This Week's Top 10 Spyware Threats

[bmarv]

This Week's Top 10 Spyware Threats
Our overall Threat Level remains at Elevated - you should maintain a guarded approach to your surfing and computer practices. Things are not crazy but they are not calm either so be a little wary. Watch out for Halloween spam with offers for gift cards that include surveys that rip off your personal info. Also, here's a watch out for searches of Emma Stone nude, and Microsoft Security Essentials which could turn out to be dangerous (malicious sites).
1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen: Trojan
3. Trojan.Win32.Malware: Trojan
4. Trojan.ASF.Wimad (v): Trojan
5. Trojan.Malware: Trojan
6. INF.Autorun (v): Trojan
7. Trojan.DNSChanger.Gen: Trojan
8. MyWebSearch Toolbar: Potentially Unwanted Program
9. GameVance: Adware (General)
10.Virtumonde: Adware (General)

[bmarv]

We use it here to indicate dangerous web searches, i.e., malicious sites. Therefore, in line with this, if you should go search for Stephen Gately, Emma Stone nude or Microsoft Security Essentials (ironically enough), you just might find your computer in a very very bad place.
This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen: Trojan
3. Trojan.Win32.Malware: Trojan
4. Trojan.ASF.Wimad (v): Trojan
5. Virtumonde: Adware (General)
6. Trojan.Malware: Trojan
7. MyWebSearch Toolbar: Potentially Unwanted Program
8. INF.Autorun (v): Trojan
9. Trojan.1: Trojan
10. Trojan-Downloader.Win32.Renos.jm (v): Trojan Downloader

[bmarv]

Dangerous Web Searches
Right now the criminals are linking up with "This is It" (Michael Jackson song), Stephen Gately, Emma Stone nude, Microsoft Security Essentials, so it's best not to go there.

This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen: Trojan
3. Trojan.Win32.Malware: Trojan
4. Trojan.ASF.Wimad (v): Trojan
5. INF.Autorun (v): Trojan
6. Fast Browser Search: Toolbar
7. Exploit.PDF-JS.Gen (v): Exploit
8. MyWebSearch Toolbar: Potentially Unwanted Program
9. Trojan.Malware: Trojan
10. Virtumonde: Adware (General)

[bmarv]

It was an auspicious week with the release of Windows 7. There are a couple of spam campaigns going on worth mentioning one is fake tax rebates in the UK. Another is any messages related to Microsoft Outlook or SSL certificates. And of course, this being Halloween beware of offers of gift cards for surveys. Their only purpose is to steal personal info. And as you search the web there are a few danger zones including Balloon boy, Windows 7, and Kanye West death.
This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen: Trojan
3. Trojan.Win32.Malware: Trojan
4. Trojan.ASF.Wimad (v): Trojan
5. Packed.Win32.Tdss.Gen (v): Backdoor
6. INF.Autorun (v): Trojan
7. Exploit.PDF-JS.Gen (v): Exploit
8. Trojan-Downloader.Zlob.Media-Codec: Trojan Downloader
9. MyWebSearch Toolbar: Potentially Unwanted Program
10. Trojan.Malware: Trojan

[bmarv]

You should avoid some new spam campaigns this week, including a fake FDIC alert that your bank has failed (always good for the heart or ulcer), a fraudulent Facebook notification that your password has been reset and you get a Trojan for your troubles (nice guys aren't they?). And that Halloween graft is still going on with offers gift cards for "surveys" that steal your personal info.

If you are using WordPress, Opera or Firefox, make sure you get your updates.
This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen: Trojan
3. Trojan.Win32.Malware: Trojan
4. Trojan.ASF.Wimad (v): Trojan
5. INF.Autorun (v): Trojan
6. Packed.Win32.Tdss.Gen (v): Backdoor
7. MyWebSearch Toolbar: Potentially Unwanted Program
8. Trojan.Malware: Trojan
9. Trojan.1: Trojan
10 Exploit.PDF-JS.Gen (v): Exploit

[bmarv]

Threat Level Remains at Elevated
All is rather peaceful in cyberland comparatively speaking. That means it is a good time to make sure your computer is up to date with all its necessary patches, definitions, etc. Today (November 10) is Microsoft patch Tuesday and we are told there will be six updates, four for Windows (Win2K, XP, Vista as well as Server '03 and '08) and two for Office. Important note: Adobe is recommending that users upgrade their Shockwave Player to version 11.5.2.602 multiple vulnerabilities that can lead to execution of arbitrary code have been reported in 11.5.1.601 and earlier.
On the Spam
A couple of spam campaigns to watch out for include a fake tool for automatically generating invitations for Google Wave and it is trojanized. There is a Twitter phishing campaign where users get "change your password" message and on the "What me worry" front a fake FDIC alert that your bank has failed. So look out for those.
Update Land
Here are some recent updates including the aforementioned Adobe Shockwave Player 11.5.2.602, Sun Java SE JDK 6 and SE JRE6, Microsoft Internet Explorer, VMWare7, Fusion 3.0 (VMWare for Mac OS), WordPress 2.8.5, Opera 10.01, Firefox v. 3.0.15 and v. 3.5.4 and SeaMonkey 2.0.

