18/8/08 Where did all this spyware come from?
In most cases it’s nobody’s fault if a machine is infected with some kind of spyware/malware/virus. The number one method used for infecting computers is to just trick you, for example if you get an alert message from Microsoft that says they found three viruses on your computer and you must download ie_update.exe, what would you do? Recently, we’ve seen updates of Internet Explorer and news videos that claim to be from CNN and MSNBC. They’re all meant to trick users into downloading badware.
A common trick is to send an online greeting card that includes an apology but comes laced with a keylogger so the abuser can spy on all future computer activity. The use of social engineering to try and take over your computer will continue to be number one method for infecting computers and will certainly improve and get more sophisticated.
Read more at this link:
http://billpstudios.blogspot.com/2008/08/where-did-my-spyware-come-from.html
8/8/08 Beware CNN Top Ten and Fake IE7
If you haven’t already, you will be getting Email with the subject line “CNN.com Daily Top Ten”. If you open the Email you’ll see a list of news headlines. Some are real, some are fake. If however you want to see news videos, go directly to CNN.com and DO NOT view any videos that arrive in an Email.
If you select any of the video’s you’ll be asked to download what claims to be a new Flash update from Adobe. If you download and run get_flash_update.exe you’ll start to see some alerts from your favorite malware detector.
Another popular Email this week claims to be an update from Microsoft with the Subject: “Internet Explorer 7”. What you’ll get if you select this download is a rogue security program called Antivirus XP 2008. It can currently be removed by most anti-malware programs, but beware of programs that ask you to pay before cleaning.
18/7/08 YouTube shut down by lawsuit
It seems that the newest trick used by malware spammers is to create outlandish headlines for instance "Bill Gates and family held and robbed in family home" which aim to entice users to open up the emails and click on links. Headlines like "Afghan bombing kills President Bush" are for the most part unbelievable, but if you're ever in doubt go to http://www.phoneymail.com/ to verify them. Some headlines may actually be true but unless you know the sender just hit the delete button.
11/7/08 Homer Simpson spreads malware
A screen name once connected to animated TV dad Homer Simpson is being used to spread malware. In a 2003 episode of The Simpsons, writers revealed that Homer's e-mail address was chunkylover53@aol.com. Prior to the episode's airing, the address was registered by one of the show's writers, who used it to answer hundreds of e-mails from Simpsons fans. Years later, the chunkylover53 screen name has resurfaced, and it's now being used to distribute a trojan disguised as a Simpsons movie file.
Click this link to read the full story
11/7/08 ZoneAlarm update issued to correct DNS glitch
Check Point has issued a set of updates which correct a compatibility issue with the latest Microsoft update. Click this link for new versions of ZoneAlarm Internet Security Suite. The updates correct an error caused by the Microsoft Patch Tuesday update released on 8 July. One of the four bulletins addressed a flaw in the Windows DNS component, but also resulted in an error which prevented ZoneAlarm users from accessing the internet.
10/7/08 The next resurgence of the Storm Worm is making its rounds
Using a new tactic to try and convince people to infect themselves. The newest iteration has several web pages hosted online that try and spread rumors of war, promising an interesting video to back the claim. The links all lead to an executable which is sure to infect anyone who falls to the ruse.
25/6/08 Google Sites found to be the 5th Most Infected Websites Worldwide
In a report by StopBadware.org, U.S. based Google is ranked 5th in hosting sites which are infected “badware” or attempts to deliver what we commonly called Malware. The top four sites on the list are all based in China. After analyzing 200,000 sites, the report found 4,261 infected sites hosted by Google which may be small compared to the 48,834 infected sites found on #1 Chinanet-Backbone.
Read the full story at this link
23/5/08 XP SP3 triggers false positives in security apps
Installing Windows XP Service Pack 3 can cause your anti-malware programs to report the presence of Trojans and keyloggers that aren't there. The false positives have blocked important system files in some cases, and in others they have misled users into reinstalling XP.
http://windowssecrets.com/comp/080522#story1
15/5/08 Eight simple rules for keeping XP rejuvenated
If you're one of the many people who plan to stick with XP as long as possible, you need to take a few relatively painless steps to keep that aging OS perky. Here are eight rules for extending XP's usefulness to 2010 and beyond.
http://windowssecrets.com/2008/05/15/03-Keep-XP-fresh-until-Windows-7-arrives
25/4/08 Flash ads bearing malware plague popular sites
A widespread Flash vulnerability can result in malicious code being downloaded to your' computer, generating erroneous warnings of a malware infestation and offering a phony solution. These "malvertisements" may be present on thousands of sites, but there are measures you can take to reduce your exposure.
