Security firm McAfee has alerted the online community to a new Zeus botnet attack using bogus FedEx notification emails.

McAfee malware research scientist Pedro Bueno made note of the new Zeus push yesterday in a McAfee Labs blog posting. Bueno said the new spam campaign is linked to the Asprox botnet, which is spreading emails that use FedEx branding.

The researcher said these fake FedEx emails contain attachments that are really executables, with file names starting in FedExDoc or FedExInvoice.

On August 30, Microsoft flipped a switch allowing Hotmail users to use Exchange ActiveSync to synchronize their smartphones with Hotmail's email, contacts, calendar and tasks. Hotmail now matches, and exceeds what Google Sync offers.

Google added Exchange ActiveSync support over a year ago in their Google Sync service, but it initially only supported contacts and appointments. You had to get email through either POP3 or IMAP4 protocols. Now, depending on the device, you can also get push support for Gmail itself.

Hotmail matches all of that and adds synchronization support for tasks as well. Before you rush to configure your device though, make sure it is supported. Like Google Sync, Hotmail has limitations on platform support. Complete setup instructions are at the Windows Live Solution Center.

'New era,' says researcher of rootkit that bypasses 64-bit kernel defenses by infecting hard drive's boot record

"The infection is spreading on the Web, by using both porn Web sites and exploit kits,"

"To bypass Kernel Patch Protection and driver signature verification, the rootkit is patching the hard drive's master boot record so that it can intercept Windows' start-up routines, own it and load its driver," {A}

Rootkits that overwrite the hard drive's master boot record (MBR), where code is stored to bootstrap the operating system after the computer's BIOS does its start-up checks, are essentially invisible to the operating system and security software.

"The main Tidserv components are stored in unused space at the end of the hard drive in encrypted form," said Symantec researchers in a Thursday note on the company's security response blog. "This makes it more difficult to detect and remove once a computer is infected."

Both Prevx and Symantec said that they were continuing to analyze the 64-bit rootkit, and would publish more information when they had it.