**After sorting through my hibernating inbox, I have no found the newest issue of Bullgard newsletter. An online tech newsletter. Here are the articles for your browsing pleasure.**

Trojan attacks Microsoft\'s AntiSpyware

Virus writers have created a malicious program that can disable Microsoft\'s new anti-spyware application, security experts warned on Wednesday.

Antivirus experts, who are calling the Trojan \"Bankash-A,\" say it is the first piece of malicious software to attack Windows AntiSpyware, which is still in beta.

\"This appears to be the first attempt yet by any piece of malware to disable Microsoft AntiSpyware,\" Graham Cluley, a senior technology consultant at Sophos, said in a statement. \"As Microsoft\'s product creeps out of beta and is adopted more by the home user market, we can expect to see more attempts by Trojan horses, viruses and worms to undermine its effectiveness.\"

Windows AntiSpyware, built using technology from Microsoft\'s acquisition of Giant Company Software, is designed to protect Windows PCs from spyware--software that is installed on computers without their owners\' knowledge. Typically, spyware generates pop-up ads or keeps track of people\'s Web surfing.

Like many other Trojans, Bankash attempts to steal passwords and online banking details from Windows users, Sophos said in an advisory. The program targets users of U.K. online banks such as Barclays, Cahoot, Halifax, HSBC, Lloyds TSB, Nationwide, NatWest and Smile.

Sophos called the Trojan \"Bankash\" because it attacks banking customers and installs a file called ASH.DLL onto a victim\'s hard drive.

Microsoft\'s British press office was awaiting comment from the company\'s U.S. headquarters at the time of writing.

Dan Ilett of ZDNet UK reported from London.

Updated MyDoom targets Google--again

Another variant of the MyDoom worm, which spreads by sending copies of itself using its own mail engine and harvesting potential e-mail targets from search engines such as Google and Yahoo, has started spreading quickly.

Last summer, a MyDoom variant pumped so many queries into Google that the search engine was unavailable or very slow for large periods of time. The same variant of MyDoom also succeeded in knocking a number of smaller search engines--including Lycos and Altavista--off the Web completely.

Antivirus firm Sophos said the latest MyDoom variant searches an infected computer\'s hard disk for e-mail addresses and then reverts to an Internet search. Interestingly, the worm tries to search the Internet for e-mail addresses in the infected computer\'s domain--effectively targeting all users from a specific company or service provider.

According to a Sophos advisory, the worm \"will send a query to the search engine using domain names from e-mail addresses found on the hard disk and then examine the query results, searching for more addresses.\"

Sean Richmond, senior technical consultant at Sophos in Australia and New Zealand, said that the latest variant was first detected early Thursday in that region and that as long as people have updated their virus definitions it shouldn\'t cause much of a problem.

\"We saw a spate of samples come through over the last day into our lab. By now a lot of companies are already blocking dodgy zip files and quite a few of the infected e-mails are automatically blocked as spam. It is spreading but everyone (including alternative antivirus companies) are on top of things,\" Richmond said.

Sophos said the worm will send 45 percent of its queries to Google, 22.5 percent to Lycos, 20 percent to Yahoo and 12.5 percent to Altavista.

Antivirus firms Sophos, Computer Associates and Symantec all agree that the worm is spreading quickly but is relatively simple to remove using their latest antivirus definitions.

**These were the two most prominent stories. I hope to add to them as time goes on**

Nice people. Fortunitely, I update
my Antivirus (Symantec Nortan Antivirus) every day.

Microsoft has always been insecure so the first one comes as little surprise to me.

[Edited on 18/2/05 by AirMan]

Actually, their new anti-spyware program is top-of-the-line. Especially if you consider that it\'s still a beta.

And it\'s already been exploited?:P

BTW, did you know that IE\'s ad blocker doesn\'t even block ads?

Microsoft is always exploited first, besides how would you know about the IE ad-blocker not working, I thought you used IE?

Granted, can\'t be just IE now... a popup ad got past Firefox somehow.

