RE: [SPN] Security Pipeline Newsletter - 07.01.2004 - Dangerous new threats

From: Keith Meteer

Date: 1 Jul 2004

CERT recommends that people stop using IE!

http://www.internetnews.com/security/article.php/3374931

> -----Original Message-----
> From:  [mailto:]On Behalf Of Bruce
> McIntyre
> Sent: Thursday, July 01, 2004 11:46 AM
> To: 
> Subject: [SPN] Security Pipeline Newsletter - 07.01.2004 - 
> Dangerous new
> threats
> 
> 
> 
> FYI...
> -----Original Message-----
> From: Security Pipeline Newsletter [mailto:afb73af1-b87f-e4b4-de11-d5048e7ad37d] 
> Subject: [SPN] Security Pipeline Newsletter - 07.01.2004
> 
> SECURITY PIPELINE NEWSLETTER
> http://www.securitypipeline.com/
> Thursday, July 1, 2004
> 
> 1. EDITOR'S NOTE: It's Getting More Dangerous Out There
> 
> The Internet became significantly more dangerous for business in 
> the past week, as criminals spread not one, but two attacks that 
> used the web as a platform, making web-spread attacks into a 
> mainstream threat. 
> 
> Last week's Scob attack infected clients that simply viewed 
> certain web sites using Internet Explorer. Infected clients were 
> redirected invisibly to a Russian web site that loaded a backdoor 
> and keystroke logger. 
> 
> Yesterday saw warnings about Bankhook.A, "a keystroke-logging 
> trojan that typically poses as an image file to gain entrance 
> into PCs to steal banking and financial information," according 
> to an article by CRN writer Dan Neel. Bankhook.A lays in wait 
> until the user accesses the URLs of several dozen banking and 
> financial sites worldwide, and captures keystrokes entered into 
> those sites. 
> 
> And today we're learning that a flaw in certain versions of 
> Internet Explorer permits malicious Web sites to insert 
> 'arbitrary content' in an arbitrary frame in a browser window.
> 
> We can draw two conclusions from these events, along with the 
> dozens that have occurred in previous weeks:
> 
> First, if you're still using Internet Explorer, you need to ask 
> yourself why. Alternative browsers such as Firefox and Mozilla 
> can access nearly all the sites that Internet Explorer can. 
> They're free, and they're not susceptible to attacks that 
> threaten Internet Explorer. 
> 
> Second, these attacks are no longer attacks on individual sites, 
> or groups of sites. They are attacks on the whole practice of 
> doing business online. 
> 
> If threats continue to grow more widespread and dangerous, soon 
> people will be unwilling to do business on the Internet. But 
> that's not going to happen. Fortunately, new technology and legal 
> measures are striking back at attackers. That's what we're in the 
> business of writing about at Security Pipeline. 
> 
> Mitch Wagner
> mailto:afb73af1-b87f-e4b4-de11-d504e8dcd57d
> Editor
> Security Pipeline
> http://www.securitypipeline.com
> 
> For more commentary and links by Mitch Wagner, see Wagner's Weblog
> http://WagBlog.InternetWeek.com
> 
> -----------------------------------------
> 2. Security Group Warns Of Newly Discovered IE Flaw
> http://www.securitypipeline.com/news/22103227
> The flaw permits malicious Web sites to insert arbitrary content 
> in a browser window.
> 
> 4. New Trojan Steals Banking Information
> http://www.securitypipeline.com/news/22102956
> Disguised as an image file, it is a threat to online banking 
> customers.
> 
> 5. Experts ID New Trojan As Bankhook.A
> http://www.securitypipeline.com/news/22103087
> Bankhook.A, a keystroke-logging trojan that targets users' 
> banking information, is disguised as an image file that runs when 
> Internet Explorer is launched.
> 
> 11. Microsoft Blames Hackers, Not Zero-Day Vulnerability, For 
> Web Attack
> 
> http://www.securitypipeline.com/showArticle.jhtml?articleId=22102640
> Security experts believe a Web attack last week was not caused by 
> a worm or virus, but by hackers manually attacking specific servers.
> 
> 13. Scob Virus Could Lead To Keyboard Logging
> http://www.securitypipeline.com/showArticle.jhtml?articleId=22102360
> Scob's unique method of delivery converts popular Web sites into 
> virus transmitters.
> 
> 14. Most Web Users Safe As Major Net Attack Slows
> http://www.securitypipeline.com/showArticle.jhtml?articleId=22102219
> The Russian hacker site that was delivering malicious code to 
> client machines has been shut down, but some threats remain. 
> 
> CHECK OUT THE SECURITY PIPELINE TOPIC CENTERS
> 
> Desktop Security:
> http://www.securitypipeline.com/desktop/
> 
> Network Security:
> http://www.securitypipeline.com/network/
> 
> Infrastructure:
> http://www.securitypipeline.com/infrastructure/
> 
> Policy & Privacy:
> http://www.securitypipeline.com/policy_privacy/
> 
> The Security Pipeline Newsletter
> http://www.securitypipeline.com/
> Copyright (c) 2003-2004 CMP Media LLC
> 600 Community Drive
> Manhasset, NY 11030
> 
> 
>