Pro IT Zone

According to the expert in security Dan Kaminsky, Internet is at this moment being overflowed by DNS attacks, programmed specifically for a hole of security published in July. Numerous administrators have not installed yet the security patch that corrects this vulnerability.

The problem was detected by Dan Kaminsky at the beginning of the year. The vulnerability implies that IP servers can be manipulated in a way to redirect users to a fake IP address.

Dan Kaminsky revealed the technical details at the beginning of August. The company IO Active already has registered the first assault of DNS attacks. Among others sites, the first attacks been have redirected to China Netcom.

Message Labs confirms that the suspicious traffic in DNS has increased in 52% between July and August. The data is processed as it demonstrates that the intruders look for new vulnerabilities in DNS servers.

Through a simple click on the browser the user may be invisible. Such is the reality of the next version of Internet Explorer. Indeed, Microsoft has sent 2 patent applications of their technologies “Cleartracks’ and ‘Inprivate’, which seek to enable the user to surf the Internet without leaving traces in the local computer.

The normal version of Internet Explorer records a wealth of information, such as Web sites visited by the user, as well as addresses and capsules of information (cookies). If you allow, Internet Explorer will also stored login names and access codes to services.

The role of “private mode” already exists in other browsers such as Apple Safari. As indicated, future versions of Firefox will also incorporate a similar function.

Kaspersky Labs has detected two new variants of a worm, Networm.Win32.Koobface.a. and Networm.Win32.Koobface.b, that attack users of MySpace and Facebook respectively. As a result, worms convert the computers of victims in zombie machines that comes part of a botnet network.

Although worms only attack users of MySpace and Facebook, Kaspersky Lab experts warn that are designed to download additional malicious code across the Internet. It is very likely that infected machines are used not only for sending links across social networks, but also be used for other purposes equally malicious.

NetWorm.Win32.Koobface.a spreads when a user accesses his account on MySpace and from that moment, the worm creates a series of comments and messages distributed to all your contacts. For its part, Net-Worm.Win32.Koobface.b attacks Facebook users and send spam messages to the list of friends of the person whose machine had been infected.

The messages and comments submitted through MySpace and Facebook are very striking and include a link to Youtube. [Skip]. Pl. If the recipient clicks on this link, is redirected to http / / youtube. [Skip]. Ru, a website which allegedly contains a video clip. But when trying to watch the video, a message in which it warns that there is a need to download the latest version of Flash Player and, when trying to do is download a network worm called codesetup.exe. As a result, users who have accessed the Web through Facebook have downloaded the worm attacking MySpace, and vice versa.

“Unfortunately, users rely too much on the messages they receive from their friends in social networks, thus the likelihood that click on a link is very high,” says Alexander Gostev, an analyst at Kaspersky Virus Labs. “Early 2008, which would target an increase in attacks on these networks, like MySpace and Facebook, and now this is evidence. I am convinced that this is only the first step and that the creators of viruses continue to exploit these networks with greater intensity. “

Secure Computing Researchers have discovered a new Trojan that this infecting normal multimedia files such as MP3 and WMA audio files and WMV video files.

If you come to be infected, all media files in the user’s PC will be like and what those same files can be sent to other users doing a spread of malware, if they are shared by email or P2P sites.

The initial infection occurs from illegal sites. When a user goes to that site and illegally looking for a crack or a serial key to be able to run a copy protected software, the user will download the Trojan.

When the user shares the file via email or on a P2P site, these media files infected will be transmitted to someone else. When you open the file, Windows Media Player is redirected to a malicious action on the Web to download a fake code, which guides the new victim to install Adware, Spyware or other malware.

Sophos has reported and warned that Facebook, one of the most popular social networks, has accidentally provided personal information about its members, data that could be very useful for identity thieves.

The full details of the birth dates of many of the 80 million active users were seen by others, even if an individual user had requested that the information remain strictly confidential.

According to Graham Cluley, Senior Consultant for Sophos, this was a security error on the website during the process of beta testing of its new design for profiles of its members, has meant that the details of the birth date have been exposed.

“I was impressed to see the full details of the dates of birth of so many members, even those who knew perfectly well that their privacy had correctly installed to conceal such information” said Cluley. “It is essential that users of social networks have sufficient confidence that their privacy will be protected - and is especially important information from your birth date, since it can be a very important figure for an identity thief.”

Cluley says that Facebook has been informed as soon as it was discovered the security hole, which now seems to have settled.

As proof watch this video: