Internet Security Companies Warn about Patch Tuesday and Valentines Day.

With Tomorrow being released some very highly rated Remote Code Execution to become Zero day in very short time. Some researchers are speculating about more viruses will be released in conjunction to Valentines day. According to this one post it will be likely to be E-cards being sent to try to lure you into downloading Malware.
[ad#ad2-right]

Various security vendors, including CA Inc, MX Logic Inc., Trend Micro Inc., and Panda Security, have issued alerts about new Valentine’s Day-themed spam campaigns that try to dupe users into installing the Waledec bot.

Researchers note that many websites which are affiliated to Waledac e-card scam have been recently updated with content based on the Valentine’s Day theme.

Web sites distribute Trojan files which are commonly named love.exe; onlyyou.exe; you.exe; youandme.exe; and meandyou.exe and the list is not exhaustive.
[Via Express Buzz]

So which ones will likely be the exploits they will use? I have a few theories on that and One of them is the INTERNET EXPLORER vulnerability that will be patched and will try to get you to launch the link and will most likely try to launch it in Internet explorer, That would be my guess.    It seems to be Internet Explorer 7 and Below which will be patched so if you want to try out the IE 8 Beta,  You should be safe on that.  Although the best bet is to prevent users from clicking links in emails and also warning them not to open any attachments they are not expecting.    I’d also have the AutoPatcher ready to install the lastest patches for this Tuesday and schedule a time this week to update all the possible systems involved with the Databases.  Although this isn’t one that tries to steal your data it is however a chance the writers to look at what you have and you know how that can be call a data breach.   So if your the IT for the department I’d suggest sending out warnings so they can keep from being caught with their pants down.   I’d also suggest having Anti-Virus and free Firewall installed on all the major systems and it wouldn’t hurt to have the installed on minor systems if at all possible.

Valentine’s Day Brings More Malware!

Panda Labs talks about this new technique where it tries to install W32/Waledac.C.worm under the thought of someone special. It sends out email to people hoping to click links such as:

    [ad#ad2-right]

  • hxxp://goodnewsreview.com
  • hxxp://worldnewseye.com
  • hxxp://www.spacemynews.com
  • hxxp://www.worldnewsdot.com
  • hxxp://www.worldtracknews.com
  • hxxp://www.wapcitynews.com
  • hxxp://linkworldnews.com
  • hxxp://goodnewsdigital.com
  • hxxp://waleprojekt.com
  • hxxp://expowale.com
  • hxxp://topwale.com
  • hxxp://waleonline.com
  • hxxp://goodnewsdigital.com
  • hxxp://wapcitynews.com
  • hxxp://bestgoodnews.com
  • hxxp://spacemynews.com
  • hxxp://linkworldnews.com

Once your at the site,  clicking on the hearts you would then download an file that is the worm!!  SO here are some things to remember.

If you don’t know the person, then it’s probably spam.   If you know the person you need to ask them before you run the program.   You also need to scan any downloads before you run them.  Go to my Malware Page and get a free Anti-virus and Firewall.  For the likely possibility this worm seems to search the computer and harvest email addresses, you should also warn the person who email you the link to let them know that they are infected.