white running shoes\" is all very well. Is it not better to tell people to lock their cars?
Just a thought.
Marc
What a clever way of putting it, Marc! I like that! I quite agree with you. With all the anti-virus software out there, who would even dare run their computer these days without it?
Bill
| | | | Marc P (X)
Local time: 09:01
немецкий => английский
+ ...
Bill Greendyk wrote:
What a clever way of putting it, Marc! I like that! I quite agree with you. With all the anti-virus software out there, who would even dare run their computer these days without it?
How can I put this... there is no anti-virus software for Linux, so...
Marc
| | | | | As far as I know... | Jun 5, 2003 |
MarcPrior wrote: Bill Greendyk wrote:
What a clever way of putting it, Marc! I like that! I quite agree with you. With all the anti-virus software out there, who would even dare run their computer these days without it?
How can I put this... there is no anti-virus software for Linux, so... Marc
there is no virus for linux...
Quite nice!
| | |
|
|
|
Uldis Liepkalns
Латвия
Local time: 10:01
Член ProZ.com c 2003
английский => латышский
+ ...
Автор темы | I see the discusion has taken | Jun 5, 2003 |
quite a turn. Why I posted this warning in the first place- my antivirus provider Kaspersky normally releases one update a day, and I have set the automatic update time to 7 PM. Normally that's enough, but if the virus starts spreading at 10 AM... Kaspersky guarantees update within 2 hours the new virus is sighted anywhere in the World, and when after sigting the first 10 viruses visually I updateded, the update was there. But there are other antivirus providers, who offer automatic updates week... See more quite a turn. Why I posted this warning in the first place- my antivirus provider Kaspersky normally releases one update a day, and I have set the automatic update time to 7 PM. Normally that's enough, but if the virus starts spreading at 10 AM... Kaspersky guarantees update within 2 hours the new virus is sighted anywhere in the World, and when after sigting the first 10 viruses visually I updateded, the update was there. But there are other antivirus providers, who offer automatic updates weekly
Yes, I do not execute files named “Britney_Spears_naked.exe” more often than I do run ordinary “Virus.exe”, but none the less, it’s much more comfortable, when your antivirus is updated and you do not have to delete viruses manually. By the way, most of them can not be deleted simply by a command Del, you have to use Shift+Del.
My editing was caused because command description written in parenthesis for whatewer reason doesn't appear in the post...
[Edited at 2003-06-05 19:31]
[Edited at 2003-06-05 19:53] ▲ Collapse
| | | | Rick Henry
США
Local time: 02:01
итальянский => английский
+ ...
| False sense of security. | Jun 6, 2003 |
While a virus or trojan isn´t common on Linux, it is possible to write malicious code on any platform. The damage may be confined to the user´s space instead of the entire operating system, but it can be done and has been done.
Bottom line, it still comes down to the user acting responsibly.
R.
==
Francisco Herrerias wrote:
there is no virus for linux...
Quite nice!
| | | | Marc P (X)
Local time: 09:01
немецкий => английский
+ ...
| Viruses for Linux | Jun 6, 2003 |
As Rick says, Linux viruses do exist. I was just pointing out that Linux virus detection software doesn't exist, to my knowledge. (Software which detects Windows viruses does exist for installation on Linux servers.)
Rick is also right about the false sense of security. Linux is generally more secure than Windows, but that is not the main reason for the lack of Linux viruses. The main reason is that Linux software generally has a very defensive default configuration, and also that L... See more As Rick says, Linux viruses do exist. I was just pointing out that Linux virus detection software doesn't exist, to my knowledge. (Software which detects Windows viruses does exist for installation on Linux servers.)
Rick is also right about the false sense of security. Linux is generally more secure than Windows, but that is not the main reason for the lack of Linux viruses. The main reason is that Linux software generally has a very defensive default configuration, and also that Linux desktop users (the few that there are) are generally more aware of the security issues.
Like most people, I have been receiving lots of e-mails with .pif attachments of late. But: 1) my system does not open/execute them automatically; 2) if I click on them to try to open/execute them, a security warning dialog appears before anything is done; 3) before opening/executing them, I have to select and/or acknowledge what application will be used (and if, for example, it's Acrobat Reader, I can be confident that whatever the attachment contains is harmless). On Linux, it's far easier to delete a file by mistake (and, unlike Windows, a deleted file can't be retrieved) than it is to open/execute an attachment by accident.
