Q: What is this all about?
A: It's about a site called jailbreakme.com that enables you to Jailbreak your iPhones and iPads just by visiting the site.

Q: So what's the problem?
A: The problem is that the site uses a zero-day vulnerability to execute code on the device.

Q: How does the vulnerability work?

There's a couple of new developments in the Stuxnet rootkit case. Last night, the analysts in our Kuala Lumpur lab added detection for another digitally signed Stuxnet driver. This one uses a certificate from JMicron Technology Corporation.

Our detection for this new binary is Rootkit:W32/Stuxnet.D.

There's a possible new zero day in the wild which is being used in targeted espionage attacks. Belorussian antivirus company, VirusBlokAda, recently published news about two new rootkit samples, and quite interestingly, the infection vector is a USB storage device and Windows shortcut [.LNK] files.

The rootkit uses a LNK file that infects the operating system when viewed by an icon rendering file explorer such as Windows Explorer or Total Commander.

The CARO 2010 Technical Workshop is underway in Helsinki.

This event, organized by F-Secure, is the largest ever gathering of antivirus experts in Northern Europe. We have almost 150 delegates from 25 countries here.

The key experts from practically all the antivirus labs in the world will spending the next two days talking about Big Numbers, i.e. how do we keep up with the growing number of malware.

Here's a couple of photos from the workshop:

There's a new Facebook worm out there. However, it doesn't seem to be doing anything else than posting a message to people's Facebook walls.

The message that the worm posts is
"try not to laugh xD http://www.fbhole. com/omg/allow.php?s=a&r=[random number]"

If you follow the link, you end up on a page that looks like this:

Researchers at Matousec have announced a new vulnerability that affects several Internet security products. This is generating some media coverage: see "New attack bypasses virtually all AV protection" in The Register.

This is a serious issue and Matousec's technical findings are correct. However, this attack does not "break" all antivirus systems forever. Far from it.

One of the most important worm outbreaks in history happened ten years ago to the day.

Loveletter (aka ILOVEYOU or Lovebug) spread around the world in matter of minutes. When you got infected, the worm would send this e-mail from your system — posing as you — to all of your contacts:

   From: (your e-mail address)
   To: (one of your contacts)

We're very excited to release the first Beta of Norton AntiVirus 2011 and Norton Internet Security 2011. A lot of work went into the 2011 products, and we invite our Beta testing community to provide us with feedback. The betas are available for download now at www.norton.com/beta. Here's an overview of what's new and notable in Norton 2011.

Today, we're excited to announce the availability of public betas of our flagship products, Norton Internet Security 2011 and Norton AntiVirus 2011. If you're interested in testing them, they're now available for free download from our Beta site at www.norton.com/beta. Here, our performance guru Dong "DC" Chung talks about the continued commitment to being the fastest, lightest security products on the market.

Google's Online Security Blog had a very interesting post yesterday regarding fake antivirus. Google has been working to protect their users since March 2007, when they first discovered fake AV. (We, and other security vendors, have been writing about the issue of rogues since at least July 2006.)