[JP] Internet and Computer Security

Hackers target unpatched Adobe Reader, Acrobat flaw

2010-02-21T12:30:00.001+07:00

Adobe Systems Inc. said Monday it is investigating reports that attackers are exploiting a previously unidentified security hole in its Acrobat and PDF Reader software to break into vulnerable computers.

The acknowledgment coincided with an alert published by the Shadowserver Foundation, a nonprofit group that tracks the spread of malicious programs that criminals use to control infected systems remotely. Shadowserver member Steven Adair said the flaw is present in the most recent versions of Adobe Acrobat and Reader.

Adair warned that security experts have observed cyber crooks using the vulnerability in targeted attacks since at least Dec. 11, but that more widespread attacks are likely to emerge over the next few weeks. In addition, few anti-virus vendors currently detect malicious PDF files harboring this exploit.

At the moment, there is no patch available for this flaw, and Adobe's brief advisory offers little in the way of mitigation advice.

However, Internet users can protect themselves from this attack in a couple of ways. First, this exploit doesn't work unless users have Javascript enabled in Adobe Acrobat/Reader.To disable Javascript, click "Edit," then "Preferences" and then "Javascript," and uncheck "Enable Acrobat Javascript."

As an alternative to Adobe, I generally recommend the free and lightweight Foxit Reader. But there are other free PDF readers, including Sumatra PDF and PDF-XChange Viewer.

http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html?wprss=securityfix

TJX Hacker Indicted in Heartland, Hannaford Breaches

2009-08-24T11:54:00.000+07:00

A federal grand jury has indicted three individuals for allegedly hacking into credit and debit card payment processing giant Heartland Payment Systems last year, as part of an investigation the Justice Department is calling the largest identity theft case ever prosecuted.

According to indictments returned Monday in a New Jersey federal court, the government believes the same individuals were involved in a string of high-profile data breaches between October 2006 and May 2008, including intrusions at Hannaford Brothers Co., and 7-Eleven, Inc.

In total, the government alleges the hackers stole data on more than 130 million credit and debit cards from Princeton, NJ-based Heartland.

Read the full story, at this link here. A copy of the indictment is available here.

http://voices.washingtonpost.com/securityfix/2009/08/heartland_payment_systems_hack.html?wprss=securityfix

Security Patch Catchup: Java, Safari & OS X

2009-08-24T10:11:00.003+07:00

Security Fix took a mini-vacation last week, but that's all it takes to fall behind in important software security updates. Here's a quick pointer to some recent updates that have recently happened.
The last time I wrote about Java updates was at Update 13, but as several readers have pointed out, the latest version is now Update 16. Near as I could tell, Updates 14 and 16 did not include security updates. Indeed, Java maker Sun Microsystems says users who have Java SE 6 Update 15 have the latest security fixes and do not need to upgrade to version 16 to be current on security fixes.

However, Update 15 shipped fixes for a number of serious security holes, so if you've got an earlier version of this program installed, take a few minutes to update. Don't know whether you have Java or what version you may have? Visit this link.

Unfortunately, Sun still hasn't made the process of updating Java as easy as it should be. When I tried to update one of my Vista machines from Update 13 using the Windows Control panel (by clicking the Java icon, then the Update tab, and then the "Update Now" button), the updater told me I had the latest version installed.

To grab the latest version, I have to download and run a full installer from Java.com. The installer by default tries to install one of several programs the company has a deal with (mine offered the Yahoo! toolbar), so if you don't want the extra software be sure to deselect that option.

Apple also recently released several important updates. Among them was an update for the Safari Web browser that fixes at least six security holes. This patch brings Safari to version 4.0.3. Updates are available for Mac and Windows versions. Mac users can grab the update from Apple Downloads or Software Update, while Windows Safari users will need to use the bundled Apple Software Update tool.

In addition, Apple has released an update that corrects an important security vulnerability in Mac OS X 10.4 and 10.5 systems. That update is available through the Mac's built-in Apple Software Update feature.

http://voices.washingtonpost.com/securityfix/2009/08/security_patch_catchup.html?wprss=securityfix

Induc Virus Abuses Delphi Compiler

2009-08-24T09:50:00.001+07:00

The W32/Induc virus has been in the wild for at least a year. During this period it has succeeded in infecting a lot of Delphi installations, including manufacturers of some pretty popular software packages.

On a victim’s machine this virus searches for the presence of a specific version (4.0, 5.0, 6.0 and 7.0) of the Delphi compiler. The virus gathers this information using the registry entry below.

Read More ...
http://www.avertlabs.com/research/blog/index.php/2009/08/19/induc-virus-abuses-delphi-compiler/

Scammers Love Your Money

2009-08-24T09:47:00.000+07:00

We generally classify email messages pretending to be from a family member of a (often African) dignitary or from a desperate young woman as scams. In the first case, the sender sometimes explains that following the death of an influential dignitary a large sum of money is blocked in a bank account somewhere. With the recipient’s help and using his or her financial backing for a money transfer, the sender says that it would be possible to release the money. Substantial compensation is offered to whoever agrees. In the second case, the unknown beauty becomes a friend with the victim and suddenly has a terrible money problem.

For some individuals, these swindles, called advance fee fraud (also known as 419 fraud) and romance scam, are a primary source of revenue. They also employ lottery and fake price scams.

Read More ...

http://www.avertlabs.com/research/blog/index.php/2009/08/17/scammers-love-your-money/

Introducing the IEEE Industry Connections Security Group

2009-08-24T09:44:00.000+07:00

Agreement and collaboration have been two of the greatest challenges the security community has faced from the very beginning. In an effort to address this, The Industry Connections Security Group (ICSG), a new offering from the IEEE, allows like-minded companies to come together to solve industry or business problems that center on information security. Industry Connections is a program under the IEEE that allows for a fast start-up toward industry collaboration. It also offers the support and infrastructure of an established and well known brand—the IEEE itself. This effort will allow the group to focus on the work of security standards and problem solving, rather than being slowed down with issues such as incorporation or intellectual property matters. McAfee is proud to be a founding member of this effort.

Read More ...

AVG Internet Security SBS Edition 8.5.322 + Serial

2009-04-25T09:35:00.002+07:00

AVG Internet Security SBS ensure complete security protection against all of the most serious Internet threats, including viruses, worms, trojans, spyware, adware, hackers and spam. AVG Internet Security SBS 8.5, includes the most recent anti-virus, anti-spyware, anti-spam , Anti-Rootkit , Web Shield & LinkScanne and firewall technologies with reliable automatic updates while consuming a low level of computer resources for convenient use.

Download : AVG Internet Security SBS Edition 8.5.322

Serial:

8MEH-RF22Z-ANQGS-QDWMR-2ECTN-BEMBR-ACED

8MEH-RJR4R-7WKJ6-NL3DA-C3DZF-JEMBR-ACED

8MEH-RGHD3-SUAUO-SXPWA-P92GQ-9EMBR-ACED

AVG Anti-Virus SBS Edition 8.5.322 + Serial

2009-04-25T09:29:00.002+07:00

AVG Anti-Virus SBS ensure complete security protection against all of the most serious Internet threats, including viruses, worms, trojans, spyware, adware, and hackers . AVG Anti-Virus SBS 8.5, includes the most recent anti-virus, anti-spyware, Anti-Rootkit , Web Shield & LinkScanne and firewall technologies with reliable automatic updates while consuming a low level of computer resources for convenient use.

Download : AVG Anti-Virus SBS Edition 8.5.322

Serial:

8MEH-RJR4R-7WJJ6-NL3DA-CYVWB-JEMBR-ACED

8MEH-RJXR4-2CBYP-2GB3A-DBLAA-PEMBR-ACED

8MEH-RE6B8-SRJ4Z-A489R-9832J-EEMBR-ACED

Kaspersky Internet Security 2010 v9.0.0.323 Beta

2009-04-25T09:22:00.003+07:00

Kaspersky Anti-Virus 2010 – the backbone of your PC’s security system, offering protection from a range of IT threats. Kaspersky Anti-Virus 2010 provides the basic tools needed to protect your PC.

Kaspersky Internet Security 2010 – the all-in-one security solution that offers a worry-free computing environment for you and your family. Kaspersky Internet Security 2010 has everything you need for a safe and secure Internet experience.

Kaspersky Internet Security 9.0 – is a new line of Kaspersky Labs products, which is designed for the multi-tiered protection of personal computers. This product is based on in-house protection components, which are based on variety of technologies for maximum levels of user protection regardless of technical competencies. This product utilizes several technologies, which were jointly developed by Kaspersky Labs and other companies; part of them is implemented via online-services.

Our products for home and home office are specifically designed to provide hassle-free and quality protection against viruses, worms and other malicious programs, as well as hacker attacks, spam and spyware.

During product preparation several competitor offerings were considered and analyzed - firewalls, security suites systems, which position themselves as proactive in defence and HIPS systems. Combination of in-hosue innovative developments and results from analysis gathered through the industry allowed to jump onto a new level of protection for personal users, whereby offering even more hardened and less annoying computer protection from all types of electronic threats – malicious programs of different types, hacker attacks, spam mailings, program-root kits, phishing emails, advertisement popup windows etc.

Download : Kaspersky Internet Security 2010 v9.0.0.323 Beta

AVG Internet Security 8.0 Build 229a1410

2009-01-11T15:20:00.001+07:00

AVG Internet Security ensure complete security protection against all of the most serious Internet threats, including viruses, worms, trojans, spyware, adware, hackers and spam. AVG Internet Security 7.5, includes the most recent anti-virus, anti-spyware, anti-spam and firewall technologies with reliable automatic updates while consuming a low level of computer resources for convenient use.

Download : AVG Internet Security 8.0 Build 229a1410 (50.1 MB)

Apple deletes Mac antivirus suggestion

2008-12-09T13:12:00.001+07:00

Updated 7:45 p.m. PST with expert comment, at 7:20 p.m. PST with context on previous coverage, and at 7:08 p.m. PST with background.

