Security News  

Have you ever click on a news reader link that took you to a video but later found to be malware or a malicious web site?

Reports have come in of some video links that could lead to malware by clicking a Google reader article link. From this link a computer user may be prompted with a video where if it is clicked to play takes you to a player on a non-Google page which is designed to spread malware. The whole process makes it look like Google is the culprit but it is not.

The attackers that set up this devious process have taken it upon themselves to create Google Reader accounts where they place links on the reader that take computer users to malicious web sites that spread malware. The malware was found to be a Trojan Downloader that includes Browser Helper Objects. This type of infection behaves like typical rogue anti-spyware programs where it prompts you with a fake notification that says you are infected with a virus or spyware.

Learn more...»

Beware of fake Adobe Flash Updates in the form of the executable file “adobe_flash.exe”

Hackers and trojan makers have been using fake Adobe Flash Update alerts that claim to update a user’s Adobe Flash Player only to install a trojan on their computer. In order to view a video from a website, many computer users have fallen under the online scam when prompted to update their flash player using the file “adobe_flash.exe.” Computer users feel confident to download “adobe_flash.exe” because the file name mentions “adobe,” but what they don’t realize is that they’re giving hackers or trojan makers access to their computer.

Lately this tactic has sparked a big flame in that many hackers are using the same methods through executable files that claim to update your Adobe Flash Player. The issue remains; the file that is downloaded is malware that does not update your Flash Player.

Learn more...»

Intego, a Mac security software firm, announced a security advisory alerting Mac computer users about a rogue security program called MacGuard. MacGuard’s website claims to be a Mac antivirus program which will “search your hard drive for Adware, Spyware and Trojans, clean your files, eliminate threats, and secure your privacy.” MacGuard mimics the Windows rogue security software called WiniGuard which is known to trick a computer user into purchasing its program with bogus pop up warnings of spyware. MacGuard’s website has the same look and feel as the website of WiniGuard. MacGuard is a clone of Antivirus XP 2008 and XP Antivirus.
security program called MacGuard.

Learn more...»

Is EstDomains Inc the choice registrar scams and spam?

While EstDomains is the 49th largest domain according to RegistarStats.com, it is believed that a percentage of the domains consist of scamming sites and spam sources. Security Fix, a security vendor, is working on cataloging all of the domains within EstDomains and will examine about 10,000 of them to make proof of the idea of EstDomains consisting of a good amount of spam or scam related domains. The study, based off of spam terms, is where they find many sites registered at EstDomains while using their name servers.

One ISP, Atrivo (aka Intercage), online connectivity was ended by several large data carries due to them being home to many spam and scamming sources. Now EstDomains is being examined by Security experts such as Brian Krebs at Security Fix.

SURBL.org tracks website names that are advertised in various junk emails. Brian found that one-third of the 10,000 domains examined are blacklisted by SURBL.org. That just goes to show that many of the domains are scams or come from spammers.

Learn more...»

It’s a fast growing and serious issue of people with unlimited bandwidth giving out free access to anyone within reach of their unsecured Wi-Fi network. Reports of security vendors have revealed that cyber criminals are utilizing unsecured Wi-Fi networks for their malicious actions.

In the past cyber criminals have used anonymous proxies to hide their identity but why go through the hassle if you can just use a neighbors unsecured Wi-Fi. Unfortunately for the unsecured neighbor, they may face serious legal charges against them if the criminal performs illegal activities while connected to the unsecure Wi-Fi network.

Learn more...»

If you have recently tried to open the Windows Registry editor (regedit) and you got a “Registry editing has been disabled by your administrator” error message, you still have hope for working around this issue. This message may appear when you attempt to open the registry editor for many different reasons but all you want to do is get into your registry so that you may complete what you originally set out to do with your system.

This message is very common when utilizing a computer on a corporate network or one that has been “locked down” by a system or network administrator. In some cases it may be hard to work around this message when you are dealing with a computer that was setup by a corporate administrator or company IT department. We do not recommend that you attempt the task of editing the registry on a company system although you may still bend the rules anyway.

If you want to go forward with re-enabling the ability to open the registry editor then you can follow the following steps in our first technique. A second technique is provided in the case that the first does not work for your particular Windows system.

Learn more...»

Are Hackers pushing Antivirus XP 2008 via Google Sponsored Links?

When you perform a Google search you get normal results and also sponsored results that are usually found on the very top or to the right side of the page. Recently some of the Sponsored Links have proven to be links to websites that download rogue anti-spyware programs.

Learn more...»

What would you do with an email message that had “CNN.com Daily Top 10″ in it’s title? You would probably open it and claim it as a trusted email, right? Not so fast! Spammers are using this title to redirect computer users to a site that may spread malicious files onto your computer.

This message comes as if it was sent from a random generated user email address, not the typical CNN.com address. We discovered that this email comes from the email address Harjinder-lkpn@321facets.com. That should raise a red flag by itself but with a catchy title like “CNN.com Daily Top 10”, many computer users may over-look the domain that it comes from. CNN would never use some unprofessional email address such as the one list above. Obviously they would use a cnn.com domain or variation of cnn.com.

Learn more...»

XP Antivirus, XP Antivirus 2008 and XP Antivirus 2009 are all part of the same family of rogue anti-spyware programs that all perform devious tactics when run or executed to get you to purchase the program. XP Antivirus, which is an older version of the programs mentioned above, performed an older method of creating registry entries so that the XP Antivirus program would find them on the system scan process. This was done to trick computer users and make them think that XP Antivirus is really finding “issues” on their computer. With the newer versions, XP Antivirus, XP Antivirus 2008 and XP Antivirus 2009, they do not create entries but instead displays erroneous results on a system scan where the parasite that it found is totally made up.

Learn more...»

A trojan rootkit variant (part of the Win32.Rootkit.Gen or Rootkit.Gen family group) continues to threaten computer users and has the ability to prevent anti-virus software from running to scan and remove parasites on your computer. Computer users who are infected with the rootkit variant state that it does not allow them to open their anti-virus program or visit websites that assist them in the removal of the infection such as symantec.com and update.microsoft.com. It is apparent that serious issues will occur for computer users who have a Rootkit type of infection on their computer.

Learn more...»