18/8/08 Where did all this spyware come from?

In most cases it’s nobody’s fault if a machine is infected with some kind of spyware/malware/virus. The number one method used for infecting computers is to just trick you, for example if you get an alert message from Microsoft that says they found three viruses on your computer and you must download ie_update.exe, what would you do? Recently, we’ve seen updates of Internet Explorer and news videos that claim to be from CNN and MSNBC. They’re all meant to trick users into downloading badware.

A common trick is to send an online greeting card that includes an apology but comes laced with a keylogger so the abuser can spy on all future computer activity. The use of social engineering to try and take over your computer will continue to be number one method for infecting computers and will certainly improve and get more sophisticated.

Read more at this link:
http://billpstudios.blogspot.com/2008/08/where-did-my-spyware-come-from.html

8/8/08 Beware CNN Top Ten and Fake IE7

If you haven’t already, you will be getting Email with the subject line “CNN.com Daily Top Ten”. If you open the Email you’ll see a list of news headlines. Some are real, some are fake. If however you want to see news videos, go directly to CNN.com and DO NOT view any videos that arrive in an Email.

If you select any of the video’s you’ll be asked to download what claims to be a new Flash update from Adobe. If you download and run get_flash_update.exe you’ll start to see some alerts from your favorite malware detector.

Another popular Email this week claims to be an update from Microsoft with the Subject: “Internet Explorer 7”. What you’ll get if you select this download is a rogue security program called Antivirus XP 2008. It can currently be removed by most anti-malware programs, but beware of programs that ask you to pay before cleaning.

18/7/08 YouTube shut down by lawsuit

It seems that the newest trick used by malware spammers is to create outlandish headlines for instance "Bill Gates and family held and robbed in family home" which aim to entice users to open up the emails and click on links. Headlines like "Afghan bombing kills President Bush" are for the most part unbelievable, but if you're ever in doubt go to http://www.phoneymail.com/ to verify them. Some headlines may actually be true but unless you know the sender just hit the delete button.

11/7/08 Homer Simpson spreads malware

A screen name once connected to animated TV dad Homer Simpson is being used to spread malware. In a 2003 episode of The Simpsons, writers revealed that Homer's e-mail address was chunkylover53@aol.com. Prior to the episode's airing, the address was registered by one of the show's writers, who used it to answer hundreds of e-mails from Simpsons fans. Years later, the chunkylover53 screen name has resurfaced, and it's now being used to distribute a trojan disguised as a Simpsons movie file.

Click this link to read the full story

11/7/08 ZoneAlarm update issued to correct DNS glitch

Check Point has issued a set of updates which correct a compatibility issue with the latest Microsoft update. Click this link for new versions of ZoneAlarm Internet Security Suite. The updates correct an error caused by the Microsoft Patch Tuesday update released on 8 July. One of the four bulletins addressed a flaw in the Windows DNS component, but also resulted in an error which prevented ZoneAlarm users from accessing the internet.

10/7/08 The next resurgence of the Storm Worm is making its rounds

Using a new tactic to try and convince people to infect themselves. The newest iteration has several web pages hosted online that try and spread rumors of war, promising an interesting video to back the claim. The links all lead to an executable which is sure to infect anyone who falls to the ruse.

25/6/08 Google Sites found to be the 5th Most Infected Websites Worldwide

In a report by StopBadware.org, U.S. based Google is ranked 5th in hosting sites which are infected “badware” or attempts to deliver what we commonly called Malware. The top four sites on the list are all based in China. After analyzing 200,000 sites, the report found 4,261 infected sites hosted by Google which may be small compared to the 48,834 infected sites found on #1 Chinanet-Backbone.

Read the full story at this link

23/5/08 XP SP3 triggers false positives in security apps

Installing Windows XP Service Pack 3 can cause your anti-malware programs to report the presence of Trojans and keyloggers that aren't there. The false positives have blocked important system files in some cases, and in others they have misled users into reinstalling XP.

http://windowssecrets.com/comp/080522#story1

15/5/08 Eight simple rules for keeping XP rejuvenated

If you're one of the many people who plan to stick with XP as long as possible, you need to take a few relatively painless steps to keep that aging OS perky. Here are eight rules for extending XP's usefulness to 2010 and beyond.

http://windowssecrets.com/2008/05/15/03-Keep-XP-fresh-until-Windows-7-arrives

25/4/08 Flash ads bearing malware plague popular sites

A widespread Flash vulnerability can result in malicious code being downloaded to your' computer, generating erroneous warnings of a malware infestation and offering a phony solution. These "malvertisements" may be present on thousands of sites, but there are measures you can take to reduce your exposure.