Read the full story and what you can do to protect yourself, at this link: http://windowssecrets.com/comp/080417/#story1
12/2/08 Microsoft Releases Critical Security Updates
Microsoft released 11 security updates on 12/2/08 to fix a number of critical flaws in Microsoft products, including Windows, Office, and Internet Explorer. In total, 17 individual software flaws were patched in the updates. Microsoft rates 6 updates as critical, meaning they should be installed as soon as possible, while the remaining five updates are considered "important."
28/2/08 Hackers Rig Google to Deliver Malware
The latest malware trend should prompt you to think twice about the links you click next time you search.
http://www.pcworld.com/article/id,141796/article.html
Positive reviews for Norton raise readers' ire
This article in Windows Secrets Newsletter exposes user dissatisfaction with Norton Security Suite & Symantec Software in general:
http://windowssecrets.com/comp/080207#known0
Also worth reading is their enlightening article about the problems caused when trying to remove Norton / Symantec software:
http://windowssecrets.com/comp/080207#story1
Common Internet Scams
You may receive an email from a bank/online service provider/ financial institution that asks you to click a link and visit a website in order to provide personal information. Such an email is more than likely the type of Internet scam known as "phishing".
A phishing scam is one in which victims are tricked into providing personal information such as account numbers and passwords to what they believe to be a legitimate company or organization. In order to carry out this trick, the scammers often create a "look-a-like" website that is designed to resemble the target company's official website. Typically, emails are used as "bait" in order to get the potential victim to visit the bogus website.
Be wary of any email that asks you to click on a link and provide sensitive personal information such as banking details. Information submitted on these bogus websites is harvested by the scammers and may then be used to steal funds from the user's accounts and/or steal the victim's identity.
Most legitimate companies would not request sensitive information from customers via email. DO NOT click on the links in these emails. DO NOT provide any information about yourself. If you have any doubts at all about the veracity of an email, contact the company directly.
'Storm worm' exploits YouTube
Spammers are exploiting YouTube's "invite your friends" function to send spam containing a variant of the "Storm worm." The function allows someone to e-mail any address from an account. The scam on Google's video-sharing site is targeting Xbox owners, urging recipients to collect a prize version of the popular game Halo 3. Anstis said clicking on the link to "winhalo3" leads to a file containing a Storm trojan.
To date, 150,000 of the spam e-mail messages thought to have originated from YouTube accounts have been tracked. The e-mail messages are exploiting a vulnerability in the sign-up process, a Trojan designed to generate large numbers of Hotmail and Gmail accounts.
S-e-x on the Net - ABC Radio National - Background Briefing
The audio file is no longer available, but you can download and read the transcript.
"Whether adults like it or not, the Internet is where life's at for young people now - friendships, games, school stuff, comedy, adventure and sex. Teenagers are getting used to coming across pornography, and dirty old men. Sometimes they even turn the tables, and play indiscreet games. We don't know enough about the Internet generation - and government filters won't work on the new 3G phones."
... Also on the same site ....
Your money dot con - ABC Radio National - Background Briefing
"No one's telling how much of our money is being stolen through the Internet because no one wants us to lose confidence in the system. The banks are making so much money out of it, they prefer to wear the costs or push them down to the customer. In the meantime, everyone has a story and global criminals are stalking our accounts, our phones and our PCs."
Transcript still available for download.
Media Players Pose a Security Risk
Windows users face the greatest security risks today not from flaws in Windows itself but from unpatched media players. If you're running versions of Flash, Java, and QuickTime that are unpatched against the latest security threats, they can be attacked across the Internet — for example, if you play an infected Flash video you find on a Web site or that you received via e-mail. Consequently, using an older version of these program poses a real security risk
ESET Nod32 Antivirus System
If you need an antivirus system to protect you, not bother you, one that you can rely on, so that outbreaks of viruses will not concern you - Click here to contact me.
A user friendly, free and powerful tool which you can use to remove malware without having to install anti-virus software. The ESET Online Scanner uses the same ThreatSense technology and signatures as ESET NOD32 Antivirus and is always up-to-date.
Free Spyware Removal Tools
No need to buy expensive spyware removal tools - the programs I have included here are widely considered to be the best available for eliminating files and programs secreted on your computer without your knowledge.
Firefox 3
The fastest, leanest, most powerful browser Mozilla has ever released. With over 15,000 improvements, including the revolutionary smart location bar, password manager, malware protection, Firefox 3 delivers the Web without compromise.
Mozilla Thunderbird
Thunderbird is simple to use and customisable, it offers powerful spam protection with leading-edge junk mail filters, anti-phishing protection, advanced security and automatic updating.
Get Ubuntu
Ubuntu is a community developed, linux-based operating system. It contains all the applications you need - a web browser, presentation, document and spreadsheet software, instant messaging and much more
"A Good Planet is Hard to Find"
Birds Australia
Bush Heritage Australia
Australian Wildlife Conservancy
Envirolink
Foundation for Australia's Most Endangered Species
Australian Conservation Foundation
Australian Ethical Investment Ltd
