Koobface Virus Spreads to Bebo

As we have just reported about malware corrupting the world of social netoworks a virus has been discovered on Bebo.

Read on....

A virus that's attacking Facebook users is also infecting other social networking sites, says ScanSafe.

Koobface tricks social networkers into downloading malicious malware onto their PC. Users receive messages that look as if they're videos. Often they say something like "you look funny." When the user clicks to see the video, he is taken to a new website and asked to download special software in order to see the video.

That software is malicious and once installed on a PC, the Trojan will direct users to hoax search engines and other websites, putting them at risk of ID theft.

According to ScanSafe, Koobface has been identified on Bebo and could even spread to other social networking sites including - MySpace and Friendster. ScanSafe also claims that the virus accounts for one percent of all its blocked malware.

"Those who avoid promiscuous 'friending' on social networking sites will be least likely to encounter a Koobface type threat," said Mary Landesman, senior security researcher, at ScanSafe.

Cyberscams Slide onto Social Networks

With the popularity of social networks it was only a metter of time before we saw this. Malware has started to infultrate social networks like facebook and bebo.

read on....

A warning to those who love such social media sites as Facebook: The bad guys are coming for you.

A slew of security vendor reports on risks to expect in 2009 point to Facebook, Myspace and other such sites as increasingly tempting targets among hackers looking to dupe people out of their sensitive information. PDF and Flash files, once considered safe, are now a threat as well.

The findings on Flash and PDF is seen in a report released Tuesday from security-products firm Finjan Inc. The research finds cybercriminals are increasingly using PDF and Flash files as a vehicle for distributing their malicious code and for infecting end-user PCs. The Web Security Trends Report Q4 2008, released by Finjan's Malicious Code Research Center (MCRC) found criminals take advantage of the specific functionality available in Flash Action Script that enables the Flash file to interact with its hosted web page (DOM). They embed their malicious code in Flash files and dynamically inject it into the hosting DOM to exploit a browser-vulnerability and to install a Trojan, said Finjan officials. Although Flash supports the functionality to prevent such interactions, many sites owners are not using it, according to Yuval Ben-Itzhak, chief technology officer of Finjan.

The report states that large ad networks serving Flash-based banner ads did not prevent their ads from interacting with the hosting web page. The lack of configuration by ad networks to prevent this interaction, between the served Flash-based ad's Action Script and the DOM, has become a new vector for cybercriminals to serve their malicious code undetected.

"Using rich content applications such as Flash files to distribute malicious code has become the latest trend in cybercrime," said Ben-Itzhak "Having the widespread distribution and the popularity of Flash-based ads on the Web, their binary file format enables cybercriminals to hide their malicious code and later exploit end-user browsers to install malware."

Finjan's report also predicts cybercrime will continue to rise as an increasing number of unemployed IT professionals join in and criminals will continue to use Web 2.0 as a portal for scams.

U.K. and Boston-based firm Sophos also published its Security Threat Report 2009 on Tuesday. The research reveals that more malware is hosted on U.S. websites and more spam is relayed from American computers, than any other country. In fact, the November shutdown of McColo Corp., an American web hosting firm which was accused of collaborating with spammers and hackers, caused a 75 percent drop in spam, noted Cluley.

"Not only is the United States relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it's also carrying the most malicious webpages," said Graham Cluley, senior technology consultant for Sophos, in a statement. "We would like to see the States making less of an impact on the charts in the coming year. American computers, whether knowingly or not, are making a disturbingly large contribution to the problems of viruses and spam affecting all of us today."

Sophos's officials also said that in 2008, organized criminal gangs tripled their attacks against websites, injecting malicious code to infect visiting home users and businesses. 2008 also saw an increase in efforts by hackers to pose as legitimate anti-virus vendors, creating new professional-looking websites and applications every day with the intention of scaring users into believing that their computers have been compromised. On average, Sophos identified five new scareware websites every day, with the figure peaking at over 20 per day on occasion.

The report also documents a rise in hackers spamming out malicious attachments, designed to compromise PCs in order to steal identities, money and resources. By the end of 2008, Sophos was tracking five times more malicious attacks arriving through files attached to emails than at the start of the year.

Like Finjan, Sophos said Web 2.0 applications, such as Facebook, continue to be of interest to spammers and malware who break into users' accounts to take advantage of trusted social networks, and send spam and malware.