This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan.Win32.Generic!SB.0: Trojan
3. Trojan-Spy.Win32.Zbot.gen: Trojan
4. Exploit.PDF-JS.Gen (v): Exploit
5. Trojan.Win32.Vundo.Gen.2 (v): Trojan
6. Trojan.Win32.Malware: Trojan
7. Trojan.ASF.Wimad (v): Trojan
8. VirTool.Win32.Obfuscator.XZ (v): Trojan
9. INF.Autorun (v): Trojan
10. Packed.Win32.Tdss.Gen (v): Backdoor

[bmarv]

Patches & Updates
Make sure you get the latest updates: Adobe Shockwave Player 11.5.2.602, AND Sun Java SE JDK 6 and SE JRE6. Remember to keep your computer up-to-date, let Microsoft update your PC, this is crucial to stay safe:
 
This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen: Trojan
3. Trojan.Win32.Generic!SB.0: Trojan
4. Exploit.PDF-JS.Gen (v): Exploit
5. Trojan.ASF.Wimad (v): Trojan
6. Trojan.Win32.Malware: Trojan
7. Trojan.Win32.Tdss.aalc (v): Trojan
8. INF.Autorun (v): Trojan
9. MyWebSearch Toolbar: Potentially Unwanted Program
10. Net-Worm.Win32.Koobface.cln: Worm.Generic

[bmarv]

Careful Surfing Report
The following items would be considered dangerous web searches delivering you into the hands of the evil empire. Keep away from searching Tiger Woods car crash as there are sites out there offering videos with Trojanized video viewers.

Spam Cam
Whatever you do, do NOT open links labeled Social Security statement correction as the link delivers a banking Trojan, links to the NEW MOON movie leads to rogue and bot downloads and ones labeled Tamiflu sales which take you to notorious online pharmacy sites.

Updates
Look for updates to Opera version 10.10, Adobe Shockwave Player 11.5.2.602, and Sun Java SE JDK 6 and SE JRE6.

This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen: Trojan
3. Exploit.PDF-JS.Gen (v): Exploit
4. Trojan.Win32.Generic!SB.0: Trojan
5. Fast Browser Search: Toolbar
6. Trojan.ASF.Wimad (v): Trojan
7. Trojan.Win32.Malware: Trojan
8. MyWebSearch Toolbar: Potentially Unwanted Program
9. INF.Autorun (v): Trojan
10. Trojan.Malware: Trojan

[bmarv]

Threat Level Elevated
If you use Spam Assassin, they had a Y2010 bug that could lead to large numbers of false positives. A fix is available. Adobe said it will update Adobe Reader and Acrobat by January 12 to fix the vulnerability that allows Reader and Acrobat to run arbitrary code if a victim opens a specially crafted .pdf file. Users should avoid opening the files from untrusted sources and disable JavaScript in Acrobat and Reader. There are reports that the vulnerability is being exploited.

Keep your eyes open for the InternetSecurity2010 Rogue Security Program and by all means do not download it! Look out for the "Happy New Year 2010" spam, the link leads to Trojan downloader.

This Week's Top 10 Spyware Threats
 
1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen: Trojan
3. Trojan.Win32.Generic!SB.0: Trojan
4. Exploit.PDF-JS.Gen (v): Exploit
5. Trojan.Win32.Malware: Trojan
6. Trojan.ASF.Wimad (v): Trojan
7. INF.Autorun (v): Trojan
8. Rootkit.TDss.Gen: Rootkit
9. InternetSecurity2010: Rogue Security Program
10. MyWebSearch Toolbar: Potentially Unwanted Program

[bmarv]

Threat Level Elevated
Adobe said it will issue a patch tomorrow for the .pdf vulnerability in Reader 9.2 and Acrobat. 9.2. The company said there has been active exploitation of the weakness and advised users to turn off JavaScript capabilities.

This Week's Top 10 Spyware Threats
A quick word about Number 10 in our bad guy hit parade - INF.Autorun is part of a generic family of threats that use Autorun.inf files to automatically launch backdoors, Trojans and Trojan downloaders when certain files or folders are accessed by the user. After execution, these malicious files will usually download additional malware to the compromised box. Obviously, it is most dangerous and should be removed.

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen: Trojan
3. Exploit.PDF-JS.Gen (v): Exploit
4. Packed.Win32.TDSS.aa.3 (v): Trojan
5. Virtool.Win32.RootkitDrv.Gen (v): Trojan
6. Trojan.Win32.FraudPack.gen.a (v): Trojan
7. Trojan.Win32.Malware: Trojan
8. Trojan.Win32.Generic!SB.0: Trojan
9. Trojan.ASF.Wimad (v): Trojan
10. INF.Autorun (v): Trojan

[bmarv]

Threat Level Elevated
Be aware of the following: Microsoft has released a security advisory (979352) on the vulnerability in Internet Explorer (v. 6,7 and 8 ). Exploits are in the wild. Apple iTunes (8.0.2.20 - 9.0.1.8 ) and QuickTime (7.3.4 through QuickTime X) have a buffer-overflow vulnerability that could result in execution of arbitrary code or denial-of-service. No updates are available. Microsoft is warning of vulnerabilities in Adobe Flash Player 6 that was provided in Windows XP. Users should install the latest version of Adobe Flash Player.

