8月回想 (中)
11/8
Facebook malware attack puts work computers at risk
The popular networking site Facebook is the target of a new attack that is spreading messages with malicious links.
Sophos is warning users about the problem. Sophos said Facebook user's computer can be infected after they view a video that is infected with the bad code.
According to Sophos, messages left on Facebook users' walls are urging members to view a video, which appears to be hosted on a Google website. But users who click on the link are taken to a site which urges them to download an executable file to watch the movie, according said Graham Cluley, senior technology consultant for Sophos.
The file downloads malicious code and displays an image of a court jester sticking his tongue out.
Cluley said the new attack leaves both home and workplace computers vulnerable. Many employees now access the networking site in the office from their work computer. He advised companies to educate workers who access the site to be on the lookout for the dangerous message, which includes a link to a third party website http://www.google.com.id. [removed].cn/gallery.php?id=.
"The message asks people if they want to download an executable file to view the video. At that point your users should say 'No, I don't,'" said Cluely. "People have got to learn that clicking on links in messages to websites can lead to a malware infection, whether the messages are in your email or on a site like Facebook."
Organizations will also want to have a Web security and control appliance in place that filters internet access and prevents the downloading of malicious code, he advised. While businesses are now doing a good job scanning emails for potentially bad messages, Web 2.0 sites aren't.
"Messages sent by Web 2.0 sites aren't being scanned," he said. "And Web 2.0 sites aren't doing a good job filtering. It is sort of 1990's era technology being used by these sites."
The new attack may also be a wake-up call for companies to consider internal policies in sites like Facebook in the workplace. Cluley pointed not just to security risks, but productivity issues, too.
"Ultimately that decision is for each individual company to make. But they may have to ask themselves: Do all users need to access these kinds of sites? Or do only certain people in some departments need access? If workers are allowed to be given access to these sites then it's vital that they do not put their personal and corporate data at risk, and are protected from web-based infections."
This is the second time in recent weeks Facebook has dealt with security problems. Last month, Sophos's Cluley discovered a glitch in a test version of Facebook's Web site inadvertently exposed the birthdays of Facebook's 80 million members.
(Ref: http://www.cw.com.hk/article.php?type=article&id_article=2082)
16/8
原本又去"橋底"同人慶祝生日,
點知搞下搞下變左九龍城食路邊雞 ...... -_-"
食完一餐普普通通嘅晚餐之後,
再食多個普普通通嘅甜品就散!
17/8
出門口時"俗"左一下, 埋左個計時炸彈!!
18/8
多事買左隻雞回去食, 結果成餐變左全雞宴 ...... -_-!
喉嚨開始有d問題!!
19/8
繼續"雞"的約會!!
喉嚨開始作痛了!!
20/8
下午食完飯之後竟然覺得office嘅冷氣好凍,
睇尼我應該係病左啦!!
Facebook malware attack puts work computers at risk
The popular networking site Facebook is the target of a new attack that is spreading messages with malicious links.
Sophos is warning users about the problem. Sophos said Facebook user's computer can be infected after they view a video that is infected with the bad code.
According to Sophos, messages left on Facebook users' walls are urging members to view a video, which appears to be hosted on a Google website. But users who click on the link are taken to a site which urges them to download an executable file to watch the movie, according said Graham Cluley, senior technology consultant for Sophos.
The file downloads malicious code and displays an image of a court jester sticking his tongue out.
Cluley said the new attack leaves both home and workplace computers vulnerable. Many employees now access the networking site in the office from their work computer. He advised companies to educate workers who access the site to be on the lookout for the dangerous message, which includes a link to a third party website http://www.google.com.id. [removed].cn/gallery.php?id=.
"The message asks people if they want to download an executable file to view the video. At that point your users should say 'No, I don't,'" said Cluely. "People have got to learn that clicking on links in messages to websites can lead to a malware infection, whether the messages are in your email or on a site like Facebook."
Organizations will also want to have a Web security and control appliance in place that filters internet access and prevents the downloading of malicious code, he advised. While businesses are now doing a good job scanning emails for potentially bad messages, Web 2.0 sites aren't.
"Messages sent by Web 2.0 sites aren't being scanned," he said. "And Web 2.0 sites aren't doing a good job filtering. It is sort of 1990's era technology being used by these sites."
The new attack may also be a wake-up call for companies to consider internal policies in sites like Facebook in the workplace. Cluley pointed not just to security risks, but productivity issues, too.
"Ultimately that decision is for each individual company to make. But they may have to ask themselves: Do all users need to access these kinds of sites? Or do only certain people in some departments need access? If workers are allowed to be given access to these sites then it's vital that they do not put their personal and corporate data at risk, and are protected from web-based infections."
This is the second time in recent weeks Facebook has dealt with security problems. Last month, Sophos's Cluley discovered a glitch in a test version of Facebook's Web site inadvertently exposed the birthdays of Facebook's 80 million members.
(Ref: http://www.cw.com.hk/article.php?type=article&id_article=2082)
16/8
原本又去"橋底"同人慶祝生日,
點知搞下搞下變左九龍城食路邊雞 ...... -_-"
食完一餐普普通通嘅晚餐之後,
再食多個普普通通嘅甜品就散!
17/8
出門口時"俗"左一下, 埋左個計時炸彈!!
18/8
多事買左隻雞回去食, 結果成餐變左全雞宴 ...... -_-!
喉嚨開始有d問題!!
19/8
繼續"雞"的約會!!
喉嚨開始作痛了!!
20/8
下午食完飯之後竟然覺得office嘅冷氣好凍,
睇尼我應該係病左啦!!
沒有留言:
發佈留言