This section covers security and privacy related topics, along with a comprehensive collection of articles ranging from the
latest security vulnerabilities, spyware detection, spyware removal, spyware alerts to online fraud, phishing scams, and
spyware legislation. Feel free to share your ideas and concerns with our research team and other Internet users by leaving a comment on any post. Take advantage of the tutorials, advice, and
other helpful anti-spyware information.
It has been discovered by threatfire research blog that several malicious web sites are distributing exploits to spread the Antivirus 360 rogue anti-spyware program. One form of delivering this malware is through malformed pdf files affecting different versions of Adobe’s pdf reader program. The executed shellcode calls the command URLDownloadToFileA on hxxp://svc .ms / xrun.tmp and Winexec. QuickTime Player plugins may also be used as an exploit for downloading this malware onto your system.
The actual malicious file is a downloader that contains instructions to contact different websites that downloads several files including the Vundo trojan package. From the previous Antivirus 2009 rogue application we know how security researchers found that in some cases the rogue application came from the Vundo Trojan. This time it is Antivirus 360 web scanner that is advertised through popups coming from the downloaded adware. The message is nothing but a javascipt that pretends to have scanned the infected machine and found malware. This is the typical path taken by malware infections such as those related to Antivirus 360 and Antivirus 2009.
Learn more...»
Posted December 15th, 2008 & Last Updated Dec 18, 2008
in the Category(ies) Antivirus 360 | No Response »
National security is always something that can be improved upon not only to make everyone feel safer but actually make it safer for everyone
With Cyber security being on the forefront of national security concerns from the DOD banning removable storage devices to the installation of security tools that monitor network activity. All aspects of cyber security need to be address and may need an overhaul according to the Center for Strategic and International Studies (CSIS).
The CSIS has conducted studies for cyber security in results of recent attacks to federal agencies such as the Department of Defense, NASA and Homeland Security. I suggestion to put certain recommendations in place by the new administration could help avoid future cyber attacks which may be a threat to our national security in America.
Learn more...»
Posted December 9th, 2008 in the Category(ies) Cybersecurity | No Response »
Have you ever click on a news reader link that took you to a video but later found to be malware or a malicious web site?
Reports have come in of some video links that could lead to malware by clicking a Google reader article link. From this link a computer user may be prompted with a video where if it is clicked to play takes you to a player on a non-Google page which is designed to spread malware. The whole process makes it look like Google is the culprit but it is not.
The attackers that set up this devious process have taken it upon themselves to create Google Reader accounts where they place links on the reader that take computer users to malicious web sites that spread malware. The malware was found to be a Trojan Downloader that includes Browser Helper Objects. This type of infection behaves like typical rogue anti-spyware programs where it prompts you with a fake notification that says you are infected with a virus or spyware.
Learn more...»
Posted November 4th, 2008 in the Category(ies) Trojan | No Response »
Beware of fake Adobe Flash Updates in the form of the executable file “adobe_flash.exe”
Hackers and trojan makers have been using fake Adobe Flash Update alerts that claim to update a user’s Adobe Flash Player only to install a trojan on their computer. In order to view a video from a website, many computer users have fallen under the online scam when prompted to update their flash player using the file “adobe_flash.exe.” Computer users feel confident to download “adobe_flash.exe” because the file name mentions “adobe,” but what they don’t realize is that they’re giving hackers or trojan makers access to their computer.
Lately this tactic has sparked a big flame in that many hackers are using the same methods through executable files that claim to update your Adobe Flash Player. The issue remains; the file that is downloaded is malware that does not update your Flash Player.
Learn more...»
Posted October 25th, 2008 & Last Updated Nov 17, 2008
in the Category(ies) Internet Security | No Response »
Intego, a Mac security software firm, announced a security advisory alerting Mac computer users about a rogue security program called MacGuard. MacGuard’s website claims to be a Mac antivirus program which will “search your hard drive for Adware, Spyware and Trojans, clean your files, eliminate threats, and secure your privacy.” MacGuard mimics the Windows rogue security software called WiniGuard which is known to trick a computer user into purchasing its program with bogus pop up warnings of spyware. MacGuard’s website has the same look and feel as the website of WiniGuard. MacGuard is a clone of Antivirus XP 2008 and XP Antivirus.
security program called MacGuard.
