Archive for March, 2007
National Credit Union Administration (NCUA) Chairman JoAnn Johnson testified today before the House Subcommittee on Financial Institutions and Consumer Credit concerning subprime mortgage practices and products and foreclosures in relation to credit unions.
The National Credit Union Administration (NCUA) has approved a charter and low-income designation for New Covenant Dominion Federal Credit Union of Bronx, New York.
The National Credit Union Administration (NCUA) has approved a charter and low-income designation for New Covenant Dominion Federal Credit Union of Bronx, New York.
Full exploit code was published this morning for MDAC vulnerability MS07-009. The original demonstration of this vulnerability occurred on July 29, 2006 in HD Moore’s Month of Browser Bugs #29. At the time, only a denial-of-service demonstration was published.
http://browserfun.blogspot.com/2006/07/mobb-29-adodbrecordset-nextrecordset.html
Our scanners are now actively searching for any live sites that are attempting to exploit this vulnerability. This type of vulnerability has been very popular with malicious attacks in the past and we expect to see its usage increase substantially, now that exploit code is publicly available.
On February 13, 2007, Microsoft® released patch MS07-009 to address this vulnerability. We recommend that you apply this patch immediately, if you have not yet done so. See the Microsoft Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/ms07-009.mspx
Websense Security LabsTM has discovered a new set of the Warezov/Stration malicious code. This new code is currently spreading through the Skype network. Although the code itself is not self-propagating, when it runs, a URL is sent to all users within the user’s Contacts List.
This attack appears to be the same as the version mentioned on the FSecure Blog Feb 27th,
http://www.f-secure.com/weblog/archives/archive-022007.html#00001126,
but with new URL information and a new version of the malicious code.
Skype users receive a message that says “Check up this,” with a URL containing a hyperlink. When users click on the link, they are redirected to a site that is hosting a file named file_01.exe. Users are prompted to run the file (note: there is no vulnerability within Skype). If the user runs the file, several other files are downloaded and run.
The files listed below are loaded from different domains. These domains were up and running at the time of this alert.
1e61617b7498c5cad41c4d26b8e4ca8c file_01.exe
7c2b181ab4fbe858e22bbbdc725e4f53 gdi32.exe
7306bed6c39560ed78fe67cfc5e643c8 ndis.exe
5262a217d2ca7f28be6fc398d8f8aee3 sk.exe
The user’s contacts also receive the URL within Skype. Once the Trojan is installed in a system, it tries to connect to a Yahoo mail server to send an SMTP message. However, that server does not seem to be operative and the communication fails. This inoperability is probably an attempt to notify the attacker that a certain machine has been infected.
The downloaded files are other versions of the Warezov/Stration malicious code. This code opens backdoors to the users systems and also downloads new code.
Screenshot:
Eight federal regulators today released a notice of proposed rulemaking (NPR)
requesting comment on a model privacy form that financial institutions can use for their privacy notices to consumers required by the Gramm-Leach-Bliley Act (GLB Act).
Eight federal regulators today released a notice of proposed rulemaking (NPR)
requesting comment on a model privacy form that financial institutions can use for their privacy notices to consumers required by the Gramm-Leach-Bliley Act (GLB Act).
Websense® Security Labs™ has received reports of a phishing attack that targets customers of National Collegiate Underwriters & Administrators. Users receive a spoofed email message which claims that if they take a survey to give feedback on the quality of services, they will get a $50 credit to their account. The email provides a link to a phishing site that attempts to collect personal and account information.
This phishing site is hosted in the Republic of Korea and was up at the time of this alert.
Phishing email text:
Dear Customer,
CONGRATULATIONS !!!
We are very satisfied about the Reward Survey results and we’ve made improvements to Credit Union’s Online web page. To make all the customers happy we will credit every
account that uses every day our online banking service with $50.
Helping us better understand how our customers feel, benefits everyone.
With the information collected we can decide to direct a number of changes to improve and expand our online services.
We kindly ask you to spare two minutes of your time in taking part with this unique offer! This offer expires in 24h after you recieve this message.
To Continue click on the link below:
< URL REMOVED >
© 2007 NCUA . All Rights Reserved. Privacy Policy & Disclosures.
Phishing screenshot:
Websense® Security Labs™ has received reports of a phishing attack that targets Bank of Akron customers. Users receive a spoofed email message which claims that if they take a survey to give feedback on the quality of services, they will get a $30 credit to their account and be entered in a $600 prize drawing. The email provides a link to a phishing site that attempts to collect personal and account information.
This phishing site is hosted in the United States and was down at the time of this alert.
Phishing email text:
Dear Customer,
In an effort to continually measure the service quality given to
Bank of Akron members we send out random surveys asking for valuable feedback
on how we are doing and how we can improve.
There are only a few questions to score and should only take
a few moments of your time.
Your patience will be rewarded with $30 direct deposit to your account
and your name will automatically be entered into our quarterly
drawing for a $600 grand prize.
Thank you!
Sincerely,
Board of Directors
Bank of Akron
Take the survey! < LINK REMOVED >
Phishing screenshot #1:
Phishing screenshot #2:
Phishing screenshot #3:
NCUA proposes to amend part 749 to address a federally-insured credit union’s obligation to maintain a records preservation program. The proposed rule draws from existing guidance to clarify requirements for preserving vital records and to suggest important items for consideration in restoring vital
member services.