F-Secure has been tracking the Downadup worm, a retro-style malware threat that spreads in part by exploiting vulnerabillties in certain Windows services' handling of malformed RPC requests. Downadup also spreads as an autorun worm and by launching dictionary-style attacks on weakly protected network shares. A new variant of the worm, Downadup.AL, appeared just before New Year's. According to F-Secure's calculations, this latest worm has now reached over 3.5 million victim PCs. The heaviest concentration of victim PCs appear to be in China, Brazil, and Russia.

Your best defense? Install Microsoft MS08-067 which patches the RPC flaw exploited in the attacks, disable autorun completely, and use strong passwords. Already infected with Downadup? F-Secure provides a free Downadup removal tool.

In the case of Addison Fischer, who in the early 90s bought his way onto a board seat with RSA, the USPTO awarded him two patents in 1994 and 1995 that deal with behavior blocking and integrity checking. These technologies play an important role in protecting users against today's malware threats. It's doubtful anyone knew Fischer's patents even existed (or even Fischer himself), and certainly the ideas and technologies were discussed and existed well prior to Fischer's strategic move. But thanks to the laws of the patent office, if Fischer has his way, users be damned - antivirus vendors will be prevented from employing these technologies unless he gets paid royalties. Fischer is currently using the patent-friendly east Texas court system to sue what nearly amounts to an entire industry: AVG, Check Point, Comodo, ESET, F-Secure, Iolo, Kaspersky, McAfee, Microsoft, MicroWorld Technologies, NetVeda, Norman Data Defense Systems, Novell, PC Tools, PWI, Sophos, Sunbelt Software, Symantec, Trend Micro, Velocity Micro and Webroot Software.

From a timing standpoint, Fischer's move couldn't be more insidious. Malware is at an all time high, antivirus vendors are on the front lines of the battle doing everything they can, and resources - both human and capital - are tapped. If Fischer had bothered to act on his patents and bring a product to market to help protect users, that might be one thing. But as it is, Fischer simply took advantage of an opportunity made possible by his having enough spare bucks to throw at a patent application over a dozen years ago. He stands to lose absolutely nothing since he never had a business or product based on the technology. The real losers here are the users - me, you, and everyone else. It's bad enough that malware is being used by criminals to rip us off; it seems even worse when the menace is coming from a businessman who just wants to pocket some extra cash at the expense of our safety.

Seems like the scammers have had no problem getting back into the swing of things after the holiday. Here's an example of one of the latest phishing scams:

Dear client,
The VISA company informs you that in result of a failure in the Verified by Visa system, the sum of 484.95 euro was taken from your card.
If you haven't made any purchases during the week, then please register in the Verified by Visa system so that the money can be recovered.
This system fully protects you from unauthorized use of your card.
If you are already registered in the Verified by Visa system, then you have to register one more time to activate your account.

The scam email then says to "Follow the link to continue the registration process". The displayed portion of the link reads as if its a legitimate Visa site, but the target points to an attacker owned website intended to steal your credit card and bank login credentials.