Author Topic: Piccies / IE danger  (Read 3979 times)

0 Members and 1 Guest are viewing this topic.

Offline Maik

  • Administrator
  • Forum Deity
  • *****
  • Posts: 35167
Piccies / IE danger
« on: Friday, 21 February, 2014 @ 15:30:42 »
A couple of dangers I wouldn't get too concerned about *just yet*:

Quote
Internet Explorer users warned of zero-day exploit used in targeted attacks

Microsoft has issued a warning about a critical zero-day vulnerability in versions of Internet Explorer, that is being exploited in “limited, targeted attacks”.

The Seattle-based software giant said in an advisory that only Internet Explorer 9 and Internet Explorer 10 are affected by the remote code execution vulnerability, and that it is working on a proper patch to defend users.

Microsoft doesn’t have an official fix for the newly-discovered Internet Explorer vulnerability yet, but has produced a Fix It tool that can be used as a workaround to reduce the risk.
http://grahamcluley.com/2014/02/internet-explorer-zero-day/


Quote
New variant of Zeus banking trojan concealed in JPG images

A new variant of the nefarious Zeus banking trojan – dubbed ZeusVM – is concealed in JPG image files.

“This piece of malware can be distributed in many different ways, but most typically through phishing emails or a web-based attack,” Segura said, explaining the malware could also be spread via malvertising, which involves websites hosting ads that spread malware.
http://www.scmagazine.com/new-variant-of-zeus-banking-trojan-concealed-in-jpg-images/article/334477/


MS will fix the IE vulnerability fairly soon (I'd think) and you're probably not a target, anyway.

Malware in piccies might be more of a concern if, like me, you quite often receive forwarded emails with lovely piccies. If you do online banking then:

Quote
A better solution is to use a Linux Live CD which runs a clean operating system that is loaded on a read-only media. It takes a minute or two to boot up but may be worth the peace of mind.
http://blog.malwarebytes.org/security-threat/2014/02/hiding-in-plain-sight-a-story-about-a-sneaky-banking-trojan/