Wednesday, May 20, 2009

New Catalog Coming soon

The ULM Library's online catalog will soon change! But don't worry-- it is more or less the same as it is now, except that it looks different and should be easier to read and navigate. The changes will be applied on Memorial Day, May 25th.

For a working preview, click here.

Web attack that poisons Google results gets worse

The Gumblar attack has infected more than 3000 Web sites
By Robert McMillan , IDG News Service , 05/19/2009

A new attack that peppers Google search results with malicious links is spreading quickly, the U.S. Computer Emergency Readiness Team warned on Monday.

The attack, which has intensified in recent days, can be found on several thousand legitimate Web sites, according to security experts. It targets known flaws in Adobe's software and uses them to install a malicious program on victims' machines, CERT said.

The program then steals FTP login credentials from victims and uses that information to spread further. It also hijacks the victim's browser, replacing Google search results with links chosen by the attackers.

Security experts started tracking the attack in March, when it had infected several hundred Web sites, but in recent weeks the number of infected sites has jumped dramatically. The attack has been called Gumblar because at one point it used the Gumblar.cn domain, though on Monday it had switched to a different one.

Security vendor ScanSafe has counted more than 3,000 infected Web sites, up from around 800 just over a week ago.

That kind of continued growth is unusual, according to Mary Landesman, a senior security researcher with ScanSafe. Attackers have launched many widespread Web attacks over the past few years, but after a few months the total number of infected sites usually drops as Webmasters clean up their servers.

With Gumblar, more and more sites are now being infected. Landesman believes it's because Gumblar's creators have been good at obfuscating their attack code and making it harder to spot on infected sites. And because they've been stealing FTP login credentials, they've been able to use a few new tricks to get their software onto the sites. "They're doing things like changing folder permissions … and leaving behind multiple ways that they can get back into the server," she said.

Still, Web attacks have become so widespread that Gumblar remains a relatively small-scale phenomenon, according to Symantec Security Response Product Manager John Harrison. Last year, Symantec counted 18 million online attacks against its customers. With Gumblar, it has counted 10,000. "It's really just another day with drive-by downloads," he said. "There really are so many of these."

Security experts say that if you're using a fully-patched system with up-to-date security software, you should be protected from these attacks. To date, they've worked by hitting the victim with malicious PDF or Flash files.

The IDG News Service is a Network World affiliate.

Friday, May 15, 2009

Downtime expected May 18th to May 20th

A large operation to maintain the equipment for the state consortium that handles most of our online resources will be undertaken that will extend from Monday, May 18th to Wednesday, May 20th.

Do not expect to be able to use all of the library's online resources between these dates. We apologize for the inconvenience.