CNET today ran an interesting story "Storm Worm variant targets blogs, bulletin boards" indicating a new variation of the Storm Worm is in effect. The story states:
"The new Storm Worm variant attacks the machines of unsuspecting users when they open an e-mail attachment, click on a malicious e-mail link or visit a malicious site, said Dmitri Alperovitch, principal research scientist at Secure Computing."
"But the twist comes when these people later post blogs or bulletin board notices. The software will insert into each of their postings a link to a malicious Web site, said Alperovitch, who rates the threat as "high." "
"The danger in this most recent case, he added, is that the user is actually posting a legitimate blog or bulletin board notice, unaware that a malicious link has been slipped into the text of the posting."
This is another attack vector for criminals looking to capture your identity and authentication information. Before you click on any link, think on it first. Then, when posting to a blog, review your posting to ensure that a malicious link hasn't been inserted into your text posting.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us