"The last year proved beyond doubt that Internet hacking gangs are organized like never before, often working across borders to steal money and data from unsuspecting users. The volume of attacks has increased, with hackers using automated systems to break into vulnerable websites or generate new variants of their malware," said Cluley. "People need to wake up to the reality that the completely legitimate website they are visiting could be harboring a dangerous malware infection planted by hackers. As we enter 2009 we are not expecting to see these assaults diminish. As economies begin to enter recession it will be more important than ever for individuals and businesses to ensure that they are on guard against Internet attack."

IE Zero-Day Follow-Up: Now Featuring Mass SQL Injections

We recently reported about a flaw in IE that could be exploited by hackers and now we have discovered an even further flaw. This needs to be stopped asap.

Read on.....

Malware criminals were quick to pounce on the recently discovered — and still unpatched — zero-day exploit for Internet Explorer and to mount mass SQL injection attacks, Trend Micro researchers have found. Researchers industry-wide have correctly warned that it was only a matter of time before this exploit, which is publicly available, was used for a wider scope of attack. The folks at the SANS Internet Storm Center (ISC) are also reporting this.

Advanced Threats Researcher Ivan Macalintal puts the number of infected sites so far at 6,000 and (quickly) increasing in number. He cites at least two Web sites infected with code that exploits the zero-day vulnerability, one in the .tw domain, and the other under .cn. The first is a Taiwanese search engine [Update: Now clean. -Ed.] which was found injected with the malicious JavaScript code through SQL injection.

The second is a Chinese sporting goods site with a traffic rank of close to 7 million, which was found containing HTML code directing users to a remote site which contains the same malicious script.

Fig. 1. A webpage of the compromised popular Chinese skating/sporting goods site

Fig. 2. An image of an injected redirection to a third-party site hosting the exploit

The final payload is a worm detected by Trend Micro as WORM_AUTORUN.BSE. Other exploits that also lead to the worm are as follows:

• HTML_IFRAME.ZM
• JS_DLOADER.QGV
• HTML_AGENT.CPZZ

Obfuscated JavaScript in the HTML webpages are also detected as JS_DLOAD.MD, the same malicious script found to exploit the zero-day vulnerability in IE7.

Microsoft posted revisions to its Security Advisory with the latest analysis about the underlying flaw in this attack, which the advisory also states, renders Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1, Microsoft Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 on all supported versions of Microsoft Windows as potentially vulnerable.

The Trend Micro Smart Protection Network already detects the malicious scripts as well as WORM_AUTORUN.BSE at the desktop level, and provides solutions for the removal of the worm.

Cops reel in greedy hackers

The authorities are now catching these guys and its about time. If they put their talents to good use they would not need to keep looking over their shoulders and they would make decent money doing it. Stupid hackers :)

Read on....

A syndicate of Internet thieves has stolen more than R400-million from government departments, including the Presidency.

Two computer identity-theft hackers, believed to be the masterminds of the cyber gang, were nabbed by the police this week.

These follow the earlier arrests of 13 people involved in stealing millions of rands from government departments and employees across the country.

The syndicate allegedly hacked into computer systems linked to the Presidency using specialised spy software (spyware) programs.

The Internet-based syndicate, which had operatives in banks and government departments, is alleged to be behind the theft of R400-million from bank accounts of the departments of Home Affairs and Public Works, the licensing department, several parastatals and financial institutions, as well as from staff working in the various organisations over the past two years.

The syndicate, the members of which have been arrested over the past month, was bust during an operation conducted by the South African Police Service's Covert Intelligence Collective Directorate and the Commercial Crime Unit.

The operation, dubbed Operation Swift, had detectives and undercover agents raiding houses in Tshwane and North West. The latest arrests were made in Centurion and Ramokokastad, North West.

The arrests bring an end to what has been described as the country's biggest cyber attack on government organisations.

The theft, say police, allegedly took place through fraudulent electronic funds transfers (EFTs) from the various institutes and its staff members' accounts since 2006, and saw the syndicate, which comprises small business owners and IT specialists employed in both the government and the private sector, siphoning off money to fictitious bank accounts.

Police spokesperson Senior Superintendent Tummi Golding said the latest arrests followed information received from undercover operatives.

She said the information showed that since 2006 the suspects had allegedly stolen more than R5-million from the Office of the Presidency's budget.

"One of the suspects was arrested in Centurion in a townhouse he rents and the second was arrested at his home in the North West town of Ramokokastad," she said.