Surely Windows can be configured to behave the same way - it's not THAT bad.
Marc ▲ Collapse
| | | | | Anybody with this e-mail address ? "[email protected]" Scan your computer! | Jun 6, 2003 |
I have just got an e-mail with an attchment (97 kb) from this sender.
Sender: [email protected]
Subject:
[ProZ.som Kudoz] tie-tamping (
English>Portugese)
I didn't open it.
Probably it's infected with virus.
If somebody has that e-mail address, or knows it, please update your antiviruses
and scan your computer!
Kind regards,
Katalin
| | |
|
|
|
Milos Prudek
Чехия
Local time: 09:01
английский => чешский
+ ...
| Not entirely true | Jun 6, 2003 |
[quote]Rick Henry wrote:
While a virus or trojan isn´t common on Linux, it is possible to write malicious code on any platform. The damage may be confined to the user´s space instead of the entire operating system, but it can be done and has been done.
This is not the whole picture. If your Linux system is set up properly, it is impossible to suffer any damage from a wanna-be virus.
The proper setup in three steps:
1. Normal users are prohibited to install software. Period. (You need to put user home directories on a separate disk partition and specify this partition as "no execute")
2. System administrator installs only verified software, using digital signatures to verify authenticity.
3. System administrator also logs in as a regular user, UNLESS he is going to administer the system. Immediately after finishing his admin role, he relinquishes his admin permissions and becomes a normal user.
Very simple, 100% effective.
| | | | Rick Henry
США
Local time: 02:01
итальянский => английский
+ ...
| Not to distract from the topic, but... | Jun 6, 2003 |
that´s a pretty Draconian way of looking at things.
First, we´re talking about desktops and laptops, not servers or mainframes. I highly doubt most people using PCs for translation purposes are going to have an administrator at their disposal (unless they work for a huge translation agency).
Second, under your scenario I wouldn´t even be allowed to write a script to do anything - sort, calculate, whatever.
Maybe it´s just me, but I think computers should serve people, ... See more that´s a pretty Draconian way of looking at things.
First, we´re talking about desktops and laptops, not servers or mainframes. I highly doubt most people using PCs for translation purposes are going to have an administrator at their disposal (unless they work for a huge translation agency).
Second, under your scenario I wouldn´t even be allowed to write a script to do anything - sort, calculate, whatever.
Maybe it´s just me, but I think computers should serve people, not the other way around.
Sorry for the little rant, but BOFH biases are a pet peeve of mine (for those that don´t know what BOFH stands for, I´ll leave you to do a search online). Suffice it to say it´s a stage that every admin. goes through at some point in their career (usually early on).
I was an admin. for 18 years, and I went through that stage as well
R.
==
Milos Prudek wrote:
This is not the whole picture. If your Linux system is set up properly, it is impossible to suffer any damage from a wanna-be virus.
The proper setup in three steps:
1. Normal users are prohibited to install software. Period. (You need to put user home directories on a separate disk partition and specify this partition as "no execute")
2. System administrator installs only verified software, using digital signatures to verify authenticity.
3. System administrator also logs in as a regular user, UNLESS he is going to administer the system. Immediately after finishing his admin role, he relinquishes his admin permissions and becomes a normal user.
Very simple, 100% effective. ▲ Collapse
| | | | two2tango
Аргентина
Local time: 04:01
Член ProZ.com
английский => испанский
+ ...
| Computers are tools to be used | Jun 7, 2003 |
Rick Henry wrote:
Maybe it´s just me, but I think computers should serve people, not the other way around.
Not just you, Rick, there´s at least two of us.
Regards
Enrique
| | | | | Страниц в теме: [1 2] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Urgently update your antiviruses | Trados Studio 2022 Freelance | The leading translation software used by over 270,000 translators.
Designed with your feedback in mind, Trados Studio 2022 delivers an unrivalled, powerful desktop
and cloud solution, empowering you to work in the most efficient and cost-effective way.
More info » |
| | TM-Town | Manage your TMs and Terms ... and boost your translation business
Are you ready for something fresh in the industry? TM-Town is a unique new site for you -- the freelance translator -- to store, manage and share translation memories (TMs) and glossaries...and potentially meet new clients on the basis of your prior work.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