Apple removed an old item from its support site late Tuesday that urged Mac customers to use multiple antivirus utilities and now says the Mac is safe "out of the box."

"We have removed the KnowledgeBase article because it was old and inaccurate," Apple spokesperson Bill Evans said.

"The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box," he said. "However, since no system can be 100 percent immune from every threat, running antivirus software may offer additional protection."

Apple's previous security message in its KnowledgeBase, which serves as a tutorial for Mac users, was: "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."

Security experts, while pleased that Apple would urge Mac users to install antivirus software, had warned that running multiple antivirus products could cause problems and recommended against it.

Apple's antivirus support note was initially published last year and was updated last month, despite reports that it was a new note.

One Apple expert speculated that Apple was merely removing a poorly worded support note and said it probably wasn't ever Apple's intention to tell Mac users they need antivirus.

"I bet you it was a low-level support note and it hadn't gone through the right approvals," said Rich Mogull, security editor of Apple news site TidBITS. "That's my guess."

To some, Apple's latest move will be seen as back-tracking given that it comes one day after those misleading reports circulated. The motive remains unclear, particularly because Apple didn't replace the previously published suggestion with an updated one.

The message that remains is that Mac users don't really need to take additional steps to protect against viruses and other malware. Telling customers they can run antivirus for "additional protection" could be interpreted as a way to protect against any liability.

There are no known viruses in the wild that exploit a vulnerability in the Mac OS, and Windows continues to be the overwhelming preference for malware writers to target their programs. But malware isn't just taking advantage of operating system weaknesses anymore. In fact, the majority of such threats now come from code that targets weaknesses in browsers and other applications that aren't platform specific.

Mogull said he doesn't recommend that the average Mac user install antivirus software because of the low-level of malicious software seen for Macs at this time.

To me, this new Apple statement poses more questions than it answers.

Regardless of the meaning of Apple's latest action, I'm pleased to now have open lines of communication with the company. Over the last few months, I have had an increasingly difficult time getting any response to my e-mails and phone calls. For instance, I got no response to my requests for comment on Monday's article about this topic. However, after talking to several Apple spokespeople on Tuesday about the matter I am confident that the situation has been cleared up.

I also was reminded of how much collective knowledge CNET readers have about Apple and would like to extend an invitation for people to feel free to contact me directly at elinor.mills@cnet.com with any feedback and tips related to Apple security issues.

Ref :: http://news.cnet.com/8301-1009_3-10111958-83.html

Antivirus firms shrug at Microsoft's free security suite

2008-12-09T13:09:00.002+07:00

Updated at 1:15 p.m. PST Wednesday with comment from Symantec and at 11:45 a.m. PST Thursday with comments from McAfee and Kaspersky.

For some security companies, Microsoft's decision to offer a free anti-malware product, code-named Morro, won't result in a dramatic change in how they do business.

Morro will be available in the second half of 2009 and will protect against viruses, spyware, rootkits, and Trojans, according to Microsoft.

"With OneCare's market share of less than 2 percent, we understand Microsoft's decision to shift attention to their core business," Joris Evers, director of worldwide public relations for McAfee, said in an e-mail.

As for confronting a free malware solution from a software giant, Evers said, "With more malware attacks than ever before, we believe our advanced technology, commitment to consumer education, superior protection, dedicated focus on security, and our 20-plus years in this business will provide consumers the confidence to choose McAfee as their trusted adviser and expert in security."

Justin Priestley, senior vice president of consumer sales at Kaspersky Lab's Americas division, also seemed not that concerned at the prospect of facing a free security solution from Microsoft.

"Having entered the U.S. consumer market at the same time as Microsoft, we initially viewed them as a formidable player. They've continued to hold a very low market share in the consumer market, and we don't expect the exit of OneCare to change the playing field drastically," Priestley said. "With the increasing threat malware and Web attacks pose, security is as important as ever, and we believe people will continue to choose antimalware software based on the quality of protection and will choose the highest-level product available."

Rowan Trollope, senior vice president of Symantec's consumer business, characterized the announcement as a "capitulation by Microsoft, and a reinforcement of the notion that it's simply not in Microsoft's DNA to provide high-quality, frequently updated security protection."

Featured Freeware: Laptop Alarm

2008-12-09T13:05:00.003+07:00

This simple program will sound an alarm through your laptop's speakers when certain activities occur, helping to thwart laptop theft. Laptop Alarm's four-check-box interface takes seconds to set. An option pop-up is as easily set to control mouse sensitivity and set a program password.

Operating Laptop Alarm is a snap. Users merely run the executable and set the alarm to sound if the laptop loses power the system is shut down or logged off, if the USB mouse is unplugged, or if the mouse moved. Testers found the program accurate with no false alarms. There's no method to alter the alarm sound, and users aren't given the opportunity to enter the program password before the alarm goes off.

Laptop Alarm performs well and as expected, but it doesn't run in the background and must be reset each time you want to use it. Leaving your computer is not an action we'd recommend, but this freeware may at least hurt the ears of a potential laptop thief.

Ref :: http://www.download.com/8301-2007_4-10101869-12.html

EstDomains: A Sordid History and a Storied CEO

2008-09-09T06:07:00.001+07:00

In this second part to an ongoing investigation into the notorious Web site host and domain name registrar EstDomains Inc., Security Fix examines the company's history, the legacy of its current chief executive, and its future prospects.

The "Est" in EstDomains is a nod to the company's origins: It was founded in Tartu, the second largest city in Estonia (although the corporation is officially registered in Delaware). The chief executive of EstDomains is 27-year-old Vladimir Tsastsin, pictured below.

Tsastsin also is named as the head of Rove Digital, a company that appears to encompass a domain auction service named Bakler.com, and a recently launched Web traffic-shaping service called Zmot.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

A Superlative Scam and Spam Site Registrar

2008-09-09T05:56:00.002+07:00

Over the past week, a number of the Internet's largest data carriers have ceased providing online connectivity to Atrivo (a.k.a. "Intercage"), an ISP that security experts say is home to a huge number of scammers and spammers. This week, I'm turning the spotlight on EstDomains Inc., Atrivo's most important customer and the single biggest reason so many experts have condemned Atrivo.

According to RegistrarStats.com, EstDomains is the 49th largest domain name registrar, with more than 270,000 domains. Security Fix is still working on cataloging all of those domains, but for the purposes of this analysis we'll examine some 10,000 Web site names that are both registered through EstDomains and using the company's various domain name servers to route traffic to them.

I chose to focus on that particular subset of 10,000 domains mainly so that EstDomains could not simply disavow knowledge of the sites' activities by claiming it serves as nothing more than a registrar for those domains.

Turns out, at least one-third of those domains (.CSV) are currently blacklisted by SURBL.org, which tracks Web site names that are advertised in junk e-mail.

Have a look at the complete list of those 10,000 names -- which I've made available at this link here (.CSV file) -- and it should quickly become evident why so many are blacklisted.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

FBI Warns of Hit Man Scam Resurgence

2008-09-09T05:54:00.001+07:00

The FBI is warning people not to be disturbed by an e-mail scam that threatens your life and orders you to pay up to avoid being the target of a hired hit man.

The FBI said its Internet Crime Complaint Center continues to receive thousands of reports concerning the hit man e-mail scheme. The FBI notes that while the content of the missive has evolved since similar hit man scams first surfaced in late 2006, the message remains the same, claiming the sender has been hired to kill the recipient.

In some cases, the use of names, titles, addresses, and telephone numbers of government officials and business executives, and/or the victims' personal information are used in an attempt to make the fraud appear more authentic, the FBI said.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Scammer-Heavy U.S. ISP Grows More Isolated

2008-09-07T14:48:00.000+07:00

Last week, Security Fix published an analysis of Atrivo, a California based Internet service provider, also known as Intercage, that has proven to be a virtual magnet for cyber-criminal operations. Since that time, Atrivo's biggest network backbone provider decided it could no longer support the company, and stopped offering it direct connectivity.

I first got wind of this change while reading a post on the NANOG mailing list, which caters to professionals employed by ISPs and various network providers. Marcus Sachs, director of the SANS Internet Storm Center, had said it looked like Global Crossing had stopped handling long-haul Internet traffic for Atrivo/Intercage within hours after our story was published. I followed up with Marc, but he was unable to produce any conclusive data showing the change.

Fast forward to today, and with the help of Jose Nazario at Arbor Networks, I was able to pull together a view of what happened. Global Crossing has in fact "de-peered" from Atrivo/Intercage, so it is no longer providing direct Internet connectivity.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Number of Bot-Infected PCs Skyrockets

2008-09-07T14:42:00.000+07:00

The number of PCs compromised with software that lets cyber criminals control the machines from afar has more than quadrupled over the last quarter, security experts warn

The estimates come from Shadowserver, a group of volunteers that monitor activity from robot networks or "botnets," large armies of hacked personal computers used for spam, phishing and all kinds of criminal activity. Shadowserver saw a rise from roughly 100,000 botted PCs to about 400,000 over the past three months.

John Bambenek, an incident handler with the SANS Internet Storm Center, which tracks hacking trends, speculates that the spike is probably related to the massive numbers of Web sites that have been hacked by SQL attacks, and seeded with browser exploits.

While those numbers might seem high, they suggest more of a recent upward trend in bot counts rather than an accurate picture of just how many compromised PCs are out there. In fact, numerous other security experts this year have spotted single botnets that include upwards of 350,000 compromised PCs. And by nearly all accounts, there are thousands of distinct botnets out there today under the thumb of criminal groups and individual hackers.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

FBI Warns of Hit Man Scam Resurgence

2008-09-01T06:08:00.002+07:00

The FBI is warning people not to be disturbed by an e-mail scam that threatens your life and orders you to pay up to avoid being the target of a hired hit man.