I think these damned popups are trying something new...

Are linux and Mac safe from this virus?

I used IE before Firefox. It let lots of ads through. I have experiance with both browsers. Thats why I comment on IE. The problem with ads gettig through with Firefox is when you put sites in the allow list. So far, only Geocities\' ads get through, though.

Post redacted

Windows AntiSpyware will be free


Robert Lemos and Dawn Kawamoto
CNET News.com
February 16, 2005, 09:10 GMT

RSA Conference: Bill Gates admits spyware came as a surprise to Microsoft and promises that protection will be free of charge for licensed Windows users






Ending speculation about whether it was shifting to a paid model, Microsoft said on Tuesday that it will provide customers with licensed copies of Windows with its new anti-spyware software for free.



The pledge, made by Microsoft Chairman Bill Gates during his keynote speech kicking off the RSA Conference 2005 in San Francisco, comes after the company had been testing its AntiSpyware application -- technology it acquired with its purchase of security software maker Giant.



\"Just as spyware is something that we have to nip down today, we have decided that all licensed Windows users should have that protection at no charge,\" Gates said.



The initiative is part of Microsoft\'s efforts to strengthen security for home and business users of its Windows desktop software. Consumers are not always aware of the dangers of such threats as spyware, viruses and phishing. A study published last October found that more than 80 percent of consumers had been infected with spyware.



While Microsoft turned its attention to general software security three years ago with its Trustworthy Computing Initiative, the spotlight on consumers began a year and a half ago, after the MSBlast worm infected millions of home PCs. The worm taunted Microsoft\'s founder with the message, \"billy gates why do you make this possible? Stop making money and fix your software!\"



Microsoft introduced the beta of its Windows AntiSpyware application last month. Typically, spyware generates pop-up ads or keeps track of people\'s Web surfing.



Windows AntiSpyware is Microsoft\'s answer to a threat that came essentially as a surprise to the software giant. Gates acknowledged that the threat appeared on the company\'s radar over the last year and said the company had to do better this year.



\"We need significant advances to make sure this [threat] does not spread like it did this year,\" he said.



The company also gained a valuable spyware-reporting network, dubbed SpyNet, in the Giant acquisition, Gates said. The tool identifies potential spyware on PCs connected to the network. It then asks customers if they want to clean the software and reports back to Microsoft what code has been removed.



\"We can see what [malicious software] is being downloaded and make sure the signatures are kept very up-to-date,\" Gates said, adding that the company gets about a half million reports a day of spyware through SpyNet. Nearly three million users participate in the SpyNet program, he said.



One security company welcomed the Microsoft announcement but struck a note of caution about the company\'s expansion into security software.



\"I am glad to see Gates is focusing on securing the desktop,\" said Gregor Freund, chief technology officer of Check Point Software, which develops desktop security software. \"However, there are some serious downsides to Microsoft\'s approach. Just by entering the security market, Microsoft could stall innovation by freezing any kind of spending of venture capital on Windows security, which, in the long run, will lead to less security, not more.\"

[Edited on 2/19/2005 by Mega X.exe]

It\'s a little late for them to think about security, no?:rolleyes: Nevertheless, better late than never. *I* on the other hand won\'t trust Microsoft with any security. I\'ll leve that for other respectable companies such as Symantec, Zone Labs, McAfee, etc.

[Edited on 4/3/05 by Indifferent Protester]

::UPDATE::

Hi!

I\'ll post here when I have any small news (Nothing too big, Mega X, I\'ll leave that for you :P). Just things like Zone alarm Updates, Microsoft Updates, new virus definitions etc.

Anyway, you should all update your antivirus softare as there are new virus definitions out. There will be a lot out soon, if what the other topics say is right.

::ANOTHER UPDATE::

There are critical updates for Firefox. I now have Mozilla Firefox v1.0.1 . It is now [iu]oh[/i] so much more secure than IE6. IE isn\'t updated as often either:P

[Edited on 4/3/05 by Indifferent Protester]