Social networking site Myspace has reached an agreement with the attorneys general of 49 US states to protect children from sexual predators on the site. Measures will include safety tools for online authentication, new design changes for preventing under-aged children to access the site, protecting minors from inappropriate contacts and educative processes for parents and educators. Also Myspace and Attorneys General will work together to support initiatives that will enhance the ability of law enforcement officials to investigate and prosecute Internet crimes.

Microsoft has released an advisory on a new discovered MS Excell vulnerability. The vulnerability affects all versions except Excel 2003SP3 and Excel 2007 and can allow remote code execution. Attack appears to be targeted, not widespread and Microsoft team is working on solving the issue.

Digital Armaments company has announced a $20,000 award for hackers that can find any exploitable vulnerability or working exploit for Windows applications. The contest’s deadline is February 29. The company has more details about this interesting idea but most of Internet security researchers point that Digital Armaments is not well known company and maybe they don’t even have $20K for award. But then again if you are a hacker and enthusiast, why hesitate to try?

As Valentine day approaches new Storm worm hits Internet users. This time spreading via email with same subject line “I Would Dream” and link to a infected website. If visitor click on link it will download withlove.exe containing Email-Worm:W32/Zhelatin.PY. As the file on the websites is changing every 15-30 minutes AV companies are forced to release new updates every time, so user caution is advised not to open any suspicious links and mails containing mentioned subjects.

Symantec researchers reported about the Trojan Silentbanker targeting more than 400 banks including the household names in the U.S. and other financial institutions in the world and hangs in the background to intercept transactions with two-factor authentication. This Trojan performs man-in-the-middle attacks on valid transactions and has the ability to intercept transactions that require two-factor authentication. Then silently change the user-entered destination bank account details to the attacker’s account details instead. Trojan ensures that the user does not notice this change by presenting the user with the details they expect to see, while all the time sending the bank the attacker’s details instead. And since the user doesn’t notice anything wrong with the transaction, they will enter the second authentication password, in effect handing over their money to the attackers. The Trojan intercepts all of this traffic before it is encrypted, so even if the transaction takes place over SSL the attack is still valid. Symantec notes that the Trojan adapts based on what it needs. It tries the easiest attack vector and then works up to the more difficult approaches. The Trojan can also download updates and other executables and it can use the infected machine as a proxy or as a Web server on any chosen port. For protection, please keep your antivirus definitions up to date and keep your eyes on the firewall.

As tax season started in US more and more phishing attacks are showing up. This one are spreading via email and represents as Internal Revenue Service. In the email text recipient is informed that has tax refund of $270,25 dollars. If you follow the link it will lead you to the infected astrasong.ru/mp3/ webpage. This threat is not very intelligent but as tax deadline gets closer we are sure more and more intelligent attack will show up. It is advisable to double check every email you get before following any links provided.

Netcraft is reporting about latest phishing scam on an Italian banking website. Hackers has developed new methods that are almost impossible to track. The attack, targeting Banca Fideuram, reaches users via the usual route of an authentic-looking email using a pretext to ask users to log into the bank’s site. Despite the SSL certificate, the attackers have been able to inject an IFRAME into the login page, loading a login form which is hosted on a web server in Taiwan. IFRAME is a common way of inserting external content into a web page and a malicious payload could be delivered using the vulnerable GET parameter. In that case the browser would, in addition to displaying “https” at the start of the URL, also display a locked padlock icon. In this Italian bank case attackers used the URL and injected a series of numbers directly into a JavaScript function call that already exists on the bank’s legitimate LoginServlet page, making the bogus URL nearly identical to the real one. The injected form transmits users’ data to Taiwan before redirecting users to the bank’s unaltered homepage. Banca Fideuram has been contacted about the problem and phishing site is blocked in Netcraft’s anti-phishing toolbar and in PhishFeed.

Online hackers are using hacked Myspace profiles to spread links to their malicious software. Those trojan horse is disguising as Microsoft update. Myspace visitors get a popup window advising them to download the latest version of Microsoft’s Windows Malicious Software Removal Tool. This software is distributed by Microsoft to help Windows users rid their systems of malware. If the user clicks anywhere on this image, his computer will then begin to download the Trojan program. The Trojan, detected by McAfee as TFactory, is a already known code that has been used by criminals for well over a year and hackers were able to launch this attack because they either discovered a flaw in the MySpace code or found a way of taking over user accounts. Myspace users should take care if see such pop up screen and avoid clicking on information picture.

Users of Microsoft Live Messenger are advised to take notice about new worm spreading on the network. The symptoms of infections are sending strange web links to all contacts and installing of malicious software detected as Trojan.Win32.Agent.DWD When this Trojan installs on users computer, starting sending links and showing pop up image like this:

Microsoft urged Windows Vista users to download a new security tool that automatically disables suspicious or malicious “gadgets”, small applications that can display date, time or RSS feeds. Since gadgets are written in HTML and various scripts they can be dangerous or malicious. Windows Sidebar Protection, just 1MB large, prevent a malicious gadgets from installing, and if it’s installed, to block the gadget. Windows Sidebar Protection can be downloaded from Windows Update site. This update is optional, but depending on what settings have been selected in Automatic Updates, it may be downloaded and installed without any additional user interaction.