Malware has managed to get off the planet and onto the International Space Station (ISS), NASA confirmed today. And it's not the first time that a worm or virus has stowed away on a trip into orbit.

The attack code, which space news site SpaceRef.com identified Monday as "W32.Gammima.AG," infected at least one of the laptops used on the station, an international effort headlined by the U.S. and Russia.

National Aeronautics and Space Administration spokesman Kelly Humphries declined to identify the malware, saying only that antivirus software detected a worm on July 25.
The first public report of malware about the ISS was logged on Aug. 11. In NASA's daily status report on the station, the agency said that Sergey Volkov, the ISS commander, was "working on the Russian RSS-2 laptop" and "ran digital photo flash cards from stowage through a virus check with the Norton AntiVirus application."A week later, on Aug. 21, Volkov "checked another Russian laptop, today RSK-1, for software virus by scanning its hard drives and a photo disk."

The next day, Volkov transmitted antivirus scanning results from the laptop to Earth, and U.S. astronaut Greg Chamitoff scanned another computer for possible infection. NASA also said in Friday's report that all laptops on board the ISS were being loaded with antivirus software.

"All A31p laptops onboard are currently being loaded with [the] latest [Norton AntiVirus] software and updated definition files for increased protection," said NASA.
source:Computer world

Microsoft security advisory: Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform

Microsoft

Microsoft on May 30, 2008 issued an advisory that warned windows users to not use apple's safari web browser until a patch is available that could stop the attackers to hack computers.
Microsoft Security Response Center (MSRC) issued a security advisory, which it called a "blended threat".
It is caused by a combination of a bug in Apple's Safari Web browser and the vulnerability in the way the Windows XP and Vista handle executable (exe) files on the desktop. This allows the remote execution of malicious code on all supported Windows XP and Vista when the Safari web browser for Windows is installed. This bug was disclosed 2 weeks ago by a researcher Nitesh Dhanjani.

Safari lacks an option to require a user's permission to download a file. Attackers, could populate a malicious site with a code that Safari that would automatically download to the desktop, which is the default location.

Nitesh Dhanjani

A combination of the default download location in Safari and how the Windows desktop handles executables creates a blended threat in which files may be downloaded to a user’s machine without prompting, allowing them to be executed. Safari is available as a stand-alone install or through the Apple Software Update application.

An attacker could trick users into visiting a specially crafted Web site that could download content to a user’s machine and execute the content locally using the same permissions as the logged-on user.

Microsoft

Scientists across the world are devising new techniques and are exploring other protocols to serve one purpose, a high bandwidth. Internet service providers are competing with each other to provide higher bandwidths to customers at competitive prices. The world is on the internet highway, where the speed limit is continuously increasing. We live, talk and socialize on the internet. Some of us met their life partners on the internet. Wow! what a life changing experience. Amidst all this positivity and development, there have been many people who have been affected. Some positively and a few negatively. The most affected people have been the movie producers. Their movies have been stolen, ripped and are available for download on forums across the world. For the internet user with a high bandwidth and a less price, it would take a few minutes to download the DVD rip of a movie. A movie once downloaded, will surely be circulated across and once his friends see the movie, they wouldn't actually spend money to go to the theater to watch them. If you are more patient, a week or two (maximum) after the movies release, pirated copies are available for less than $1. With high bandwidth comes the risk of huge file transfers (illegal). Recently some chinese suckers (hackers), hacked Indian defense websites, stealing vital information. I feel hacking is an achievement (of evil) in itself and hackers being the lord voldermort (the evil guy) of harry potter. Some times this evil is used by us, when we use and watch pirated stuff. It will take some hard work and smart effort by the antivirus and web security companies to curb the ill effect of high bandwidth