Welcome to this weeks round-up. All articles in the NewsBot Centre are imported from blog and site feeds from the world of security and technology. This weeks top articles are:

• Bing is live!
• Microsoft unveils new controller
• Malware SPAM: 123greetings.com card – bizzi11.zip
• Malware SPAM: Outlook Setup Notification – micr__outlook_update_6556.zip inside Outlook Setup Notification.zip
• Twitter hit with rogue anti-virus scam (Follow @Securitycadets)
• Windows 7 release date announced
• FTC Sues, Shuts Down N. Calif. Web Hosting Firm
• Google Chrome Out for Mac and Linux – Just Don’t Download It

There are more articles located within the NewsBot Centre. You can also add your feed to our NewsBot should you wish, details about it can be found here.

Welcome to this weeks round-up. All articles in the NewsBot Centre are imported from blog and site feeds from the world of security and technology. This weeks top articles are:

• Malware SPAM: Western Union WesternUnion_TR0002212.zip
• Microsoft promises ’search 2.0′
• 7m in UK ‘use illegal downloads’
• Microsoft Update Quietly Installs Firefox Extension
• Malware SPAM: United Parcel of America, UPSDOCS_IN987712001.zip
• Mozilla Firefox ‘keygen’ HTML Tag DoS Vulnerability
• Microsoft unveils “Bing”

There are more articles located within the NewsBot Centre. You can also add your feed to our NewsBot should you wish, details about it can be found here.

For the second time since we started this experiment, we have the weekly round-up on a Monday. A very valid reason, I was very tired yesterday from working and other matters. Plus, it was Easter Sunday. I hope you had a wonderful time wherever you are.

… Right, let’s tick on …

All articles in the NewsBot Centre are imported from blog and site feed from the world of security and technology:

• Malware SPAM: Match Dating’s new message (malware: ADOBE_PlayerInstallation.exe)
• Spam overwhelms e-mail messages
• BitDefender discovered a new variant of Conficker
• Microsoft: Dramatic Rise in ‘Scareware’ Infections
• Microsoft KB969938 – Internet Explorer 8 takes longer than expected to start
• Downgrade plan for Windows 7 PCs
• Conficker Worm Awakens, Downloads Rogue Anti-virus Software
• IE8 is scheduled to be pushed in Automatic Updates
• Twitter Hit By StalkDaily Worm (Follow us @Securitycadets)

You can add your feed to our NewsBot should you wish, details about it can be found here.

This weeks Sunday NewsBot marks it’s first anniversary. We started this venture all the way back in March 2008 and the first article was a Microsoft Security Advisory (950627) article. Let’s hope this is the start of many more.

All articles in the NewsBot Centre are imported from blog and site feed from the world of security and technology:

• WinPatrol 2009 (V16.0.2009) is here! (or Introducing WinPatrol 2009)
• Massive Profits Fueling Rogue Antivirus Market
• Twitter growth explodes in a year (Follow us on Twitter @Securitycadets)
• Passwords of Comcast Customers Exposed
• StopBadware and Consumer Reports launch BadwareBusters.org
• Symantec decides to disable Ask.com Search (Aka Safe Search) by default
• Quite a long thoughts by Symantec customer regarding Ask.com in Norton installers
• Google’s pictures of UK go live
• Microsoft launches latest browser
• Researcher cracks Mac in 10 seconds at PWN2OWN, wins $5k
• FTC urged to investigate security of Google services
• Antivirus2009 Holds Victim’s Documents for Ransom
• IE8 issues if immunization by Spybot-S&D is enabled
• Rogue Antivirus Distribution Network Dismantled
• Ad-Aware SE Updates Discontinued

We hope you have a great remaining Sunday wherever you are. There are more articles from the last eight days or so. Just visit the NewsBot Centre for more.

You can add your feed to our NewsBot should you wish, details about it can be found here.

NewsBot Round-Up time again. With news generated and pulled from all over the web by our NewsBot Centre in the last week.