The FBI said its Internet Crime Complaint Center continues to receive thousands of reports concerning the hit man e-mail scheme. The FBI notes that while the content of the missive has evolved since similar hit man scams first surfaced in late 2006, the message remains the same, claiming the sender has been hired to kill the recipient.

In some cases, the use of names, titles, addresses, and telephone numbers of government officials and business executives, and/or the victims' personal information are used in an attempt to make the fraud appear more authentic, the FBI said.

I've heard about these scams before, but never actually seen one of the e-mails until today. Below is a copy of one of the scams making the rounds now.

"Dear Friend,
Goodday to you.
Am very sorry for you my friend, is a pity that this is how your life is going to end as soon as you don't comply. As you can see there is no need of introducing myself to you because I don't have any business with you, my duty as I am mailing you now is just to KILL/ASSASINATE you and I have to do it as I have already been paid for that.
Someone you call a friend wants you Dead by all means, and the person have spent a lot of money on this, the person also came to us and told me that he want you dead and he provided us with your name, picture and other necessary information's we needed about you. So I sent my boys to track you down and they have carried out the necessary investigation needed for the operation on you, and they have done that but I told them not to kill you that I will like to contact you and see if your life is Important to you or not since their findings shows that you are innocent.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Report: Email Address Dictates Spam Volume

2008-09-01T06:01:00.002+07:00

The first letter of your email address is one factor in your spam risk, a researcher says

By Kelly Jackson HigginsSenior Editor, Dark Reading

Everyone knows that some people get more spam than others, but new research shows that it may have something to do with the first letter of your email address.
Richard Clayton, a security researcher at the University of Cambridge in the U.K., says he found evidence that the more common the first letter in your email address is, the more spam you get: in other words, alice@company.com typically gets a higher volume of spam than quincy@company.com, or zach@company.com. He says that’s simply because there are more combinations of names that begin with “A” than with “Q” or “Z.”

Over an eight-week period, Clayton studied around 8.9 million emails at a U.K. ISP and found that the email addresses that began with “A” received 35 percent spam in their inboxes, while “Z’s” got about 20 percent -- after sorting out real emails versus invalid ones that had likely been generated by a spamming tool. Clayton says it’s likely that spammers using dictionary attacks could be the cause of this disproportionate distribution of spam.

Read more ...
Dark Reading.

Report Slams U.S. Host as Major Source of Badware

2008-09-01T05:56:00.001+07:00

Last week, I examined a series of Web services that make profiting from cyber crime a point-and-click exercise that even the most novice hackers can master. Today, I'd like to highlight the activities of Atrivo, a Concord, Calif., based network provider that hosts some of these services.

Several noted security researchers are releasing a report today that stems from many months of investigating malicious activity emanating from Atrivo's customers. Security experts say that Atrivo, also known as "Intercage," has long been a major source of spyware, adware, viruses and fake anti-virus products.

The report is an exhaustive and well-researched analysis of Atrivo and its operations. Some of the statistics on active exploits cited in that report come from data sets I commissioned during my own investigation of Atrivo and later shared with Jart Armin, the principal author of the report and curator of the blog hostexploit.com.

Looking back several years, Atrivo's various networks were used heavily by the Russian Business Network, an ISP formerly based in St. Petersburg, Russia. RBN had gained notoriety for providing Web hosting services catering exclusively to cyber criminals. But after increased media attention, RBN dispersed its operations to other, less conspicuous corners of the Internet.

The portions of Atrivo most heavily used by RBN were Hostfresh -- which provides routing for Atrivo through Hong Kong and China -- and UkrTeleGroup (also known as Inhoster) out of Ukraine. These two networks remain core components of Atrivo's operation, and recent data suggests the company's reputation for supporting online criminals hasn't diminished since the disappearance of the RBN last year. As of last December, Atrivo boasted the largest concentration of malicious activity of any hosting company, according to a report released by security intelligence firm iDefense.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Microsoft Patches 26 Security Holes

2008-09-01T05:52:00.002+07:00

Microsoft today released updates to fix at least 26 security vulnerabilities in its Windows operating systems and other software. At least 17 of those flaws earned Microsoft's "critical" rating, meaning they could be exploited to break into vulnerable systems with little or no help from the victim.

The 26 vulnerabilities are the most Microsoft has addressed since it had 25 in August of 2006, which also included 17 rated as critical, according to anti-virus firm Symantec.

Microsoft patched two holes in that have already been used in targeted attacks against people browsing the Web with Internet Explorer 6 and 7. In addition to those two fixes, one bundle of critical updates plugs five other security holes in Internet Explorer, most of which Microsoft said are present all versions of the browser.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

A Baker's Dozen of Security Updates for iPhone 2.0

2008-07-12T09:44:00.002+07:00

As expected, the 2.0 version of iPhone released today includes a number of security updates, patching more than a dozen holes in the slimmed-down OS X operating system that powers the devices.

That means for those who already own Apple's mobile device, it's time to update.

As detailed in a column last week, a number of these patches are updates that Apple shipped earlier this year for Safari and/or the version of OS X designed for Mac desktop and laptop computers. iPhone 2.0 bundles some 13 security updates, five of which address previously undocumented security flaws.

Among the more notable (if not serious) patches: One fix for the gadget's Safari Web browser that was addressed by a number of other software makers (including Mozilla) back in June 2006. Another Safari update plugs a security hole that Apple sealed in its Microsoft Windows version of Safari last month. Another fix corrects a bug in the iPhone's innards that Apple said could allow remote attackers to reset a targeted iPhone by sending it a specially crafted packet. An exploit for this vulnerability has been available online since February.

The new software is available for iPhone 1.0 and iTouch 1.1 devices, through iTunes.

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Speeding In Maryland Could Be Hazardous to Your Identity

2008-07-12T09:37:00.000+07:00

If you've ever received a traffic ticket in Maryland, your name, birthday, Social Security number and address may be posted on the Maryland state Web site for anyone to find, Security Fix has learned.

Reader Mark Webster from Annandale, Va., alerted me that the official Maryland court records Web site lists the personal data of countless citizens. The citations listed go back more than 30 years, and include records even for routine traffic stops that were ultimately dismissed.
The records with sensitive data in them appear to be limited to tickets issued to people who currently or at one time lived in a state that previously used the Social Security number as the default driver's license or customer number. [..]

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

April Fool's Day Warning, And Some Fun - Security Fix

2008-04-03T05:40:00.000+07:00

April Fool's Day Warning, And Some Fun - Security Fix: "April Fool's Day Warning, And Some Fun

This post has been updated. Please read through to the end.

Original post:

The cyber criminal(s) behind the Storm worm want to make an April Fool out of you today.

The Storm worm author(s) likes to use holidays and other notable calendar occasions to launch new attacks. True to form, new versions of the Storm worm were blasted out yesterday as links in an e-mail that included a taunting image of an idiot in a fool's costume wearing a 'kick me' sign. Anyone foolish enough to follow the embedded directions telling recipients to 'click here, if your download doesn't start in 5 seconds,' will hand their PC over to the bad guys.

Image F-Secure.com

The security news on this first day of April isn't all hackers and viruses. In fact, you'd do well not to take anything you read online today too seriously. Below are a few of the more entertaining fake security news stories spotted so far today (hat tip to the SANS Internet Storm Center).

F-Secure: A new Trojan horse program that actually deposits money into your bank account.

Google: Introducing 'Gmail Custom Time.' Didn't send that presentation on time? No problemo! Now you can back-date your G-mail messages.

NASA: Giant Space Station Robot Turns on Crew (image)." [..]

Read more...
Brian Krebs on Computer Security. The Washington Post Company.

The Curious Case of Dmitry Golubov - Security Fix

2008-04-03T05:37:00.000+07:00

The Curious Case of Dmitry Golubov - Security Fix: "The Curious Case of Dmitry Golubov

Earlier this month, Security Fix took a look at Dmitry Ivanovich Golubov, a Ukrainian politician once considered by U.S. law enforcement to be a top cybercrime boss.

Golubov took rather strong exception to the way he was characterized in that post, denying involvement in any type of cybercrime activity. The problem, Golubov claimed, is that the FBI confused him with someone else."

According to Golubov, he was the victim of identity theft. Someone gained access to his passport, scanned it and posted it online along with a note confessing his involvement in a multinational credit card theft ring. According to Golubov, the note read:

"I Dmitry Golubov, leading hacker, I hack banks, but I have nothing to fear because the police with me at the same time, and in order for you to believe me that I am not afraid I show you my passport, as well as my home address and home phone."

"I am not mentally sick; if I indeed engaged in such activities, you think I will write about this on the Internet?" Golubov wrote in an e-mail exchange with Security Fix.

It just so happened that a short time after I wrote about Golobuv's political activities, I heard from one of the FBI agents who worked on his case back in 2005. The agent traveled to Ukraine to visit Golubov while he was in prison there awaiting trial.

Read more...

Brian Krebs on Computer Security. The Washington Post Company.

Google Reader (1000+)

2008-03-20T10:25:00.000+07:00

Google Reader (1000+)

Spyware Horror Story: Antispyware bog-down | Software news, tips, and opinions from Download.com editors - Download.com

2008-03-20T10:24:00.000+07:00

Spyware Horror Story: Antispyware bog-down | Software news, tips, and opinions from Download.com editors - Download.com

Published by Jack; Brisbane, Australia

I run Windows 2000 Professional and ran Ad-Aware SE with great success. Ad-Aware stopped updating this year, so had to then get Ad-Aware 2007. This did not work. It kept seizing up while scanning, so I got rid of it and then downloaded McAfee VirusScan from Download.com. This is when my worries began.

My PC just virtually seized up. Every task took 10 times longer to do. If I wanted to open a window or go onto the Internet, I had to click on the icon and go away for 5 minutes before it would come up. It was sooo frustrating. If I had maybe three programs running, then the machine would tell me that there wasn't enough memory and it would have to expand it. I checked the Task Manager and saw that the program running the most memory was "massrv.exe," which turned out to be McAfee. So, I've had to uninstall it. Even then it didn't want to be removed and it took three goes before it surrendered! Frustration!

