Attend one of our weekly Security Center 9 webinars and you will learn:

• Kaspersky’s operating system and data management system requirements
• The applications that can be managed from Kaspersky’s centralized management and reporting tool
• Logical network and administration server hierarchy and functions
• How Kaspersky remotely removes over 120 applications with built-in scripts
• The steps for a quick and easy deployment with centralized malware policy creation, installation methods, and scheduling
• The breadth of reporting functionality included in the product and the ability to create custom reports

Click here to visit our website and register for one of the webinars.

Click here to go to our Webinar page to find out more!

Many speculative bits have been spilled on the group behind Stuxnet and its precursor Duqu, with our own researchers posting at least a half dozen Securelist writeups on Duqu findings alone. MS11-087 patches up the delivery vector for Duqu itself. This kernel mode vulnerability was publicly identified and confirmed at the beginning of November, but could well have been used quietly in attacks around the world for a year or more.

The targeted functionality provides TrueType font parsing capabilities for the OS, and the group abused these components by delivering exploits in the form of Word Documents attached to emails interesting to their individual victims, a technique known as spear-phishing. The flawed code has been known to impact only a very select set of systems throughout the world.

The other headline grabbing event and code that was anticipated to be released is known as the SSL BEAST vulnerability. We covered the potential hysteria surrounding the Ekoparty conference demo in Argentina a couple of months ago, where a researcher demonstrated SSL being cracked on a Windows system. There were no public reports whatsoever of this flaw being attacked, and Microsoft is delaying its release to ensure that its browser cannot be hacked in this way without compatibility issues, following the lead of Google Chrome and Firefox.

A slew of other patches were released this time around, with Internet Explorer, Powerpoint, and other components, including the Chinese font producing Pinyin IME component, all being updated. It’s interesting that even Microsoft considers exploit code likely to be published for at least a dozen of them, but does not consider many of them critical for admins to patch. One that stands out as a candidate for “Critical” in my book is the Active Directory problem. Organizations that have been under persistent targeted attacks may consider this one to be very urgent, with Domain Controllers and Active Directory of high interest to their adversaries in past attacks.

Source: Kaspersky Labs Daily Digest

Fool techie friends with fake-gadget ‘gifts’

It’s not often we send out a special alert to Clients but we feel that is important to pass along some information about an ACH hoax that has been circulating through many email boxes lately.  If you transfer any kind of funds through ACH (Automatic Clearing House) such as payroll transactions, recurring invoices or membership dues you need to pay particular attention to any correspondence you may be receiving related those transfers. A fellow SonicWALL Gold Partner has had at least two clients affected to date who have been compromised by replying with information to a seemingly official email. The emails seen lately have ACH in the title and refer to a failed transaction.

Our quick advice – if it looks the least bit suspicious to you, make a call to the bank or clearing house that you use.  Prevention is always better than a cure!

Check it out here

Click here to read more from eweek.com

The latest instance of this  phishing ploy comes from crooks trying to scam users under the guise that they’re selling software from the security firm Kaspersky Lab. The unsolicited emails look official, and include a link that directs recipients to a website selling “Best Antivirus Online.”

To buy the product, users are told to first enter their credit card details and email address so they can “receive further instructions,” Maria Namestnikova from Kaspersky Lab wrote on the company’s Securelist  blog. (The anti-virus ad, she wrote, resembled the signature design of Symantec’s anti-virus software — perhaps an attempt to trip up users by adding some legitimate, if mismatched, visual support to the scam.)

To investigate the phising scam, Namestnikova followed the directions, but said she received no further instructions. So while victims don’t end up downloading any potentially harmful software, they’ve handed over their credit card info to a total stranger.

Phishing scams like this are very common, but users can avoid this one by not entering credit card details on suspicious-looking websites, and by ignoring unsolicited emails trying to convince them to purchase security software. “No reputable company would send spam messages,” Namestnikova said.

More sophisticated scams shilling fake anti-virus software, such as MacDefender, have made headlines recently by actually taking over computers and then holding them hostage, or redirecting Web browsers to porn sites until their owners pay.

Source