Hello Friend,
There’s a new malware on the web that is wrecking havoc in every way possible.
This drive-by-download exploit is called, Gumblar.
The latest manner of attack known from Gumblar is when doing searches on Google, it redirects Google search results to malicious sites where it loads more malware on the PC by means of drive-by-download attack that infects via PDF and Adobe Flash. Not only does it install more malwares in the PC, it also steals login details and FTP credentials thus compromising those sites owned and operated by the victim.
Since Gumblar is quite a pervasive virus its victims fall for it without knowing, Cisco came up with tips for websites and enterprises on dealing with the problem.
Tips on dealing with Gumblar Virus from Cisco
1. Ensure you have Security for your Servers
Make sure security protection is implemented for web servers and web applications. Bitdefender have a very good mail and file server security solution.
2. Be Aware of Pop-ups
Alert users and visitors to pay attention to pop-ups that leads to a questionnaire site.
3. Gateway Security
Organizations should install gateway security that is capable of drilling down into every Internet access request. Bitdefender Total Security 2009 is recommended.
5. Firewalls that can be analyzed
Make sure perimeters are secured with firewalls that can be analyzed.
Gumblar has outruled Conficker this month, either way, we don’t want any viruses for our systems.
We encourage you to do timely software updates and and use up-to-date security solutions not only to be Gumblar free but completely virus-free and Safe!
If your security program is out of date you can read more about the latest and up-to date security software available in the market today.
Until Next Time 😉
Peter – Your Online Security Guide
With over 100,000 legitimate websites apparently compromised and loaded with attack code and with unpatchable client side vulnerabilities in Microsoft ActiveX Video Control and DirectX, I’ve received a lot of questions from customers and sales prospects:
– What is a “Drive-By Download Attack”?
– {from more technical folk} Do Limited User Accounts Protect a PC from Drive-by Download Attacks?
– What is a Limited User Account (Windows)? Why Should I Care?
So, I crafted a post on my company blog I hope answers questions and unasked questions too:
Is a PC Using a Limited User Account (LUA) Safe from Drive-by Download Attacks?
http://www.blueridgenetworks.com/securitynowblog/endpoint_security/limited-user-account-does-not-protect-from-drive-by-download-attack
I hope folk here find this interesting.
Cheers,
Eirik