Here's what I want to know: Is there any antispyware program around that works with 2KB without seizing up?

Editor's response

2KB, Jack? Two?! I hope you mean MB, for megabytes, because there are very few programs that do anything with fewer than even 20 kilobytes. In fact, in the antivirus category on CNET Download.com, there are precisely seven below 50KB in size.

You'd do better with a 2MB restriction. Zone Alarm Anti-virus and ProcessGuard are both high-rated products sliding in just shy of 2MB, and the new, promising Haute Secure just tops your upper limit at 3.45MB.

But really, this cute little scavenger hunt is beyond the point. Part of responsible PC ownership is investing in enough memory to support strong, smoothly functioning security. Period. Just check out some juicy Spyware Horror back stories to see the consequences.

But I won't leave you in a lurch. CNET Shopper is a great resource for pricing RAM before you buy, and there are certainly a few tricks on Download.com that can help you narrow your search for RAM-conscience apps with elusive Cinderella footprints. Every listings page on Download.com contains a drop-down menu for filtering a search; this includes OS, license (if the app is free or free to try,) and size. The memory requirements are also reproduced in the stats on every product page you open, so there's no excuse for downloading something too gargantuan for your computer to handle and then blaming the app for poor performance.

Using the silze filter on CNET Download.com can save you time finding apps with small footprints.

Read more ...
Posted by Jessica Dolcourt, Download Blog, Download.com

Set Internet Explorer and Firefox to maximize your security | Software news, tips, and opinions from Download.com editors - Download.com

2008-03-20T08:25:00.000+07:00

Set Internet Explorer and Firefox to maximize your security | Software news, tips, and opinions from Download.com editors - Download.com

Set Internet Explorer and Firefox to maximize your security.

2008-03-20T08:24:00.004+07:00

Modern browsers are much better than their predecessors at keeping your Web activity private and your data safe. Still, you may not have your browser configured to provide optimum security. Take a few minutes to give Internet Explorer 7 and Firefox 2 a safety check.

Batten down IE7's hatches
The version of IE7 for Vista adds the Protected Mode, which allows Web sites to access only the Temporary Internet Files folder on your PC. According to Microsoft, this feature is on by default for the Internet, Intranet, and Restricted zones, but disabled for the Trusted Sites and Local Machine zones. On my machine it was enabled for all zones. You'll see "Protected Mode: On" in the status bar when it's active, or click Tools > Internet Options > Security, and make sure "Enable Protected Mode (requires restarting Internet Explorer)" is checked at the bottom of each zone.

Maximize security in IE7 for Vista by making sure Protected Mode is enabled.
(Credit: Microsoft)

There have been some reports of Protected Mode causing problems, so if a particular page won't load or run correctly, disabling this feature may solve the glitch, though I don't recommend keeping Protected Mode off. The Web's not getting any safer, and you need all the protection you can get.

Another great new feature in IE7--for XP and Vista alike--is the Phishing Filter. Why the filter is off by default I'll never know. To activate it, click Tools > Phishing Filter > Turn On Automatic Website Checking > OK. Unfortunately, choosing Tools > Phishing Filter > Phishing Filter Settings merely opens the Advanced Internet Options dialog box, where you can scroll down to the Phishing Filter section under Security, only to find that your only two options are to disable the filter, and to "turn off automatic website checking." But while you're in the Advanced Options settings, make sure "Automatically check for Internet Explorer updates" is checked in the Browsing section. Click OK when you're done. [...]

Posted by Dennis O'Reilly, Download Blog, Download.com

A free and easy way to test your Wi-Fi security

2008-03-16T09:10:00.004+07:00

If you’re wondering just how secure your home network is, here’s an easy way to find out. Pure Networks, makers of the popular Network Magic management tool for home networks, has a free diagnostic scan that will deliver a scorecard on your network’s security status.

The Pure Networks Security Scan tool, which works only with Internet Explorer 6 or later, is clearly bait for Network Magic. But it’s a fun download that can provide insight into your network security in just a few minutes.

Run the scan, and the resulting scorecard provides a summary status of network devices, the router and network, wireless security, and the computer on which you ran the scan. It advises you of the number of issues tested for each category, alerts you to any worrisome issues found. Click View and it gives you a detailed look within each category.

Some of the items it tests under Router and Network include whether you are running a hardware firewall, if your password is strong (and, of course, changed from the factory default), and whether your router firmware is up to date. Under the Wireless Security tab, the scan checks to ensure that you have changed the factory SSID, tells you what kind of wireless security you’re using, and whether there are any SSID name conflicts. [...]

Read more ...
Rik Fairlie, ZDnet.com

Six Degrees of E-Separation

2008-03-16T09:07:00.003+07:00

If you've ever played the game "Six Degrees of Kevin Bacon," you know there's a lot of truth to it. It's based on the notion that any actor can be linked through his or her film roles to Mr. Bacon.
And if you've ever spent some significant time on social networking sites, it's pretty easy to see how this game can be applied to you or your friend's real connections.
So, it should come as no surprise that the same dynamic may work amongst victims of computer viruses.

I came up with the nutty idea for this experiment after stumbling upon a trove of data stolen by a single keystroke logger, which appeared to be in operation between June and September of 2007, according to the time- and date-stamped records. During that time, the criminal(s) responsible for distributing that keylogger ensnared some 10,000 victims, stealing more than 20 gigabytes worth of stored user names and passwords, as well as credentials passed when victims logged in to any sites that required credentials.

Security Fix has mined these types of data troves in previous posts, examining everything from the types of credit cards stolen to compromised businesses to mapping out victims by geographic region. In an effort to look at this data in a different light, I choose this time around to look at the relationships between all victims who had accounts with LinkedIn, a social networking site that caters to executives and the business community.

Out of those 10,000 victims, I was able to confirm that at least 100 were LinkedIn users. That is, only about 100 had either stored their LinkedIn credentials in Internet Explorer or had logged into their LinkedIn account while the keylogger resided on their PC. I was unable to positively identify about one-quarter of the 100 LinkedIn users in this set, most likely for one or more of the following reasons: their full name wasn't included in the rest of the stolen data; the victim's last name had changed since the data was stolen; they had closed their LinkedIn account since the data was stolen. [...]

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

The Future of Anti-Virus Software

2008-03-12T16:15:00.003+07:00

John Moore on March 11, 2008
Anti-virus software elicits a variety of responses from industry executives, analysts and users.
Some question the usefulness of the software and view signature-based offerings in a particularly dim light. Others cite the performance effects that anti-virus tools have on PCs. Anti-virus proponents, however, believe that the technology will endure as a component of a layered defense strategy, pointing to the addition of behavior-based scanning.

“As long as viruses exist, anti-virus programs will be designed to help protect users from online threats,” said Tim Rains, security response communications lead for Microsoft.

Rains pointed to data stemming from Microsoft’s Malicious Software Removal Tool as supporting the importance of running anti-virus software. The tool removed malware from 1 out of every 217 computers in the first half of 2007, compared with 1 out of every 409 computers in 2006 and 1 out of every 359 computers in the second half of 2005.

Network Distribution

But there’s another anti-virus issue to consider: Will anti-virus software continue to evolve as a third-party product, or will it become a feature embedded in OSes?

Rob Enderle, principal analyst at Enderle Group, said he believes basic security should be part of the OS platform.

“With IBM mainframes, the core security came from IBM, and for Unix, core security was provided by the platform owners,” he said. “If you needed extra, that could come from a number of sources. But basic security — and anti-virus is basic security — should be part of the platform in my view.”

David Lawson, director of risk management at Acumen Solutions Inc., a business and technology consulting firm, has a different take on where the anti-virus function will reside. He believes that anti-virus tools may end up embedded in the network, noting that the centralization of anti-virus technology would provide an efficiency boost.

“I would suggest we pull [anti-virus] away from the desktop and centralize it more,” Lawson said. Lawson said that he sees anti-virus software moving to network devices as part of rule-based forwarding and on application servers.

Enderle, meanwhile, said that user demands at the OS level will alter the anti-virus landscape. “I think we are seeing a trend where people who use … Windows, Apple and Linux expect the folks who supply it to provide for their basic security needs,” he explained. “This will likely change the anti-virus market dramatically.”

Key Differentiators

However, [...]

Read more ...
IT Security.com

Microsoft Patches 12 Office Security Holes

2008-03-12T16:04:00.003+07:00

Microsoft today issued four updates to fix at least a dozen security vulnerabilities in its Office software products. All of the updates earned Microsoft's "critical" label, meaning attackers could exploit the flaws to break into Windows systems with little or no help from users.

Included in today's Patch Tuesday roundup are fixes for just about every Office suite or stand-alone product that Microsoft currently supports -- going back to Office 2000 and including Office for Mac software and various Office Viewer components.

One of the updates, which mends at least seven flaws in different Office titles, patches a security hole that hackers were exploiting as early as last week, according to reports from US-CERT and the SANS Internet Storm Center.

Interestingly, that patch and one other address security holes found in Office 2007, a product that underwent rigorous code review in an attempt to minimize the kinds of security weaknesses that were found to be pervasive in older versions of Office.
Office users can grab the latest patches from Microsoft Update. Office 2000 users, however, can only obtain them from Microsoft's Office Update. Office 2000 users may also need to have their Office installation CD handy in order to install these updates. [...]

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

When Ads Go Bad

2008-03-11T07:22:00.003+07:00

A long-time trusted source recently alerted me that some inappropriate advertisements were running on Neopets.com, a Web site full of addictive Macromedia Flash games aimed at pre-teens. Surprisingly, the curators of Neopets.com -- major media conglomerate Viacom -- are disavowing responsibility for the racy ads, saying they did not exist on their network and instead were the result of adware or spyware on my source's computer.