Read the full story and what you can do to protect yourself, at this link: http://windowssecrets.com/comp/080417/#story1

12/2/08 Microsoft Releases Critical Security Updates

Microsoft released 11 security updates on 12/2/08 to fix a number of critical flaws in Microsoft products, including Windows, Office, and Internet Explorer. In total, 17 individual software flaws were patched in the updates. Microsoft rates 6 updates as critical, meaning they should be installed as soon as possible, while the remaining five updates are considered "important."

28/2/08 Hackers Rig Google to Deliver Malware

The latest malware trend should prompt you to think twice about the links you click next time you search.

http://www.pcworld.com/article/id,141796/article.html

Positive reviews for Norton raise readers' ire

This article in Windows Secrets Newsletter exposes user dissatisfaction with Norton Security Suite & Symantec Software in general:

http://windowssecrets.com/comp/080207#known0

Also worth reading is their enlightening article about the problems caused when trying to remove Norton / Symantec software:

http://windowssecrets.com/comp/080207#story1

Common Internet Scams

You may receive an email from a bank/online service provider/ financial institution that asks you to click a link and visit a website in order to provide personal information. Such an email is more than likely the type of Internet scam known as "phishing".

A phishing scam is one in which victims are tricked into providing personal information such as account numbers and passwords to what they believe to be a legitimate company or organization. In order to carry out this trick, the scammers often create a "look-a-like" website that is designed to resemble the target company's official website. Typically, emails are used as "bait" in order to get the potential victim to visit the bogus website.

Be wary of any email that asks you to click on a link and provide sensitive personal information such as banking details. Information submitted on these bogus websites is harvested by the scammers and may then be used to steal funds from the user's accounts and/or steal the victim's identity.

Most legitimate companies would not request sensitive information from customers via email. DO NOT click on the links in these emails. DO NOT provide any information about yourself. If you have any doubts at all about the veracity of an email, contact the company directly.

'Storm worm' exploits YouTube

Spammers are exploiting YouTube's "invite your friends" function to send spam containing a variant of the "Storm worm." The function allows someone to e-mail any address from an account. The scam on Google's video-sharing site is targeting Xbox owners, urging recipients to collect a prize version of the popular game Halo 3. Anstis said clicking on the link to "winhalo3" leads to a file containing a Storm trojan.

To date, 150,000 of the spam e-mail messages thought to have originated from YouTube accounts have been tracked. The e-mail messages are exploiting a vulnerability in the sign-up process, a Trojan designed to generate large numbers of Hotmail and Gmail accounts.

S-e-x on the Net - ABC Radio National - Background Briefing

The audio file is no longer available, but you can download and read the transcript.

"Whether adults like it or not, the Internet is where life's at for young people now - friendships, games, school stuff, comedy, adventure and sex. Teenagers are getting used to coming across pornography, and dirty old men. Sometimes they even turn the tables, and play indiscreet games. We don't know enough about the Internet generation - and government filters won't work on the new 3G phones."

... Also on the same site ....

Your money dot con - ABC Radio National - Background Briefing

"No one's telling how much of our money is being stolen through the Internet because no one wants us to lose confidence in the system. The banks are making so much money out of it, they prefer to wear the costs or push them down to the customer. In the meantime, everyone has a story and global criminals are stalking our accounts, our phones and our PCs."

Transcript still available for download.

Media Players Pose a Security Risk

Windows users face the greatest security risks today not from flaws in Windows itself but from unpatched media players. If you're running versions of Flash, Java, and QuickTime that are unpatched against the latest security threats, they can be attacked across the Internet — for example, if you play an infected Flash video you find on a Web site or that you received via e-mail. Consequently, using an older version of these program poses a real security risk