Learn more...»
Posted October 17th, 2008 & Last Updated Oct 28, 2008
in the Category(ies) Mac Security | No Response »
Is EstDomains Inc the choice registrar scams and spam?
While EstDomains is the 49th largest domain according to RegistarStats.com, it is believed that a percentage of the domains consist of scamming sites and spam sources. Security Fix, a security vendor, is working on cataloging all of the domains within EstDomains and will examine about 10,000 of them to make proof of the idea of EstDomains consisting of a good amount of spam or scam related domains. The study, based off of spam terms, is where they find many sites registered at EstDomains while using their name servers.
One ISP, Atrivo (aka Intercage), online connectivity was ended by several large data carries due to them being home to many spam and scamming sources. Now EstDomains is being examined by Security experts such as Brian Krebs at Security Fix.
SURBL.org tracks website names that are advertised in various junk emails. Brian found that one-third of the 10,000 domains examined are blacklisted by SURBL.org. That just goes to show that many of the domains are scams or come from spammers.
Learn more...»
Posted September 15th, 2008 & Last Updated Sep 16, 2008
in the Category(ies) Internet Security | No Response »
It’s a fast growing and serious issue of people with unlimited bandwidth giving out free access to anyone within reach of their unsecured Wi-Fi network. Reports of security vendors have revealed that cyber criminals are utilizing unsecured Wi-Fi networks for their malicious actions.
In the past cyber criminals have used anonymous proxies to hide their identity but why go through the hassle if you can just use a neighbors unsecured Wi-Fi. Unfortunately for the unsecured neighbor, they may face serious legal charges against them if the criminal performs illegal activities while connected to the unsecure Wi-Fi network.
Learn more...»
Posted September 15th, 2008 in the Category(ies) Wi-Fi Security | No Response »
If you have recently tried to open the Windows Registry editor (regedit) and you got a “Registry editing has been disabled by your administrator” error message, you still have hope for working around this issue. This message may appear when you attempt to open the registry editor for many different reasons but all you want to do is get into your registry so that you may complete what you originally set out to do with your system.
This message is very common when utilizing a computer on a corporate network or one that has been “locked down” by a system or network administrator. In some cases it may be hard to work around this message when you are dealing with a computer that was setup by a corporate administrator or company IT department. We do not recommend that you attempt the task of editing the registry on a company system although you may still bend the rules anyway.
If you want to go forward with re-enabling the ability to open the registry editor then you can follow the following steps in our first technique. A second technique is provided in the case that the first does not work for your particular Windows system.
Learn more...»
Posted September 9th, 2008 & Last Updated Sep 12, 2008
in the Category(ies) Registry | No Response »
Are Hackers pushing Antivirus XP 2008 via Google Sponsored Links?
When you perform a Google search you get normal results and also sponsored results that are usually found on the very top or to the right side of the page. Recently some of the Sponsored Links have proven to be links to websites that download rogue anti-spyware programs.
Learn more...»
Posted August 6th, 2008 & Last Updated Aug 8, 2008
in the Category(ies) Antivirus XP 2008 | 8 Responses »
What would you do with an email message that had “CNN.com Daily Top 10″ in it’s title? You would probably open it and claim it as a trusted email, right? Not so fast! Spammers are using this title to redirect computer users to a site that may spread malicious files onto your computer.
This message comes as if it was sent from a random generated user email address, not the typical CNN.com address. We discovered that this email comes from the email address Harjinder-lkpn@321facets.com. That should raise a red flag by itself but with a catchy title like “CNN.com Daily Top 10”, many computer users may over-look the domain that it comes from. CNN would never use some unprofessional email address such as the one list above. Obviously they would use a cnn.com domain or variation of cnn.com.
Learn more...»
Posted August 6th, 2008 & Last Updated Aug 7, 2008
in the Category(ies) Spam Alert | 14 Responses »
