The e-mail appeared to be an invitation from an old, junior high school friend. Yet when the hospital employee clicked on the link, it instead led her to a malicious site that installed a Trojan horse on her computer. In a little over a week, international cybercriminals used that beachhead to steal more than $600,000 from the woman’s employer, according to a terse description of the incident on the Information Systems Security Association’s Web site.

A number of similar incidents to this one highlight the threats of online crime facing small and midsize businesses (SMBs), says Stan Stahl, president of Citadel Information Group and president of the Los Angeles chapter of the ISSA.

“Typically, they say, ‘We have firewalls in place and have AV on all the desktops, so I guess we are secure,’” Stahl says. “But today cybercrime is so sophisticated that is not enough anymore.”

Read full article at http://www.darkreading.com/smb-security/security/attacks/showArticle.jhtml?articleID=225702557&cid=RSSfeed

Alas, another day, another Facebook security alert.

As soon as you install this malware, it will tag every single one of your friends in a photo in batches of about 20. It then posts that photo to your wall.

This is what the photo looks like:

If a Friend looking through the photos then clicks on the app’s  link, they’ll see this:

If you have a lot of friends, you might end up with a series of albums like this:

Apart from the wall spamming, another obvious indication that this is a virus itself, is the url:

http://apps.facebook.com/kxetyegpgkxdwfy/

A valid application is not going to have a url with a bunch of jumbled letters at the end.

If you have been tagged in  the photo by one of your friends (remember, they did not really do this – the app did automatically), you can remove the tag.

1. Open your photos
2. Click the offending picture
3. Look for your name in the list of people tagged
4. Click the ‘Remove Tag’ link that appears beside your name

The photo will then automatically be removed from your photo list.

Source:

http://www.f-secure.com/weblog/archives/00001920.html

http://thefacebookinsider.com/2010/03/warning-facebook-antivirus-will-virally-spam-your-friends/

Microsoft has released a preview of the new version of Internet Explorer, IE 9.It can be downloaded  from http://ie.microsoft.com/testdrive/Default.html.

I’m sure we will soon start seeing phishing emails and malicious sites being set up around this so if you are interested, be sure to download it from the REAL Microsoft, huh.

Not impressed? Here’s Microsoft’s response, or should I call it a presponse.

“The Platform Preview is an early look at the Internet Explorer 9 platform so some features are incomplete, some may change, and some may be added…..We ask that you refrain from providing feedback on features where noted that they are either partially implemented or not available. We are aware of their condition and will provide updates in future releases. Similarly, for known issues, we are aware of their existence and are actively working on them. Thank you for your interest in the Internet Explorer Platform Preview!”

Email is a very common vector for attack nowadays. Security folks always scream ” Don’t download the attachment. Don’t download the attachment!” Here are some examples of a targeted email attack taken from a blog called  Contagio Malware Dump .

More at contagiodump.blogspot.com