Golding said the men, aged 40 and 36, would appear in the Pretoria Magistrate's Court soon on charges of fraud.

Golding said that during the arrests, police seized a Mercedes-Benz SLK and a Harley-Davidson motorbike, which had allegedly been bought with fraudulent documents.

She said that in other raids conducted as part of the operation, police raided several houses in Soshanguve, where they arrested five people and seized two laptop computers, two printing machines, a laminating machine and documents used to commit the alleged fraud.

Explaining how the syndicate operated, Golding said the group operated by infiltrating targeted departments and institutions and installing spyware on their IT systems.

"The spyware was used to collect the user names and passwords of users of the government salary systems.

"Once this information is compromised, it is used to effect fraudulent EFTs into bank accounts opened by runners using fraudulent documents.

"In some cases, government officials within IT departments used remote access software available on the commercial market to gain unauthorised access and modify the banking details of registered suppliers," she explained.

Golding said the syndicate also targeted bank officials for recruitment and facilitation of fraudulent transactions.

"These bank officials load stop orders from bank accounts of government departments using compromised user names and passwords of other bank employees.

"The funds are transferred into fraudulently opened bank accounts using the details of registered business entities.

"As well as this, the syndicate, in collaboration with government officials, used compromised log-on details of other users to create ghost workers on the Persal system and pay the salaries of these nonexistent employees into fraudulent bank accounts," she said.

ALL About Spyware

So what exactly is spyware then. Well lets learn today shall we. SHHHH class in session.

read on....

There are a lot of PC users that know little about “Spyware”, “Mal-ware”, “hijackers”, “Dialers” & many more. This will help you avoid pop-ups, spammers and all those baddies.

What is spy-ware?
Spy-ware is Internet jargon for Advertising Supported software (Ad-ware). It is a way for shareware authors to make money from a product, other than by selling it to the users. There are several large media companies that offer them to place banner ads in their products in exchange for a portion of the revenue from banner sales. This way, you don’t have to pay for the software and the developers are still getting paid. If you find the banners annoying, there is usually an option to remove them, by paying the regular licensing fee.

Known spywares
There are thousands out there, new ones are added to the list everyday. But here are a few:
Alexa, Aureate/Radiate, BargainBuddy, ClickTillUWin, Conducent Timesink, Cydoor, Comet Cursor, eZula/KaZaa Toptext, Flashpoint/Flashtrack, Flyswat, Gator, GoHip, Hotbar, ISTbar, Lions Pride Enterprises/Blazing Logic/Trek Blue, Lop (C2Media), Mattel Brodcast, Morpheus, NewDotNet, Realplayer, Songspy, Xupiter, Web3000, WebHancer, Windows Messenger Service.

How to check if a program has spyware?
The is this Little site that keeps a database of programs that are known to install spyware.

Check Here: http://www.spywareguide.com/product_search.php

If you would like to block pop-ups (IE Pop-ups).
There tons of different types out there, but these are the 2 best, i think.

Try: Google Toolbar (http://toolbar.google.com/) This program is Free
Try: AdMuncher (http://www.admuncher.com) This program is Shareware

If you want to remove the “spyware” try these.
Try: Lavasoft Ad-Aware (http://www.lavasoftusa.com/) This program is Free
Info: Ad-aware is a multi spyware removal utility, that scans your memory, registry and hard drives for known spyware components and lets you remove them. The included backup-manager lets you reinstall a backup, offers and multi language support.

Try: Spybot-S&D (http://www.safer-networking.org/) This program is Free
Info: Detects and removes spyware of different kinds (dialers, loggers, trojans, user tracks) from your computer. Blocks ActiveX downloads, tracking cookies and other threats. Over 10,000 detection files and entries. Provides detailed information about found problems.

Try: BPS Spyware and Adware Remover (http://www.bulletproofsoft.com/spyware-remover.html) This program is Shareware
Info: Adware, spyware, trackware and big brotherware removal utility with multi-language support. It scans your memory, registry and drives for known spyware and lets you remove them. Displays a list and lets you select the items you’d like to remove.

Try: Spy Sweeper v2.2 (http://www.webroot.com/wb/products/spysweeper/index.php) This program is Shareware
Info: Detects and removes spyware of different kinds (dialers, loggers, trojans, user tracks) from your computer.
The best scanner out there, and updated all the time.

