Security professionals have announced that there is a new round of greeting card spam that is spreading.

The subject line is “You’ve received a postcard from a family member!”.

The email contain links to a web site. If a user visits the web site, a javascript code will process and it will check whether the internet browser of the user has scripting enabled on or off.

If it is disabled, it will provide a link where the user’s computer can be exploited.

This announcement was made thursday afternoon by SANS Institute’s Internet Storm Center.

The exploits that may be performed are vulnerabilities from Quicktime, WinZip, and the dubbed “the Hail Mary”.

Source: COMPUTERWORLD

A new attack has been reported about Myspace.com accounts. Computerworld posted a new article which says that there are phishers who are compromising myspace accounts. The purpose is to attack the visitors of myspace webpages.

Johannes Ullrich who is the chief research officer for the SANS Institure said thousands of computers are infected based on the reports of various internet service providers.

This attack has been discovered last Tuesday by a person named Lawrence Baldwin. He is a chief forensics officer.

Myspace representatives have not yet made any comments.

The attack attempts to install a botnet and it tries to steal Myspace credentials.

Source: COMPUTERWORLD

We’ve been providing you with nuggets of weekly business hints, tips, sarcastic commentary on your communication, dress sense and management skills since January 2007. As this week’s offering, it’s a good time (hitting exactly the six month mark of our advice, guidance and general pointers in the right direction), for you to spend a little time reflecting.
Read the rest of this entry »

Computerworld has posted an article that there is a new email spam which tells a user to download a Windows update. Those who click the link in the email will be directed to a site which will inject a malicious code on their computers.

“A new 0-day vulnerability has appeared in the wild. The vulnerability affects machines running MICROSOFT OUTLOOK and allows an attacker to take full control of the vulnerable computer if the exploitation process is succesfull [sic],” the messge reads.

“Security bulletins from Microsoft describing vulnerabilities in their software are a common occurrence. [But] by using people’s real names, the Microsoft logo and legitimate-sounding wording, the hackers are attempting to fool more people into stepping blindly into their bear trap,” said Graham Cluely in a statement. He is a Sophos PLC analyst.

Source: Computerworld

One of our forum members greggh, a seasoned computer technician and business owner posted his list of what he brings to on-site computer repairs. His list is an excellent resource for beginners to help them start building their own kit and for experienced technicians to fill some holes in their own kits.
Read the rest of this entry »

A news has been released that Symantec will be giving away free software to Chinese users who were affected by a false update from Symantec. They estimated that the glitch affected 50,000 computers or less. However, some critics think that the number may be higher.

“As a company with an international name, Symantec’s response to its Chinese consumers lacks seriousness and sincerity. It’s obvious that Symantec avoids mentioning compensation. It is trying to get away with such words as ‘offer’ and ‘goodwill’,” said the deputy director of China E-commerce Association.

“Symantec’s offer is better than nothing. But it is not good enough. It’s not a real compensation program. The data lost can’t be made up for by any such offer or improvement in services,” said the director of the Chinese Academy of Science’s Internet Development Research Center.

Source: The Register

Restoration is a free utility to recover deleted files that were either sent to the recycle bin and then emptied, or directly deleted from within Windows. Restoration made an appearance in one of our earlier articles titled “How to Recover Accidentally Deleted Files” where we wrote about how to use this tool. This tool is easy to use and is handy for both home users and computer technicians. It does not require installation and works on FAT and NTFS formatted drives. It even works on camera memory cards.
Read the rest of this entry »

A new agreement has been reached between Trend Micro and Microsoft. The anti-virus developing company has agreed to a one-year extension of providing automatic protection for users who use Microsoft’s Windows Live Hotmail service.

Each time a user sends and receives an email, Trend Micro’s technology will scan for viruses, worms and other threats.

Punit Minocha, the vice president, business development, of Trend Micro said, “We are pleased to renew and extend our relationship, a testament to the quality of our security technology and services, and the responsive collaborative business approach we take together. As Internet threats remain a top concern among consumers worldwide, Microsoft can rely on Trend Micro-with our proven track record in delivering a scalable antivirus engine and rapid-response service-to continue safeguarding e-mail for the hundreds of millions Windows Live Hotmail customers worldwide.”

Source: Geekzone

In this article we talk about becoming a reseller, how to keep your prices down (and your profits up) and the dangers to watch out for.
Read the rest of this entry »

The Register has posted a news that a fake flash player has been developed by hackers which tricks users on downloading malware from a malicious site. The site poses as Downlod Center for Shockwave player and instead of downloading the real thing, they will receive a trojan package. It also disables the user’s right click mouse function when he or she visits the site according to SANS Institute’s Internet Storm Centre.

Users are presented with broken icons to make them think that they need a fix or upgrade their Shockwave player.

Although users can see that a fake URL is in their address bar, some may not notice it at all.

One of the sites that was targeted is a game site which is related to RuneScape.

Source: The Register