Archive for June, 2009
Jun
28
Websense Security Labs™ ThreatSeeker™ Network has discovered spam emails offering recipients links to unpublished videos and pictures of singer Michael Jackson. According to news reports Michael Jackson’s death was confirmed yesterday.
The spam email appears to offer a link to a YouTube video, but instead sends the recipient to a Trojan Downloader hosted on a compromised Web site. The file offered is called Michael.Jackson.videos.scr (MD5: 664cb28ef710e35dc5b7539eb633abca). This file is located on a legitimate Web site hosted in Australia belonging to a radio broadcasting station. Upon executing the file, a legitimate Web site at http://musica.uol.com.br/ultnot/2009/06/25/michael-jackson.jhtm is opened by the default browser in order to distract the user by presenting a news article for them to read.
In the background, three further information-stealing components are downloaded and installed by the malware. One of the downloaded files is called michael.gif, which has low AV detection rates – see VT results here. The malware then installs a malicious BHO that is registered with this file %windir%\Dynamic.dll and this GUID {FCADDC14-BD46-408A-9842-CDBE1C6D37EB}. Another component is bound to startup at %windir%\system32\kproces.exe. Another malicious file installed by the malware is %windir%\system32\fotos.exe.
Translation of the email is as follows:
Screenshot of the malicious spam:
Screenshot of the malicious file masquerading as a video:
Websense® Messaging and Websense Web Security customers are protected against this attack.
Jun
28
June 26, 2009, Alexandria, VA ––
“”Today is the actual 75th anniversary of the signing of the Federal Credit Union Act into law. While the temptation is to commemorate the formal, official, governmental aspects of the day, I prefer to give recognition and thanks to the millions of American consumers who have made the credit union industry a success. Credit unions are a valuable and durable vehicle through which members can save and invest in a cooperative environment.
June 25, 2009, Alexandria, VA –– A U.S House of Representatives Appropriation Subcommittee voted today to not place a cap and to maintain the Central Liquidity Facility (CLF) maximum, approximately $40 billion, borrowing authority through fiscal year 2010 to ensure NCUA has a source of funding available to meet liquidity needs.
Credit unions should consistently focus on their relationships with members, take advantage of competitors’ weaknesses, and not be shy about investing in technology. Mark Sievewright, senior vice president, Fiserv Inc., Brookfield, Wis., delivered that message Wednesday at America’s Credit Union Conference & Expo in Boston.
Credit unions interested in using social networking to reach their members and communities must ensure that their social networks are relevant, according to a social media expert.
Improvements to financial literacy and education could be a part of the larger financial regulatory reform package that is currently up for debate, and the National Endowment for Financial Education (NEFE) gave its input on that issue in Thursday testimony before the House Financial Services Committee’s subcommittee on financial institutions and consumer credit.
Under a House Appropriations subcommittee financial services spending bill, no cap would be placed on the National Credit Union Administration’s Central Liquidity Facility borrowing authority.