Try: HijackThis 1.97.7 (http://www.spywareinfo.com/~merijn/downloads.html) This program is Freeware
Info: HijackThis is a tool, that lists all installed browser add-on, buttons, startup items and allows you to inspect them, and optionally remove selected items.

If you would like to prevent “spyware” being install.
Try: SpywareBlaster 2.6.1 (http://www.wilderssecurity.net/spywareblaster.html) This program is Free
Info: SpywareBlaster doesn`t scan and clean for so-called spyware, but prevents it from being installed in the first place. It achieves this by disabling the CLSIDs of popular spyware ActiveX controls, and also prevents the installation of any of them via a webpage.

Try: SpywareGuard 2.2 (http://www.wilderssecurity.net/spywareguard.html) This program is Free
Info: SpywareGuard provides a real-time protection solution against so-called spyware. It works similar to an anti-virus program, by scanning EXE and CAB files on access and alerting you if known spyware is detected.

Try: XP-AntiSpy (http://www.xp-antispy.org/) This program is Free
Info: XP-AntiSpy is a small utility to quickly disable some built-in update and authentication features in WindowsXP that may rise security or privacy concerns in some people.

Try: SpySites (http://camtech2000.net/Pages/SpySites_Prog…ml#SpySitesFree) This program is Free
Info: SpySites allows you to manage the Internet Explorer Restricted Zone settings and easily add entries from a database of 1500+ sites that are known to use advertising tracking methods or attempt to install third party software.

If you would like more Information about “spyware”.
Check these sites.
http://www.spychecker.com/
http://www.spywareguide.com/
http://www.cexx.org/adware.htm
http://www.theinfomaniac.net/infomaniac/co…rsSpyware.shtml
http://www.thiefware.com/links/
http://simplythebest.net/info/spyware.html

Usefull tools…
Try: Stop Windows Messenger Spam 1.10 (http://www.jester2k.pwp.blueyonder.co.uk/j…r2ksoftware.htm) This program is Free
Info: “Stop Windows Messenger Spam” stops this Service from running and halts the spammers ability to send you these messages.

—————————————————————————-
All these softwares will help remove and prevent evil spammers and spywares attacking your PC. I myself recommend getting “spyblaster” “s&d spybot” “spy sweeper” & “admuncher” to protect your PC. A weekly scan is also recommended

Free Virus Scan
Scan for spyware, malware and keyloggers in addition to viruses, worms and trojans. New threats and annoyances are created faster than any individual can keep up with.
http://defender.veloz.com// - 15k

Finding . is a Click Away at 2020Search.com
Having trouble finding what you re looking for on: .? 2020Search will instantly provide you with the result you re looking for by drawing on some of the best search engines the Internet has to offer. Your result is a click away!
http://www.2020search.com// - 43k

Download the BrowserVillage Toolbar.
Customize your Browser! Eliminate Pop-up ads before they start, Quick and easy access to the Web, and much more. Click Here to Install Now!
http://www.browservillage.com/ - 36k

An Anti-virus can Also be Vulnerable to Hackers

iViZ, an information security company that offers "Green Cloud Security", has discovered new classes of vulnerabilities in many popular commercial and open source anti-virus software. The company states that these vulnerabilities can potentially allow attackers to gain access to systems using such antivirus software.

According to iViZ, an attacker can craft an e-mail with malicious code that can crash the vulnerable anti-virus and bypass the computer's local security solution.

The iViZ "Green Cloud Security" Vulnerability Research team , using a variety of "file fuzzing" techniques discovered abnormal behavior in several security tools -- especially when handling complex or unusual executable header data. Multiple bugs were found in antivirus software while processing malformed packed executables as well.
Some of these bugs proved to be security vulnerabilities, which could make the antivirus itself a back door for hackers.

The affected software included popular commercial and open source anti-virus software such as AVG, F-Secure (F-Prot), Sophos, ClamAV, BitDefender and Avast. It stated that the list could include other security-based software as well.

iViZ experts advised businesses to perform regular and periodic penetration testing as it can help them combat constantly evolving vulnerabilities and threats.

New virus stalks socialising websites

Back in the days when modems were the only way to get online - this is back in the cyberworld equivalent of the stone age - things were a lot simpler.

Hackers only went after businesses and governments, and viruses were just an annoyance.

