According to CNET, criminals are using fake LinkedIn invite email to scam people into clicking links that lead to the Zeus botnet. The scam targets Windows users only and may be the first time the Zeus botnet has targeted LinkedIn users.

According to CNET, “Researchers saw tens of billions of messages related to the attack yesterday, Henry Stern, a senior security researcher at Cisco Systems, told CNET. “There have been some bursts today, but nothing like yesterday,” he said. “The botnet responsible for this is still in operation and it’s just doing something else right now.”

Fake LinkedIn email links to the Zeus botnet.

Thought I’d take a minute and send out a reminder about an annoying but necessary topic:  Patching.  There are quite a few patches that have been released in the last few days.  Microsoft, Adobe and Apple are all addressing some serious security issues.  So…Please take some time to update your systems.  It will reduce the likelihood of identity theft and other horrors.

1:  Microsoft OS.  Use the Microsoft updates link in Internet Explorer or visit the Microsoft Update page.  There are approximately 34 updates that are required.  Grab a coffee and sit back.  It takes a while.

2:  Adobe Flash player.  Adobe has been experiencing some serious issues recently and there’s a new one out.  You can either check for the updates button within the adobe applications or visit their website here.

3:  iPhone.  This one is a large download too.  You can access this by connecting your iPhone to your system and in iTunes, select your iPhone.  In the summary page click on the “Check for Update” button.  Instructions are here.

Patching is something many people avoid or ignore.  Treat it like mowing your lawn:  Do it with a beer and it’ll seem like less of a chore.

According to the brilliant Jeremiah Grossman, a severe vulnerability exists in Safari 4x and 5x allowing a malicious Web site to invade via the Autofill feature. More frightening, this vulnerability exists even if you haven’t filled out anything on the page.

TIP: Safari users are recommended to turn off Autofill immediately until Apple posts a patch or update to Safari. To turn off Autofill:

1. Safari Menu > Preferences > Autofill
2. Uncheck all Autofill options
3. Close Preferences

UPDATE: Looks like a variant idea was posted by Patrice Neff back in 2009. Still hasn’t been fixed! Also, Jeremiah suspects this may be a Webkit issue, which means Chrome, Konqueror and a few other browsers such as OmniWeb, iCab and possibly even the Android mobile browser will be affected.