Included is a screenshot taken of one of the multiple ads I found on the site, which linked back to Internet dating site True.com. A Neopets.com spokesperson said the ads could not have possibly have been served through its site, and that the ads must have been displayed by malicious software.

"This appears to be a 'malicious' software program and we are aggressively investigating its origin," the company said in an e-mailed statement. "We would never accept this type of ad on any of our company's sites as it doesn't meet any of Neopet's standards."

Neopets could not specify any particular adware or software in existence today that exhibits this type of ad-swapping behavior, but offered to put me in touch with an expert who could talk about how it would be theoretically possible for such malware to exist. Scans with several anti-spyware and anti-virus products returned a clean bill of health on my source's PC. [...]

Brian Krebs on Computer Security. The Washington Post Company.

The FDIC Computer Intrusion Report

2008-03-07T05:42:00.002+07:00

Last week, Security Fix featured the highlights from a non-public report by the Federal Deposit Insurance Corp. (FDIC) that examined a huge recent spike in the cost of computer intrusions for banks and consumers. I chose not to publish the report itself at the time, but due in part to the large number of requests I've received from people inside the financial sector who claim to have never seen such figures from the government before, I've decided to release a slightly redacted version of it (the original version contained a number of case studies that included potentially sensitive data about ongoing law enforcement investigations).

FDIC Division of Supervision and Consumer Protection: Cyber Fraud and Financial Crime Report, November 9, 2007 (as of June 30, 2007) (Doc). For those who don't have Microsoft Word, a less attractive HTML version of the report is available here.

I should note that while the report centers on cyber fraud, there are other aspects of bank fraud detailed in this report that may be of interest for reporters or fraud analysts in other sectors. For example, the study includes data showing a sizable increase in new account fraud using completely fabricated identities, which are turn used for check kiting and fraud "bustout" fraud schemes. Also, the report includes recent figures on mortgage fraud rates. [...]

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

The MonaRonaDona Extortion Scam

2008-03-07T05:30:00.002+07:00

Online tech support forums are starting to light up over an increasing number of PCs sickened by something called the "MonaRonaDona virus," a piece of malware that threatens to trash host computers. As it happens, MonaRonaDona appears to be a relatively innocuous invader that was created to scare people into purchasing a fake new anti-virus product.

I first read about MonaRonaDona in a discussion thread over at the excellent DSL Reports Security Forum, where members traded tips on removing the bugger. Nobody seems to know how the thing wiggles into infected PCs in the first place, but the one thing that's clear is that this invader's primary purpose is to call as much attention to itself as possible (that kind of behavior is always a red flag, because most modern malware succeeds by being stealthy and unobtrusive). This piece of malware disables a number of programs on the victim's PC, changes the title of each Internet Explorer Window to include its name, and pops up the warning shown in the adjacent screenshot. [...]

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

An Opera Update And A Farewell to Netscape

2008-02-28T08:15:00.002+07:00

A new version of the Opera Web browser fixes at least three security vulnerabilities in the software. Separately, a security patch from AOL marks the final update for the venerable Netscape browser.
The latest update from AOL will be the last for Netscape: AOL officially ends support for it on March 1, meaning it has no further plans to ship security updates for Netscape or otherwise maintain the browser.
While Netscape's share of the browser market today is practically negligible compared to that of Internet Explorer, Firefox and Opera, this final version is a bit of an unceremonious goodbye for a browser that helped introduce so many people to the World Wide Web back in the mid-1990s. In 1998, Netscape released the source code for the Netscape Communicator browser. By doing so, it helped formed the basis of the Mozilla.org project -- an open source initiative that laid the groundwork for Firefox (For more background on the storied relationship between Netscape, AOL and Mozilla, see these links here). [...]

Read More ...
Brian Krebs on Computer Security. The Washington Post Company.

When Blocking Porn Isn't Enough

2008-02-28T08:06:00.003+07:00

Last year, Security Fix looked at a free service that helps parents and other network administrators block adult Web sites for all of the PCs they control, without installing any software. Now, the company and community that built that service has expanded it to allow administrators to filter a wide range of online content, from hate speech sites and social networking forums to sites promoting drugs and alcohol.

The service comes from OpenDNS, the company responsible for Phishtank.com, a community-based effort that collects data on phishing sites. Phishtank's data about scam sites is fed to anti-phishing features built into Web browsers like Firefox and Opera. [...]

YouTube Censorship Sheds Light on Internet Trust

2008-02-27T01:20:00.003+07:00

If you happened to be searching for a video at YouTube.com Sunday afternoon, there's a good chance your browser told you it was unable to locate the entire Web site. Turns out, much of the world was blocked from getting to YouTube for part of the weekend due to a censorship order passed by the government of Pakistan, which was apparently upset that YouTube refused to remove digital images many consider blasphemous to Islam.

According to wire reports, Pakistan ordered all in-country Internet service providers (ISPs) to block access to YouTube.com, complaining that the site contained controversial sketches of the Prophet Mohammed which were republished by Danish newspapers earlier this month. The people running the country's ISPs obliged, but evidently someone at Pakistan Telecom - the primary upstream provider for most of the ISPs in Pakistan - forgot to flip the switch that prevented those blocking instructions from propagating out to the rest of the Internet.

To understand how a decision by bureaucrats in Islamabad could prevent the rest of the world from accessing arguably one of the Web's most popular destinations, it may first help to accept the basic notion that when the Internet was designed decades ago, everyone on the network pretty much knew and trusted one another. While the close-knit family of individuals responsible for keeping the Internet humming along has since grown into a larger community, it is still a fairly small community based largely on trust and everyone playing nice with one another. [...]

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Trojan planted on US Consulate website

2007-09-14T15:10:00.000+07:00

Russian roulette
By John Leyden → More by this author
Published Thursday 13th September 2007 11:43 GMT

Webpages of the US Consulate General in St. Petersburg, Russia, were infected by malware earlier this week. The US consulate site was caught up in a much larger hack attack and is not thought to have been targeted as such.

The infected pages have since been cleaned up, reports net security firm Sophos which monitored results of the assault.

The attack on the US consulate was part of a larger campaign by cybercriminals targeting vulnerable web servers. The majority of the 400 compromised web pages hit by the attack were hosted in Russia. Hackers planted malicious scripts on compromised hosts.

After retrieving a copy of one of the infected Consulate pages from an internet cache, virus analysts as Sophos were able to identify the malware script planted on the site as Mal/ObfJS-C, a strain of web nasty that attempts to load further malware from a remote server. This malware includes a Trojan downloader script that attempts to plant backdoor code onto the PCs of surfers with vulnerable machines who visit infected sites.

The attack is described in much greater depth in Sophos's blog here. [...]

Read more ...
The Register. Security.

AOL's Free Anti-Virus Switcheroo

2007-09-14T15:06:00.000+07:00

A number of AOL users who have taken advantage of the free "Active Virus Shield" anti-virus offer from Kasperksy are complaining that the software has ceased downloading updates. Turns out AOL recently severed its relationship with Kaspersky, and is now offering customers free anti-virus service from McAfee.

It doesn't appear that AOL gave any sort of advanced warning that this change was forthcoming, although the company has information up on its site detailing the new McAfee offering. An AOL spokesperson said that while the the ISP is no longer offering new licenses for the free Kaspersky software, there is no reason that customers who still have time left on their Kasperksy license should have stopped receiving updates for the program.

Even so, some AOL virus shield users have reported that they can no longer download virus signatures to keep the program up-to-date. Assuming those users still have time left on their license (it gets renewed once a year), there appears to be a relatively simple tweak that has helped re-enable updates for many users.

Alternatively, AOL users can remove Kaspersky, pay to upgrade to a full version, or uninstall the program and go with the free McAfee offering. There also are several other free anti-virus options out there, including Antivir Personal Edition Classic, AVAST Home Edition, BitDefender Free, Clamwin Free, and Grisoft's AVG Free. [...]

Read more ...
Brian Krebs on Computer Security. The Washington Post Company.

Microsoft serves light fare on Patch Tuesday

2007-09-12T09:47:00.000+07:00

No critical patches for most Windows users
By Dan Goodin in San Francisco → More by this author
Published Tuesday 11th September 2007 22:00 GMTFind your perfect job - click here from thousands of tech vacancies

Microsoft served comparatively modest fare for its monthly patch release on Tuesday, issuing only four security-related updates, only one of which carried its top severity rating of critical. It plugged a hole in a Windows 2000 component, while the other updates fixed vulnerabilities rated as important in instant messenger programs, Visual Studio .Net and Windows services for
Unix found on several different versions of the Windows operating system.

In a rare event, the typical Windows user is likely to have just one patch to install. It addresses a vulnerability in the MSN Instant Messenger and Windows Live Messenger that could allow an attacker to take over a machine by tricking a victim into clicking on a specially crafted chat request. Despite MSN Messenger being installed on every copy of Windows, Microsoft rated the flaw important, presumably because it can't be exploited without the user taking action first.

Some users may have no patches to install, as was the case with this reporter. That's because the vulnerability doesn't affect Windows Live Messenger version 8.1, which was installed on the machine. A spokeswoman says other versions of Windows Live Messenger don't use Windows Update to install new updates. Instead, the client prompts the user to install a new version, she said. Windows Update still encouraged us to run Windows Malicious Software Removal Tool, as it does every month.

The rest of the updates apply to more technically inclined users. The most serious is the patch for a Windows 2000 component known as Microsoft Agent, which fixes a critical vulnerability that could allow an attacker to remotely execute code of his choosing. A third flaw affecting Visual Studio could also allow a remote execution, but only if a user opens a specially crafted RPT file. The last vulnerability, which affects Windows Services for UNIX 3.0, Windows Services for UNIX 3.5, and Subsystem for UNIX-based Applications, could allow an attacker to elevate privileges.