Because there were so few threats 20 years ago, few people bought anti-virus programs either. In hindsight, it was kind of silly. If you did buy an A/V program back then, it only worked against the viruses everybody already knew about. If a new virus came out, you had to go buy the update at a store.

Unfortunately, today what most people think they need to be safe online hasn't kept pace with the reality. Neither has most people's understanding of what the dangers are online. Twenty years ago, no one ever had to worry about things like spamming, phishing, malware and botnets.

---

---

A friend the other day asked me about a new virus on Facebook. A new virus? That's odd. New viruses - a replicating programme that usually damages a system - are a rarity these days. I asked if instead it was a new trojan, keylogger or some other type of malware. I think I could have been speaking swahili for the look I got.

The "virus" my friend was asking about was Koobface, which is currently hitting social networking sites such as Facebook, MySpace and many other. Any confusion over what Koobface "is" has to be excused, since I've several news stories about it that didn't know either. It's been reported as virus, a worm and a trojan. To keep it simple, Koobface is malware (a term used to describe any software that is harmful to your computer). How it works is that you receive an email, which contains a link to what is supposed to be a video, through your social networking account. If you click on the link, you'll soon be prompted to download software that says it will allow you to watch a video. It's bogus. The downloaded software is really a trojan horse, an application that will attempt to steal personal information. The trojan will use your account to send the original email to your friends, who can then get infected themselves.

So what can you do? You can - and probably should - go out and buy anti-virus and internet security software. Today's A/V programs cover bots, keyloggers and most other type of malware you can encounter these days. Most importantly, you should also use your brain. While security problems will stop almost everything from getting through, using a little common sence will stop you from having to put your software to the test. For years secucity companies have been saying "don't open email from people you don't know". That rule still applies and it applies to social networking e-mails just as much as it does to the ones you receive in your Outlook inbox.

The same goes for downloading files. If your computer tells you it needs the latest version of Flash, OK. You will need to update your software occasionally, but pay attention to where you're downloading the file from. If you have to update your Flash player, go to Abode.com and get it from the guys who make it. Don't trust generic websites. The cyberworld is getting worse, and it's getting worse on a daily basis. That doesn't mean you need to avoid going online or know the difference between a worm and a virus. It does mean you need to think before you click that link. This isn't the '80s. It's time start thinking about security.

The "virus" my friend was asking about was Koobface, which is currently hitting social networking sites such as Facebook, MySpace and many other ... It's been reported as virus, a worm and a trojan.

Survey: Web-based malware puts corporations at risk

A new study found that 85 percent of malware is being distributed through Web applications, which is creating a growing threat for corporations as employees increasingly do online social networking, video watching, and personal e-mail at work.

Other findings of the survey, conducted by security firm Webroot, are:

• Web-borne malware increased more than 500 percent in 2007.
• One-quarter of companies report that data has been compromised by a Web-based threat.

• Nearly one-third say their Web security was compromised as a result of employees using computers at work to access social networks, Web-based e-mail, and video sites.

• 15 percent enforce Internet usage policies.

About 650 information technology administrators in English-speaking countries were surveyed this summer for the study.

12 Types Of Anti-Spyware Programs

You can try out each program and get the best choice to protect your computer from the possible threats.

In the market there are many anti spyware and ad ware programs like Ad-Aware SE Pro, Counterspy, Trend Micro, Spy Sweeper, AntiSpy, Spy ware Doctor, PestPatrol, etc. available in the market. Each program has its own identity and method to access the internet. The anti-spyware company’s offers free download or it offers for free trial for certain period of time. There are many free antispyware are also available online for free trial with self-update.

You can try out each program and get the best choice to protect your computer from the possible threats. There are many anti-spy ware programs available for free. There are many free games and video or peer to peer sites also contents various spy wares. It is not advisable not to access the system. Many freeware have give virus or malicious things as gift with the installation.

1. Lavasoft’s Ad-aware SE pro 6. It can give you many good features where we can’t find it in other products.

2. Spy Sweeper launched upgraded version 5.2 with many updates for the customers. The Spy Sweeper 5.2 runs quickly, custom or full sweeps in record time.

3. Spyware Doctor promise real-time blocking and protection features.

4. The Norton Internet Security 2007 offers triple security against antivirus, firewall, and antispyware and. It also gives anti Spam, privacy, and parental control.

