Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

8/14/2009
03:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New Virus Appears As Response To Craigslist Ad

Currently undetected virus appears as a response to craigslist ad with link to fake "Picasa" photo album, according to Red Condor

Rohnert Park, Calif. " August 13, 2009 " Email security experts at Red Condor are warning email users about a new virus currently undetected by most virus scanners. The virus is embedded in an email that appears to be a response to a craigslist advertisement. The email containing the virus, which was detected August 12, 2009 by Red Condor's Zero Minute Defense Network, includes the subject line, "Re: Car For Sale on craigslist." The email content suggests that the user requested pictures for a car being sold on craigslist and invites the recipient to view the images in a Picasa album. Clicking on the link to the album installs a virus.

"Only 13 out of 41 virus scanners detected the file as a virus when Red Condor first identified it," stated Dr. Tom Steding, chief executive officer of Red Condor. "This means that if the message was delivered and a user clicked on the link, they'd likely be infected even if they had an anti-virus program running on their desktop computer. With increasingly more ways to get malicious content onto computers and corporate networks, it is important that companies' security solutions are capable of responding quickly and appropriately to eliminate potential threats. Traditional signature-based virus engines are simply not enough protection against today's spammers and cybercriminals. After all, it only takes one click."

The virus scam was detected by Red Condor's proprietary Spam Trip Wire technology. Red Condor scanned the virus payload through VirusTotal.com, and also Jotti, and the email virus was unrecognized by more than two-thirds of commercial virus scanners.

Spam Trip Wire identifies spam and virus campaigns before they penetrate users' networks. Suspicious campaigns are put on probation until a filter rule can be written to capture messages from the campaign. During the probationary period, messages from the suspicious campaign are quarantined. Red Condor charts the number of malicious campaigns identified by Spam Trip Wire through its online Threat Center at RedCondor.com.

About Red Condor Red Condor is revolutionizing spam fighting with its next generation technology. Red Condor's highly accurate email filter, hybrid architecture Vx Technology, and fully managed appliances lead to a dramatic reduction in the cost of owning a premium spam filter. With solutions for small business, as well as ISPs with millions of email inboxes, Red Condor has a cost-effective, timesaving solution that is rapidly gaining market share. The system's design has built-in zero tolerance for lost email, and a near zero false positive rate while achieving long-term spam block rates greater than 99%. This next-generation technology is backed by a 24x7 customer care center staffed by email security experts at Red Condor's headquarters. For more information, visit www.redcondor.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.