A fifth patch that had been planned for today was pulled for reasons that are not entirely clear. It was to address a vulnerability in SharePoint and had a severity rating of important. "Once Microsoft has developed and tested a security update that meets its quality bar for release, it will release the final update for this affected product along with a bulletin as part of Microsoft’s regularly scheduled process," a company spokeswoman said. You might say this month's Patch Tuesday was a small snack. By comparison, August's release required users to gorge on nine patches, six of which were rated critical. Internet phone provider Skype said the binge triggered a system-wide outage that lasted several days. The explanation left many of us scratching our heads because Patch Tuesday has been a regular fixture for several years now, and it was unclear why the update bundle only recently wreaked havoc. [...]

Read more ...
The Register. Security.

Banner Ad Trojan Served on MySpace, Photobucket

2007-09-11T15:20:00.000+07:00

Several banner ads containing Trojan horse programs that can compromise a user's computer have been running on some high-traffic Web sites for the past several weeks, including MySpace.com and Photobucket.com, Security Fix has learned.
Web security company ScanSafe said it first spotted the tainted banner ads on Aug. 8, and estimates that the hostile ads ran several million times for the next three weeks. Other sites that ran the ads included Bebo.com, TheSun.co.uk, and UltimateGuitar.com, officials at ScanSafe said. All a visitor to one of these sites needed to do to infect their machines was to browse a page that featured the ads with a version of Internet Explorer that was not equipped with the latest security updates from Microsoft.

This is hardly the first time malicious software has shown up in banner ads. A little over a year ago, I wrote about a similar banner ad attack that installed spyware on machines of more than a million MySpace.com users. This latest attack won't be the last either: Hacked banner ads are a very efficient way to distribute malware because they end up running on sites that most people trust:

The banner ads in question were traced back to an ad network exchange run by a company called RightMedia, which was recently bought by Yahoo!. The ads were being delivered to RightMedia's network from a third-party ad server. According to ScanSafe, those third-party servers included in their rotation several malicious ads that used Macromedia Flash files to load an invisible "iFrame" (used to insert content from another Web site into the current Web page). [...]

Read more ...
Brian Krebs on Computer Security. The Washington Post Company

Storm Worm Dwarfs World's Top Supercomputers

2007-09-04T11:10:00.000+07:00

The network of compromised Microsoft Windows computers under the thumb of the criminals who control the Storm Worm has grown so huge that it now has more raw distributed computing power than all of the world's top supercomputers, security experts say.

Estimates on the number of machines infected by Storm range from one million to 10 million, depending upon which security sources you believe. But hardly anyone would argue that many thousands of new PCs are being stricken by the worm each day, largely because the worm authors are continuously changing their tactics to trick people into installing it.

Massive pools of virus or worm-infected PCs, known as "botnets," are principally used to blast out spam, host scam Web sites, or to flood targeted Web sites with so much junk traffic all at once that they simply crash and are rendered unreachable by legitimate visitors. But the criminals who control these infected machines could just as easily use them to do some serious number-crunching, the kind of computational analysis typically left to the world's fastest supercomputers.

In a posting today to a data security mailing list, Peter Gutmann, a computer science professor with the University of Auckland in New Zealand, said the Storm botnet could easily outperform IBM's BlueGene/L, currently the top-ranked supercomputer on the planet.

Brian Krebs on Computer Security. The Washington Post Company

USAJobs.gov Hit By Attack On Monster.com

2007-08-31T16:39:00.000+07:00

USAJobs, the official job search site for the federal government, said Wednesday that more than 146,000 users had their account information stolen as a result of an attack on job search giant Monster.com earlier this month.

In mid August, attackers compromised Monster.com accounts gaining access to the company's resume database. With the help of a Trojan horse program targeted at Monster.com users, the attackers made off with the name, address, telephone number, and email address of at least 46,000 Monster.com users. Anti-virus giant Symantec later stated that as many as 1.6 million people may have had their information stolen in the attacks, which used e-mails that addressed recipients by their real names.

Turns out that Monster Worldwide is the technology provider for USAJobs, which is run by the U.S. Office of Personnel Management. Peter Graves, an OPM spokesperson, said 146,000 USAJobs users were affected by the Monster.com attacks. Graves said OPM has received assurances from Monster that Social Security numbers were not compromised.

OPM is in the latter stages of alerting all two million USAJobs.gov users to be on the lookout for phishing scams that might try to take advantage of the stolen data to make their scam e-mails appear more legitimate. Graves said the first signs of the attack surfaced in July, after the organization received a complaint from a USAJobs user.

Brian Krebs on Computer Security. The Washington Post Company

Pinch-bum malware creates titters

2007-08-31T16:37:00.000+07:00

Cheeky Trojan drifts onto the net
By John Leyden

The general dumbing down of the virus creation process along with attempts by for-profit hackers to tie up the resources of security firms mean that anti-virus sofware vendors are beginning to need three alphabetical letters for some Trojan families.

Occasional this naming convention throws up a double entendre-loaded moniker, as when Trojan-Downloader-Small-Coc rose to prominence in May. This week security techies intercepted the first copies of Trojan-PSW-LdPinch-bum. How they laughed.

Summer, and the silly season that accompanies it, draws to a close on Saturday with the start of September

Read more ...

The Register

Storm Worm descends on Blogger.com

2007-08-31T16:31:00.000+07:00

'Dude what if your wife finds this'
By Dan Goodin in San Francisco

Miscreants behind the Storm Worm have begun attacking Blogger, littering hundreds of pages with titillating messages designed to trick visitors into clicking on poisonous links.

By now, anyone who doesn't live under a rock is familiar with the spam messages bearing subjects such as "Dude what if your wife finds this" and "Sheesh man what are you thinkin" and including a link to a supposed YouTube video. Recipients foolish enough to click on the link are taken to an infected computer that tries to make their machine part of a botnet.

Now Storm Worm, the malware responsible for those messages, has overrun Google-owned Blogger. According to one search, some 424 Blogger sites have been infected. The actual number is probably higher because our search contained only a small fraction of the teasers used by Storm.

"What it really shows to me is how pernicious these guys are and they're indefatigable in trying to get into every place," said Alex Eckelberry, president of Sunbelt Software who blogged about the Blogger assault earlier. "This is a voracious, voracious worm. I don't think anybody in malware research has seen anything like Storm."

Storm has already gone through more lives than a pack of feral cats. It started out in January as an email promising information about a winter storm that was sacking Northern Europe. Since then it's offered sexy photos, electronic greeting cards and login credentials for various online memberships. According to researchers, Storm has infected more than 1.7 million hosts.

Storm's ability to crack Google's defenses is yet another testament to the resiliency of the malware. Google tends to outshine competitors in blocking spam and sniffing out sites that serve up Trojans.

It's unclear exactly how Storm was able to penetrate Blogger. We're guessing it's through a feature that allows bloggers to submit posts through pre-established email addresses, saving them the hassle of having to access Blogger's control panel. Alas, it may also be enabling Storm to yet again morph.

Representatives from Google didn't respond to emails asking for comment.

Read more ...

The Register

Porn & Spyware Found on Govt. and School Sites

2007-08-31T16:25:00.000+07:00

It would be great if the compromised Web servers I wrote about last week at Lawrence Livermore National Labs were an aberration, but sadly they are not. Conducting a simple Google search for adult-themed search terms found in ".gov" domains produces some very interesting results, including pages serving up adult videos along with a generous helping of spyware.

Several pages on both the official Web sites for the State of Louisiana and the Virgin Islands Housing Finance Authority show up prominently in the search results for porn at dot-gov domains. A handful of pages on those sites feature a blank video player that prompts the visitor to install a special video "codec" in order to view the adult movie.

Visitors who agree to install the codec inadvertantly agree to also install a piece of spyware that modifies your browser's home page, produces security alert icons on your Windows desktop, and serves nagging pop-up ads to install bogus anti-virus and anti-spyware security software.

Brian Krebs on Computer Security. The Washington Post Company

World of Warcraft exploit PKs servers

2007-08-28T16:02:00.000+07:00

Players in the World of Warcraft discovered an exploit that crashes the game's servers late Sunday, causing massive outages throughout the night.

The bug reportedly crashes the game's main world as well as all instances associated with the server, including its dungeons and battlegrounds.

Officially, Blizzard - the company behind WoW - has kept pretty mum on the exploit. From the WoW forum:

"We're aware of stability issues affecting select realms and are investigating. We'll provide an update to the situation as soon as additional information becomes available."

Blizzard spokesman Shon Damron gave us a little more dirt:

"Last night several realms did experience technical issues in regard to an exploit. This exploit was hot fixed within a couple of hours after it was discovered and the problem no longer exists."

Damron wouldn't specify what caused the bug, but we have since heard it may involve a problem with the user logging mechanism in the game's arena mode. We won't go into more detail because the internet already suffers enough entropy, thank you very much.

Hacking Groceries: Internet Coupon Fraud

2007-08-28T15:56:00.000+07:00

Over the weekend, my wife and I were shopping at Magruder's, a local grocery chain to which we're fiercely loyal, and we noticed a handwritten sign attached to the credit-card reader in the checkout line:

"Attn customers: Due to coupon fraud, we are unable to take Internet coupons."

A store manager, who asked me to kindly leave his name out of this post, said the store-wide policy went into effect last year, after it became apparent that there was "a lot of cheating going on. People were gang-printing these things by the reamfuls."

I've written about teenage hackers creating wholesale counterfeit coupons to get free pizza and other stuff at popular fast food joints, but the type of coupon fraud that's going on these days makes that type of activity seem like amateur hour.

Curious as to just how bad the coupon fraud problem really is, I checked out the Web site for the Coupon Information Center, a non-profit group based here in Alexandria, Va., which represents the manufacturers that issue 70 percent of the coupons in the United States today. Turns out that the Internet is helping to facilitate coupon fraud on a unprecedented scale.

...

Brian Krebs on Computer Security. The Washington Post Company.