5. AVG Anti-Spyware offers the free services as well as the paid one. It gives 30 day trial version.

6. CounterSpy runs in the background and protect from spyware and ad ware.

7. McAfee is an effective anti-virus product. It is user-friendly and provides many different forms of support.

8. Trend Micro Anti-Spyware has unique features. Trend Micro Anti-Spyware covers all types of spyware or ad ware components.

9. The Anti-spy provides customize solution. It can automatically start scanning as defined time.

10. CA Anti-Spyware 2007's active shields recognized and blocked spyware.

11. CyberDefender AntiSpywareis identify and defense invasive spyware on your computer.

12. The Spy Sweeper is user-friendly. Spy Sweeper one of the favorite amongst the anti-spyware tools.

Apart from this there are many anti-spyware available in the market. All have different features and compatibilities.

Sony needs a common-sense czar

With so many czars running around trying to solve the nation's problems in tech, auto and drugs, perhaps Sony should consider hiring a common-sense czar.

Is there any major consumer company around that seems to understand basic customer relations less than Sony? Isn't rule No.1 in the CR manual, "Don't spy on customers?" If so, then rule 1-A must be: "Take extra care to avoid spying on customers' children."

The latest example of Sony's disconnect with the masses came this week when the company's music division was fined for surreptitiously collecting information on children under 13-years old.

On Thursday, Sony agreed to pay $1 million to the Federal Trade Commission for collecting information on 30,000 children without obtaining parental consent. According to the Associated Press, Sony violated the Children's Online Privacy Protection Act when it collected the data from hundreds of fan sites, including those of such musical acts as Kelly Clarkson, Britney Spears and Christina Aguilera.

Sony representatives declined to comment.

Sony's growing list of scandals raises the question of whether anyone at the conglomerate has an ounce of public relations savvy. If they don't, the company should find someone fast and that person's mission should be to smack down overly zealous marketing types who come up with lamebrain ideas like this one.

Or how about the one for last year's promotional party for the PlayStation 2 game God of War II that turned into an international embarrassment for Sony. In keeping with the video game's Greek mythology theme, comely women were hired to prance around topless and feed grapes to partygoers as part of the "theatrical dramatization." If that wasn't over the top enough, the centerpiece of the festivities was a butchered goat that was dressed up to look like the animal's entrails were falling out.

Across the world, animal activists howled and critics blasted the company's "bad taste." Sony apologized and yes, returned the goat carcass to the butcher. (I'm not kidding, that was their response).

Then there was the company's supreme blunder, which also came from the music division.

Before Sony, even some hardcore techies were unfamiliar with rootkits. Now, the two are synonymous. In 2005, Sony loaded MediaMax CD 3 and Extended Copy Protection (XCP) software on music CDs to help boost copy prevention. The software loaded a rootkit malware onto the PC of anyone who loaded the discs. Rootkits are programs designed to hijack control of a computer.

Texas' attorney general filed suit against the company and accused it of loading spyware onto computers. Class action suits were also filed in New York and California. The fallout lasted years.

The rootkit debacle makes this latest child-spying case all the more mind-boggling. Even if you give Sony the benefit of doubt and discount the possibility the company is evil, then what are you left with? Yes, that's right: incompetence.

I have met a lot of smart people from Sony and I have to believe that some of them realize the company is developing a nasty reputation as an enemy of consumer privacy.

Firefox: Most Risky App to Businesses in New Study

The good old FF browser gets little love when it comes to security

Firefox has its plate full when it comes to security. It has grown a substantial enough market share to place it in a strong second after Microsoft. This gives it a high profile and leaves it a desirable target to be exploited by hackers and malware writers. Worse yet, it has less money to fund security efforts that Microsoft, and according to some experts, less focus as well.

While small market share browsers like Opera and Chrome have built a reputation on their security (with Safari, being a noticeable exception, have a reputation for insecurity), Firefox continues to plod along in a day to day fight, trying to remain a secure platform while dealing with the challenges of browser celebrity.

Perhaps for this reason, Bit9, an application whitelisting firm that helps employers block employee access to certain apps, placed Firefox on the top its list of most vulnerable apps. The remaining spots on the list were filled out with more familiar names, with two through twelve respectively being: Adobe Flash & Acrobat; EMC VMware Player, Workstation, and other products; Sun Java Runtime Environment; Apple QuickTime, Safari, and iTunes; Symantec Norton products; Trend Micro OfficeScan; Citrix products; Aurigma and Lycos image uploaders; Skype; Yahoo Assistant; and Microsoft Windows Live Messenger.