• Your site is dangerous Google glitch
• Obama Administration Outlines Cyber Security Strategy
• Gates predicts four-year downturn
• Broadband in every home (in the UK) by 2012
• Blogfight: IE Vs. Firefox Security
• Poisoned Search Queries at Google Video
• Dell and Broadcom fixes BCM42RLY issue on Dell Wireless WLAN 1505/Vista
• UK will not legislate on piracy
• Internet Explorer 8 Release Candidate
• New Rogue -Total Defender (Alongside IE Security)

Want to add your feed to our NewsBot? Details about it here.

A new browser has appeared on the scene and I’ll be testing it out over the next few days and weeks. It goes by the name of Google Chrome.

(Click to Enlarge)

Hopefully, after some time testing it, I will get a better picture. I’ll also be blogging about it then. In the meantime, why not discuss this new browser in our forum.

• Do you think we are ready for a new browser?
• Can it compete with others?
• Or do you simply think this new browser rocks?

Tell us!

You would have a thought I would have blogged about IE8 Beta 1, but no! I have cleery been too busy to miss that headline!

… Seriously though the Beta 2 version of the new Internet Explorer 8 has been released. Meaning it is well on it’s way to being a full version.

Remember! Beta is not the full and complete version! It is undergoing testing and will have bugs! Install at your own risk!

Some links to consider:

• Internet Explorer 8 Beta Home Page
• Internet Explorer 8 Beta Features
• Internet Explorer 8 Beta Support

Also remember, you can always seek help and guidance in our forum. Speak to us about the new version of Internet Explorer. Tell us what you think!

Short post, but an important one to inform you about. For all the details about the vulnerabilities in FireFox 3 regarding URI launching and XUL, visit our forum here.

Apologies for the lack of entries on this blog. We hope to resolve this soon.

Following the Mozilla Firefox browser update yesterday, Opera has released an update due to a vulnerability in BitTorrent header parsing which can be exploited by malicious people to compromise a user’s system. The vulnerability description from Secunia:

“The vulnerability is caused due to Opera using already freed memory when parsing BitTorrent headers and can lead to an invalid object pointer being dereferenced. This can be exploited to execute arbitrary code, when the user is tricked into clicking on a specially crafted BitTorrent file and then removes it via a right-click from the download pane.”

Update to Opera 9.x.

Remember – “A day without laughter is a day wasted.”
May the wind sing to you and the sun rise in your heart…

Last week, a highly critical risk was reported, with proof of concept, involving registering a “firefoxurl://” URI (uniform resource identifier) handler on a computer with both IE and Firefox 2.0 (or later). This was described by Mozillazine as follows:

“When installed on Windows, Firefox registers a URL protocol handler to handle firefoxurl:// URLs (this works much like a http:// or ftp:// URL protocol handler). If an IE user visits a webpage that tries to call a firefoxurl:// URL (for example, using an iframe), IE will launch Firefox with no further prompting, passing it the URL. Neither IE nor Firefox escape or sanitise the URL, which allows an attacker to inject additional parameters into the command line used to invoke Firefox. Used in combination with the -chrome parameter, the attacker can make Firefox execute dangerous JavaScript code.”

If you read the above-referenced Mozillazine article, note the finger pointing as to whether the problem is caused by IE for passing untrusted data to another application or by Firefox for not validating input properly. Regardless of where the problem resides, Mozilla reacted quickly and included the fix in Firefox 2.0.0.5.

Note: By default, Firefox automatically checks for updates. If you have changed that setting, go to Menu > Help > Check for updates.

Included in Firefox 2.0.0.5:

• MFSA 2007-25 XPCNativeWrapper pollution
• MFSA 2007-24 Unauthorized access to wyciwyg:// documents
• MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
• MFSA 2007-22 File type confusion due to %00 in name
• MFSA 2007-21 Privilege escalation using an event handler attached to an element not in the document
• MFSA 2007-20 Frame spoofing while window is loading
• MFSA 2007-19 XSS using addEventListener and setTimeout
• MFSA 2007-18 Crashes with evidence of memory corruption

References:

• Firefox Download Page
• Release Notes

Remember – “A day without laughter is a day wasted.”
May the wind sing to you and the sun rise in your heart…