Application security, Malware, Patch/Configuration Management, Vulnerability Management

Fake Microsoft security update spreading malware

Angela MoscaritoloJanuary 4, 2011

A new wave of malicious emails containing a fake Microsoft Windows security update began hitting inboxes in an effort to spread malware, researchers at anti-virus firm Sophos have warned. The messages, which appear to be sent from Microsoft's security team and contain the subject line "Update your Windows," advise users to update their operating system by downloading an attached executable file, Graham Cluley, senior technology consultant at Sophos, wrote in a blog post Tuesday. The attached file, called “KB453396-ENU.zip,” is actually an AutoRun worm. Users should be advised that Microsoft never distributes security updates via email attachments, Cluley said. – AM

Angela Moscaritolo

Angela Moscaritolo

Related

ADR

Application security

How ADR – application detection and response – can become the ‘EDR for apps’

Daniel Shechter April 19, 2024

Attackers are now targeting applications – and the industry needs to adjust.

Network of platforms with bots on top botnet cybersecurity conce

Network Security

Bot attacks spike

SC StaffApril 17, 2024

Cybernews reports that bot attacks have increased by almost twofold in 2023, with the highest activity observed during the fourth quarter.

Hand holding sim card, select focus, color effect

Application security

Scammers offer cash to phone carrier staff to swap SIM cards

Simon HenderyApril 17, 2024

T-Mobile and Verizon workers report receiving text messages offering them up to $300 for each illegal SIM swap they complete.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news