The Bit9 study looked at several factors in ranking vulnerability. One factor was how popular the applications were. Another factor was how many known vulnerabilities existed, and how severe they were. Lastly, it looked at how hard patching was for the particular application.

In order to make the list, programs hand to run in Windows and not be centrally updatable via services such as Microsoft SMS and WSUS. Many say that the survey was unfair to Apple products because it kept easier patched Microsoft applications off the list.

In some ways, though Bit9's list is a useful benchmark. It aptly points out that many networks have Firefox installations running on machines, without the system administrator being fully aware of the instance of these installs. Thus, despite the fact that most of the vulnerabilities looked at have been patched, the installs may not receive these patches immediately, until the employee upgrades to the next edition of the browser.

The study's conclusions only marginally apply to the consumer market. However, when it comes to the business market, the study argues that picking or allowing employees to run Firefox, even with its security plug-ins, is a ticket to the IT danger zone as malware increasingly targets application layer targets such as Firefox.

Security in Recession

With the National Bureau of Economic Research in the United States announcing last week that the U.S. has officially been in recession since Dec. 2007, IT budgets are highly likely to be strictly controlled both in the U.S. and in other parts of the world. I had a conversation with a friend over the weekend, and he asked me if I expect redundancies in the IT Security industry, as companies could no longer afford to have dedicated security personnel on their books.

To be honest, yes I think there will be. However, I also think that the overall IT security industry will continue to grow in 2009 - bad guys are not going away anytime soon, and a lot of their existing scams work really well in this economic climate. Companies who choose to think otherwise may well end up regretting it in the long term, and here are my thoughts on why:

At the end of the day, security boils down to risk management. The three core values every organization needs to protect are often shown in the acronym CIA (Confidentiality, Integrity, Availability). Different organizations prioritize on different areas, but I think when it comes to economic downturn, confidentiality, and availability are obviously the most affected.

In terms of confidentiality, we are talking about an organization’s private data being protected. I’m based in Ireland, where 17,000 people had their jobs slashed in November. This is a drop in the ocean compared to other countries, particularly the half a million employees who lost jobs in the U.S. Insider threats have long been one of the largest risks facing organizations, especially in the case of the so-called “disgruntled employee.” With large number of employees made redundant, having their salaries cut, etc., there are a lot of incentives for these same employees to engage in data theft.

When people feel hard done by their employers, they are more likely to relax their morals. In these cases they may no longer consider taking confidential company information outside of the company as stealing. They feel an entitlement to this information, after all, they’ve put years of work into helping the company grow. The very fact that there are so many Data Leak/Loss Prevention (DLP) solutions on the market should give you an idea of just how big this problem is - and I think the risk of Data Theft/Loss is going to increase in the current climate

Which brings us to the other big factor - Availability. Almost every company is currently engaged in examining their costs, and reducing them wherever possible. Whether it is in terms of head count or even simply lowering all of the thermostats in their buildings by five degrees (my hands are going blue typing this), a lot of companies are walking a very fine line trying to keep afloat for the next two to three years - even the smallest misfortune could tip the ship.

This is where malware comes in. The recent WORM_DOWNAD.A attack was quite successful in infecting unpatched Windows machines, with a quite a few companies having thousands of machines infected by the threat. Cleaning a threat like this costs a lot of money - a company may need to pay their IT staff overtime to fix the problem, or they may have to bring in external contractors. That’s not where the real loss is, however. Picture a company of 4000 employees. Now picture all of those employees being unable to use their machines for three hours while the systems are being cleaned, patched and tested. That is 12000 man-hours of work which that company is paying for, and getting nothing in return. To put it another way, that’s about 6.5 employees’ salaries for the year which sums up to around 200-250K. There are very few companies that have that kind of money to burn at the moment.

So, to any organization thinking of cutting their security budgets, think long and hard about weighing the short term savings with the potential losses. I wish I could say that there won’t be companies that would go under because of a malware attack in the next couple of months - but optimism is not exactly in large supply at the moment.

Microsoft: Hole exploit endangers all IE versions

An unpatched security hole in Internet Explorer that is being exploited affects all versions of the browser, making it more serious than originally believed when it was first publicized two days ago, Microsoft says.

Microsoft is investigating reports of attacks against a new vulnerability in IE but said in an update to a security advisory issued late on Thursday that all versions of IE are potentially vulnerable.