Storm Worm Authors Turn to YouTube Lures

2007-08-28T15:50:00.000+07:00

Security Fix has spilled quite a bit of digital ink warning readers about the ever changing tactics of criminals behind the the indefatigable "Storm worm." This week's tactic (or today's as the case may be) involves e-mailed Web links disguised as video clips from YouTube.com

Here's one example that I received yesterday:

The link in the image on the right does not take the clicker to YouTube.com, but to an Internet address of a home computer that the bad guys have compromised and are using to serve up malicious software. If you hover such a link with your computer mouse, it should reveal that the true address is a dotted IP address (e.g. http://72.15.x.x), not a page at YouTube.com.

After a user clicks through to one of the Storm addresses, the machine at that address will attempt to exploit a kitchen sink of known Web browser and other software security vulnerabilities. If the would-be victim is invulnerable to these attacks, he or she will be prompted to simply download and run the malicious code.
The Storm worm is already hugely successful, with estimates of infected machines in the many millions worldwide. This clever tactic, however, is likely to significantly increase the pool of sickened machines.

Brian Krebs on Computer Security. The Washington Post Company

Hackers prowl for Trend Micro vuln

2007-08-26T11:06:00.000+07:00

Hackers have begun actively scanning for recently announced vulnerabilities in Trend Micro's ServerProtect product.

Security watchers at the Internet Storm Centre (ISC) have noted a huge upsurge of traffic on TCP port 5168, associated with security bugs in ServerProtect (an enterprise software product designed to protect servers and storage attacks).

Flaws in the application create a means for miscreants to load malware onto vulnerable systems. Fortunately, Trend Micro has published software updates designed to plug the security hole.

ServerProtect for Windows version 5.58 Build 1176 is known to be vulnerable, but other versions may also be flawed. Trend advises users to update to Build 1185.

Sys admins are advised to patch up vulnerable systems or run the risk of dealing with compromised machines. "It looks likes machines are getting owned with this vulnerability," ISC warned on Wednesday.

More information on the vulns can be found in advisories from security tools vendor ISS, which discovered the majority of the vulnerabilities, here and here. ®

Read more ...

The Register. Security. Enterprise Security.

Pharmacy Spam Blogs At U.S. Nuclear Safety Lab

2007-08-26T10:43:00.000+07:00

The Web site for the institution charged with safeguarding the safety and integrity of the U.S. nuclear arsenal has been inadvertently hosting advertisements and blogs that link to illegal prescription drug sites hawking everything from generic painkillers to erectile dysfunction medication, Security Fix has learned.

Dozens of pages belonging to the official Web site of Lawrence Livermore National Labs appear to have been seeded with the unauthorized advertisements. Beneath each of the full-page ads were a series of blog entries that featured a bizarre mixture of information, including what appears to be ill-translated gibberish interspersed with information that is actually relevant to the advertised drugs.

Security Fix located the pharmacy spam pages by conducting a series of simple Google searches, such as this one.

The sites are all now inactive, and it's not entirely clear how long they were up. According to the oldest date on the time-stamped blog entries, the attackers first began planting the ads and blog posts as early as March 2007.

Read more ...

Brian Krebs on Computer Security. The Washington Post Company

Yahoo! Messenger Network Overrun By Bots

2007-08-26T10:38:00.000+07:00

A large number of Yahoo!'s instant messenger chat rooms are being overrun by automated programs designed to hawk commercial services, Web sites and other wares, preventing millions of actual human users from joining most of the chat rooms on the company's network.

Normally, when Security Fix writes about automated robots or "bots," it's in the context of remote-controlled Microsoft Windows machines that have been hijacked by cyber crooks for use in online moneymaking schemes. In this case, however, we're talking mainly about relatively benign "chat bot" programs sold and marketed as walking billboards that lurk in the most popular chat rooms and periodically post links to various Web sites.

In a posting on the Yahoo! Messenger Blog subtitled "Bots, Bots and More Bots," product manager Sarah Bacon said the company was aware of the bot problem and was trying to devise a solution. "So stay tuned - we know this is a critical piece, if not the most important," she wrote.

From the tenor of the 620 comments that ensued, it appears many Yahoo! Messenger users are starting to tune out.

"Yahoo set out to fix a problem and the result is that you can not get into a room, or if you do the room is full of bots," wrote Yahoo! user "Bill," on Aug. 21.

Security Fix decided to download the latest (newly patched) version of Yahoo! Messenger and check out the situation last night. It wasn't pretty. Out of the 22 chat rooms I tried to join, only two let me in. The rest merely popped up a "Communications Problem" error message. One of the two that let me in (Amusement and Theme Park) appeared to be full of automated programs posting messages. The other summarily booted me from the room shortly after I joined.

I don't want to make light of Yahoo!'s network troubles, but I find it rather ironic that legitimate users are being kept off the network by bots whose sole purpose is to attract human eyeballs.

Read more ...

Brian Krebs on Computer Security. The Washington Post Company

Windows Vista Parental Controls help ensure family safety on the Internet

2007-08-23T15:37:00.000+07:00

Here are four steps you can follow to help protect your family online:
• Keep communication open--talk with your children about what they’re using the Internet for.
• Set clear rules for Internet use.
• Keep personal information private.
• Install and use family safety technology.

Windows Vista includes family safety technology that can help parents choose the online content and experiences that are appropriate for their families. (If your computer runs Windows XP, consider using Windows Live OneCare Family Safety.)
If you're a parent, you can use the Windows Vista Parental Controls to manage the following:
• What Web sites your children can view.
• What time of day and how much time your children can spend online.
• Which video games your children can play.
• Which programs your children can use.

You can also get reports about your children's online activity.

Don't Join the Club

2007-08-23T13:25:00.000+07:00

The great Groucho Marx once quipped, "I don't want to belong to any club that will accept me as a member." E-mail users would do well to adopt this attitude with respect to unsolicited invites to join members-only Web sites, as bogus club invites appear to be the latest ruse that malware authors are using to trick people into turning their computers into spam-spewing zombies.

The culprit? Once again, the various criminal groups behind the "Storm worm," a prolific piece of malware that seems to adopt a different lure with each passing week. Last month, it was fake e-greeting cards. Last week, we saw storm disguised as fake "sexy pics." This week, Storm purveyors are pitching their wares in invitations like this one, which landed in my inbox today:

We are glad you joined Web Players.

User Number: 75129641513 Your Temp. Login ID: user3469 Your Password ID: lc411

Please keep your account secure by logging in and changing your login info.

Use this link to change your Login info: http://70.258.83.482.95 [link altered by Security Fix for safety's sake]

Thank You,

Welcome Department
Web Players

Trust me on this one: You don't want to become a member of this club, or any of the hundreds like it spammed out over the past few days. Just hit "delete" and move on with your life.

Securing your network, from home users to small business up to enterprise. What you can do.

2007-08-21T15:14:00.000+07:00

Posted by Paul Fleming on: 2007-07-10 23:52:47

With computers being a critical component in running a business, it is more valuable than ever to ensure the security of your networks particularly where there is sensitive data. News headlines announcing that networks have experienced security breaches are all too prevalent.

This is where you need a service that checks for those vulnerabilities and prevents from future attacks. Better yet, you need a service that prevents it before it ever happens to your company. Imagine the embarrassment at having to explain to your customers that someone has stolen their credit card information.

We continue to read headline after headline with news stories that credit card information or social security numbers were exploited. Some companies perform security audits on a regular basis. Certainly institutions like hospitals are required to perform these. But it's mostly small to mid-sized companies that are the most vulnerable.

Hackers employ various methods for gaining access to systems. An audit often looks at replicating those methods, looking for vulnerabilities and weaknesses in the infrastructure. Affectionately known as Penetration Testing, it involves isolating mild, moderate and critical security threats and then determining the best course of action. When performing a Penetration test, a couple of key areas need to be targeted to ensure that a secure network system helps companies to avoid: - Preventing financial loss through fraud (hackers, extortionists and disgruntled employees) or through lost revenue due to unreliable business systems and processes. - Legal problems. Non-compliance can result in your organization losing business, receiving heavy fines, gathering bad PR or ultimately failing. At a personal level it can also mean the loss of your job, prosecution and sometimes even imprisonment. Poorly protecting your brand by avoiding loss of consumer confidence and business reputation.

From an operational perspective, penetration testing helps shape information security strategy through identifying vulnerabilities and quantifying their impact and likelihood so that they can be managed proactively; budgets can be allocated and corrective measures implemented.

For the average home user, there are some basic things, especially when setting up a wireless network at home that you can easily do to prevent users piggybacking on your network or even hacking in to it.

Add a little security

Change the SSID (name) of your network and disable the SSID broadcast. Disable DHCP Control MAC Address Filtering

Add more security

WEP Encrypt - adds an extra blocking mechanism for hackers

Even more Security

WPA - setting up a random pre-shared key of 10 characters ensures your network is practically rock-solid. This is a random string of numbers and letters, just make sure you can remember it yourself.

These are some very basic steps to securing your data and ensuring your privacy. Keep in mind that small to medium business should do a little more to keep their information secure as there is even more valuable data ie. other people's. ...

Beware of Five-Star Vaporware

2007-08-21T11:40:00.000+07:00

U.K. computer programmer Andy Brice was proud of the awards and accolades his software had won from his peers online. That is, until he noticed that pretty much everyone else's software received the same "5-star" rating and high praise from various software directories and download sites.

Curious about just how thorough the sites are at reviewing software, Brice submitted a fake program that did absolutely nothing. The place he sent the program to was a clearinghouse that distributes shareware and trialware to hundreds of other sites.
Brice even included a descriptor file stating that he was submitting a useless program, which he tauntingly named "awardmestars." To his amazement, the do-nothing program came away with top honors -- complete with official-looking seals of approval -- from at least 16 download sites.

