|· Rules & Guidelines · Portal||Help Search Members Calendar|
|Welcome Guest ( Log In | Register )||Resend Validation Email|
|Welcome to Teepee Friends. We hope you enjoy your visit.|
You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.
Join our community!
If you're already a member please log in to your account to access all of our features:
Posted: Jun 5 2012, 08:50 PM
Member No.: 24
Joined: 22-May 06
Hackers Fake Microsoft Update; Spread Malware
Cyber-crooks have reportedly used fake Microsoft credentials to spread the new Flame malware. In response, Microsoft has issued an 'emergency security advisory', along with a guide telling people how to protect their computer systems and networks.
The Flame virus is a bit unusual, in that it is designed to steal data rather than corrupt or take down computer systems.
Described by researchers at Kaspersky Lab as a "complete attack toolkit," the Flame virus is considered by many to be an even bigger security threat than the massive Stuxnet worm, which it closely resembles.
Flame Masquerades as Legitimate Microsoft Code
Although it was dangerous before, Flame now poses an even bigger risk. The cybercriminals behind it have successfully configured their virus to use legitimate Microsoft credentials to help it slip under network defenses.
In a recent post on the Microsoft Security Response Center blog, Microsoft stated: "We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft." (Source: pcmag.com)
Experts believe that the people behind Flame have found and exploited a new flaw in the Terminal Server Licensing Service used by many IT administrators to authorize Remote Desktop services on Windows-based networks.
Because most IT systems accept legitimate Microsoft code by default, the Flame virus -- which can now appear legit to network defenses -- is often accepted and passed through to vulnerable computer data and systems.
Microsoft Sends Emergency Security Advisory
To combat this new danger, Microsoft has now released an Emergency Security Advisory that explains in great detail exactly how IT administrators can block any of Flame's rogue security certificates from gaining unauthorized access to networks.
But for some IT administrators, this may be too little, too late. nCircle security expert Andrew Storms warns that the "discovery of a bug that's been used to circumvent Microsoft's secure code certificate hierarchy is a major breach of trust," and points out that "it's a big deal for every Microsoft user." (Source: pcworld.com)
However, Flame is a highly targeted form of malware, so the systems of most home users are not likely to be targeted by those who designed this potent virus.
Storms believes the sophisticated nature of Flame's most recent attack lends weight to the theory that the hackers behind it represent a nation-state, meaning they may have the financial backing of a powerful government.
IDIOCRACY - The only movie that started out as a comedy and then became a documentary.
Posted: Jun 5 2012, 10:05 PM
*Young at Heart *
Member No.: 1
Joined: 14-March 06
Well all I know is I hope they can find a way to block it and kick out of space here, and I am sure they will pretty soon and get rid of it, There is a ghost virus that can really dmanage machines to and I got to check in on that one,
Patience is the ability to idle your motor when you feel like stripping your gears.