Adobe issued bulletin APBS10-02 which describes patching for the .pdf vulnerability in Reader and Acrobat. The company said there has been active exploitation of the weakness and advised users to turn off JavaScript capabilities.

Sick Criminal Minds
As disgusting as it sounds, please be wary of the bad guys taking advantage of the situation in Haiti. Numerous sources are predicting that the earthquake in Haiti will be used as a theme for fraudulent or malicious spam and fake charity web sites.

This Week's Top 10 Spyware Threats

Be aware of Exploit.PDF-JS.Gen (v), it is dangerous and exploits a security flaw in PDF files with embedded JavaScript that often installs downloaders that retrieve further malware from remote Web sites.

1. Trojan.Win32.Generic!BT: Trojan
2. Exploit.PDF-JS.Gen (v): Exploit
3. Trojan-Spy.Win32.Zbot.gen: Trojan
4. Trojan.ASF.Wimad (v): Trojan
5. Trojan.Win32.Generic!SB.0: Trojan
6. Trojan.Win32.Malware: Trojan
7  Trojan.HTML.FakeAlert.a (v): Trojan
8. INF.Autorun (v): Trojan
9. MyWebSearch Toolbar: Potentially Unwanted Program
10. Trojan.FakeAlert: Trojan

[bmarv]

Threat Level Elevated
Watch out for some malicious spam campaigns including an "updated W-2 form" attachment for employers, when you click on the attachment it downloads a banking Trojan. And be very suspicious of any spam related to Haiti earthquake (this is such a shame).

Recent Updates
Internet Explorer, Real Player, Firefox 3.6, Shockwave Player 11.5.6.606, Oracle (various products), Juniper Junos OS, Sendmail 8.14.4, Flash Media Server 3.5.3, WinAmp, Adobe Reader and Adobe Acrobat.

This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-PWS.Win32.Qwak (v): Trojan
3. Exploit.PDF-JS.Gen (v): Exploit
4. Trojan-Spy.Win32.Zbot.gen: Trojan
5. Trojan.Win32.Generic!SB.0: Trojan
6. Trojan.ASF.Wimad (v): Trojan
7. Virtumonde: Adware (General)
8. Trojan.Win32.Malware: Trojan
9. MyWebSearch Toolbar: Potentially Unwanted Program
10. INF.Autorun (v): Trojan

[Oro raro]

Just wanted to say thanks for the weekly updates bmarv.    It helps keep us in the know of some of the latest spyware threats.  Shame that the brains behind the bad could not use them for good...I am sure the world would be a much better place.

[bmarv]

Danger Danger 
There are some mighty dangerous topics to be leery of in your spam and web searches, including Apple Tablet, unknown Facebook app, and Valentine's Day- themes. So do not search on these terms, or if you do, be -very- careful with the results you get back.

This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen:Trojan
3. Exploit.PDF-JS.Gen (v): Exploit
4. Trojan.Win32.Generic!SB.0: Trojan
5. Virtumonde: Adware (General)
6. Trojan.ASF.Wimad (v): Trojan
7. Trojan.Win32.Malware: Trojan
8. MyWebSearch Toolbar: Potentially Unwanted Program
9. INF.Autorun (v): Trojan
10. Trojan.Win32.Agent: Trojan

[bmarv]

Threat Level Elevated
Microsoft will release 13 security bulletins this Patch Tuesday- five are considered critical, so make sure you download and install these puppies. Microsoft also has issued Security Advisory 980088 that warns of vulnerability in Internet Explorer that can allow the disclosure of information. Microsoft recommends setting the Internet and Local Intranet security zones to "high". Get your patches here:
http://www.sunbeltsecuritynews.com/SMJAYI/100210-Windows-Update


Dangerous Zone Topics
If you are out surfing or simply perusing your inbox, you want to watch out for the Danger Zone Topics in spam and searches, including: Bill Cosby's rumored death, the "World Cup", U.S. tax filing themes, "unknown Facebook app" and of course any and possibly all Valentine's Day themes. Kinda sucks don't it?

This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan-Spy.Win32.Zbot.gen (v): Trojan
3. Trojan-Spy.Win32.Zbot.gen: Trojan
4. Exploit.PDF-JS.Gen (v): Exploit
5. Trojan.Win32.Generic.pak!cobra: Trojan
6. Trojan.Win32.Generic!SB.0: Trojan
7. Trojan.Win32.Agent: Trojan
8. Virtumonde: Adware (General)
9. INF.Autorun (v): Trojan
10. Trojan.Win32.Malware: Trojan