"I should be delighted at this recognition of the quality of my software, except that the 'software' doesn't even run," Brice wrote of the experiment on his blog. "This is hardly surprising when you consider that it is just a text file with the words 'this program does nothing at all" repeated a few times and then renamed as an .exe."

Of the nearly 1,000 download sites that received a copy of "awardmestars," 218 now offer the file for download. Brice said the junk file is awaiting review at nearly 400 other sites. The good news is that some 421 download sites did see the program for what it was worth and rejected it outright.

"The truth is that many download sites are just electronic dung heaps, using fake awards, dubious [search engine optimization] and content misappropriated ... in a pathetic attempt to make a few dollars from Google Adwords," Brice said. "Hopefully these bottom-feeders will be put out of business by the continually improving search engines, leaving only the better sites."
This story got picked up late last week by news-for-nerds megasite Slashdot.org, and the discussion has some interesting perspectives from other programmers and their experiences with software awards.

While there may indeed be hundreds of legitimate download sites that don't try to pull one over on visitors, I've never strayed far beyond a handful of sites that I have come to know fairly well, such as CNet's Download.com, SourceForge.net, and Tucows.com.

Security Fix
Brian Krebs on Computer Security
The Washington Post Company

Would You Like A Job With That Virus?

2007-08-21T11:34:00.000+07:00

Over the course of the past few weeks, virus writers have set their sights on users of job search giant Monster.com and at least one other jobs site with tainted online advertisements designed to install malicious software on the visitors' machines, according to SecureWorks, an Atlanta-based security and research firm.

SecureWorks says that since May, more than 40,000 people have had their personal information stolen -- including Social Security numbers, bank account data and job site credentials -- thanks to a Trojan horse program that was planted in several advertisements running on the jobs sites. Some of these ads required a visitor to actually click on them before the Trojan could do its dirty work, while in other cases the Trojan appeared to swing into action as soon as the page hosting the ad was served, researchers found.

SecureWorks researcher Don Jackson said the Trojan was developed using a toolkit sold in black market forums under the name "icepack." The toolkit is similar to the Mpack toolkit that surfaced earlier this year. It generates Trojans that probe for the absence of several software security updates holes that then permit the program to deliver its viral payload. Among the many weapons in its arsenal are exploits for recently patched security vulnerabilities in Apple's QuickTime and Microsoft's Windows Media Player. It also includes exploits for multiple Web browsers, including Internet Explorer, Firefox and Opera. ...

Read more ...
Brian Krebs on Computer Security
The Washington Post Company

Be careful when downloading software

2007-08-21T11:11:00.000+07:00

Posted by Michael Horowitz
August 20, 2007 12:19 PM PDT

Like so much else on the Internet, you have to be skeptical about the star ratings of software. Perhaps you suspected this, but now there is proof.

A software developer in the U.K., Andy Brice, was suspicious about the ratings assigned to his software, so he did a test--a lab experiment if you will. He started with a plain text file that said "this program does nothing at all" a few times. Then he renamed the file so that it ended with ".exe" and submitted it to 1,033 download sites. The "program," if you can call it that, won't even run.

Being as obvious as he possibly could, Andy called the program "awardmestars" and included a description of the program that said, "This software does nothing at all." He even included a screenshot that said very plainly that the software does nothing. See his blog for the full details: The software awards scam.

Andy says his nonfunctional software was listed on 218 Web sites, and some even gave him an award. "Approximately 7 percent of the sites that listed the software e-mailed me that it had won an award," he said. His submission was rejected by 421 Web sites, but since he listed it as a utility, many of these rejections were because the site didn't include that type of software. Many submissions are still pending. ...

Read more ...
About News Blog
Recent posts on technology, trends, and more.

Security of the Internet

2007-08-20T15:24:00.000+07:00

Published in The Froehlich/Kent Encyclopedia of Telecommunications vol. 15. Marcel Dekker, New York, 1997, pp. 231-255

Overview of Internet Security
As of 1996, the Internet connected an estimated 13 million computers in 195 countries on every continent, even Antarctica (1). The Internet is not a single network, but a worldwide collection of loosely connected networks that are accessible by individual computer hosts in a variety of ways, including gateways, routers, dial-up connections, and Internet service providers. The Internet is easily accessible to anyone with a computer and a network connection. Individuals and organizations worldwide can reach any point on the network without regard to national or geographic boundaries or time of day.

However, along with the convenience and easy access to information come new risks. Among them are the risks that valuable information will be lost, stolen, corrupted, or misused and that the computer systems will be corrupted. If information is recorded electronically and is available on networked computers, it is more vulnerable than if the same information is printed on paper and locked in a file cabinet. Intruders do not need to enter an office or home, and may not even be in the same country. They can steal or tamper with information without touching a piece of paper or a photocopier. They can create new electronic files, run their own programs, and hide evidence of their unauthorized activity. ...

Read more ...

Firewall (networking)

2007-08-20T00:33:00.000+07:00

This article is about the network security device. For other uses, see Firewall (disambiguation).

Firewall separating zones of trust
A firewall is a hardware or software device which is configured to permit, deny, or proxy data through a computer network which has different levels of trust. ...
Read more ...

From Wikipedia, the free encyclopedia

Clean your Internet tracks with Ad-Aware 2007

2007-08-19T17:26:00.000+07:00

The free spyware-removal software Ad-Aware 2007 helps protect your system from browser hijackers, data miners, and other malware, but it can also wipe your Web surfing tracks for Internet Explorer, Mozilla Firefox, and Opera with just one click. Rich DeMuro shows you how it's done...

Read more ...

Would You Like A Job With That Virus?

2007-08-19T13:58:00.000+07:00

Cyber crooks are targeting a wave of new attacks at people searching for jobs online, security experts warn. Oddly enough, the criminals behind this scam appear to be just as interested in hiring you as they are in hijacking your PC.

Over the course of the past few weeks, virus writers have set their sights on users of job search giant Monster.com and at least one other jobs site with tainted online advertisements designed to install malicious software on the visitors' machines, according to SecureWorks, an Atlanta-based security and research firm. ...

Read more ...

FREE online virus scanner

2007-08-17T18:13:00.000+07:00

Trend Micro HouseCall - Free Online Virus and Spyware Scan
Trend Micro's FREE online virus scannerTrend Micro HouseCall is an application for checking whether your computer has been infected by viruses, spyware, or other malware. HouseCall performs additional security checks to identify and fix vulnerabilities to prevent reinfection. It's Free!
> Scan & more..

BitDefender Free Online Virus Scanner.
Free Online Virus ScannerBitDefender.
Online Scanner is a fully functional antivirus product. It features all required elements for thorough antivirus scanning and effective cleaning: it scans your system's memory, all files, folders and drives' boot sectors, providing you with the option to automatically clean the infected files.
> Scan & more..

F-Secure Online Scanner.
Scan Your Computer With the F-Secure Online Virus Scanner
F-Secure Online Virus Scanner is a free service. Use it to find out if your computer is infected and disinfect your computer if needed.
> Scan & more..

Free Virus Scan - Kaspersky Lab
Take the Kaspersky Challenge: See what your current antivirus is missing.
Our free online virus scanner is a great way to find out if you have any viruses or spyware on your machine without having to uninstall your current antivirus software or install a new one. Most importantly, you can see what viruses your current antivirus software let slip through! You just need to be online and using Internet Explorer.
> Scan & more..

Free online antivirus. Download ActiveScan and clean your PC ...
Panda ActiveScan with TruPrevent®
Your Second Opinion in Pc Security
Free online antivirus to combat viruses, spyware and other Internet threats.
-Scans, disinfects and eliminates over 185,000 viruses, worms and Trojans from all system devices, hard disks, compressed file and all your email.
-Detects spyware. 84 percent of malware installed on computers worldwide is spyware. Do you know if your PC is spyware free?
-Detects the following types of malware: Dialers, Hacking tools, Rootkits (New), Jokes, Security risks.
> Scan & more..

Symantec Security Check.
Symantec Security Check tests your computer's exposure to a wide range of online threats. It's free and an effective tool that helps determine your Internet security needs.
> Scan & more..

ewido - anti-spyware and anti-malware solutions
With the help of our online scanner you can scan and clean your computer from malware without having to install additional software on your computer.
> Scan & more..

Google's search with 'online scan' keyword.
> Read more..

Network security

2007-08-17T18:02:00.001+07:00

Network security consists of the provisions made in an underlying computer network infrastructure, policies adopted by the network administrator to protect the network and the network-accessible resources from unauthorized access and the effectiveness (or lack) of these measures combined together.

Read more...

From Wikipedia, the free encyclopedia

Computer security

2007-08-17T17:51:00.000+07:00

Computer security is an application of information security to both theoretical and actual computer systems. For sake of simplicity, issues regarding privacy should be handled under the subject of information privacy rights. For the purpose of this article, Computer security is a branch of computer science that addresses enforcement of 'secure' behavior on the operation of computers. The definition of 'secure' varies by application, and is typically defined implicitly or explicity by a security policy that addresses confidentiality, integrity and availability (see CIA Triad) of electronic information that is processed by or stored on computer systems.

The traditional approach is to create a trusted security kernel that exploits special-purpose hardware mechanisms in the microprocessor to constrain the operating system and the application programs to conform to the security policy. These systems can isolate processes and data to specific domains and restrict access and privileges of users. This approach avoids trusting most of the operating system and applications.

Read more...

From Wikipedia, the free encyclopedia

Internet security

2007-08-17T17:50:00.000+07:00

Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software.

Read more ...

From Wikipedia, the free encyclopedia

Security

2007-08-17T17:49:00.000+07:00

Security is the condition of being protected against danger or loss. In the general sense, security is a concept similar to safety. The nuance between the two is an added emphasis on being protected from dangers that originate from outside. Individuals or actions that encroach upon the condition of protection are responsible for the breach of security.

The word "security" in general usage is synonymous with "safety," but as a technical term "security" means that something not only is secure but that it has been secured. ...

Read more ...

From Wikipedia, the free encyclopedia