The company recommends setting the Internet zone security setting to "high" and using access control lists to disable Ole32db.dll to provide the most effective protection against an attack.

"Our latest information is that there are still limited attacks seeking to load malicious software on vulnerable systems," Christopher Budd writes in the Microsoft Security Response Center blog.

Microsoft has seen several hundred detections of exploits from around the globe, though the sites taking advantage of the vulnerability appear to be hosted on Chinese domains, Microsoft said in a Microsoft Malware Protection Center blog.

"The exploit sites we've seen so far drop a wide variety of malware--most commonly password stealers like new variants of game password stealers like Win32/OnLineGames, and Win32/Lolyda; keyloggers like Win32/Lmir; trojan horse applications like Win32/Helpud along with some previously unseen malware which we generically detect as Win32/SystemHijack," the Malware Protection Center blog says. "We fully expect the variety of malware being dropped by this exploit to broaden as the exploit code starts to circulate around the Internet underground."

People visiting trusted sites could be affected as well from sites targeted by SQL injection attacks through which malicious code is injected into sites, Microsoft says.

A Microsoft spokesman said he could not say when a fix would come. The next Patch Tuesday is scheduled for January 13.

Microsoft's updated advisory lists a number of mitigating factors: Protected Mode in IE 7 and IE 8 in Windows Vista limits the impact of the vulnerability; IE on Windows Server 2003 and 2008 runs in a restricted mode known as Enhanced Security Configuration that sets the security level for the Internet to high; the attacker could only gain the same user rights as the local user; known attacks can not exploit the issue automatically through e-mail.

Poor Computer Security Putting Immigrant Data At Risk

About 60% of the computers at multiservice businesses that serve the immigrant community are actively infected with malware, according to a study released on Thursday by Panda Security.

This puts customers at considerable risk of identity theft and money transfer interception.

About 30% of the computers at these businesses had outdated antivirus software.

Panda's findings come following two years of research into the cybersecurity practices at 300 independently owned and operated multiservice businesses in the Los Angeles and Las Vegas metropolitan areas.

The study focused on businesses in predominately Latino neighborhoods. Eighty-five percent were single locations, with the remainder operating from two to eight branches. About 1,500 PCs total were covered by the study.

Multiservice businesses typically offer money transfers, income tax payment, check cashing, bill payment, travel services, auto insurance, notary services, and/or telephone calling card sales. They're commonly used by immigrants to remit funds to Mexico and other countries.

There are some 66,000 comparable businesses in the United States, Panda claims.

"The employees [at these businesses] are frequently minimum wage young adults who spend time chatting, using peer to peer networks and visiting chat sites on the very same computers sending sensitive data," Panda's report explains. "Periodic spyware infections which stop the ability to perform transactions are often viewed as a business expense. Panda Security views this combination of poor maintenance, low security consciousness and end user behavior as a disaster waiting to happen."

A spokesperson for the company said that the study focused on infection rates rather than actual cases of fraud and thus had no examples of actual accounts being compromised. Even so, the gap between risk and compromise isn't large enough that this issue can be ignored. There's no shortage of examples of data and monetary loss arising from credential theft.

The Panda study points out that the presence of a key-logging Trojan on a PC used to initiate a money transfer through an online site could provide an attacker with all the necessary information to intercept and collect the transferred funds.

While one might prefer to believe that banks would prevent anyone but the designated recipient from collecting transferred funds, reality in countries like Mexico is not constrained by such a rosy view of the world.

"The going rate for a false government identification was USD$100, and false birth certificates cost USD$50," the Panda report states. "Due to advanced dye sublimation card printing technologies and corrupt government employees, high quality false documents made with real substrate can be available in mere minutes. In one popular wire transfer service that makes wire pickup available in a large Mexican national bank the beneficiary does not need to pick up the remittance at the designated branch."

In short, money transfers to such countries can be stolen without substantial difficulty if they begin on a compromised computer.

Panda recommends that multiservice businesses beef up their cybersecurity and advises those interested in transferring money to use FDIC-accredited banks or Western Union, which should have higher security standards. Its report can be obtained by sending an e-mail to: CriticalAlert@us.pandasecurity.com.

Court Enjoins Spyware Producer Under FTC Act

The U.S. District Court for the Middle District of Florida has issued a preliminary injunction against a producer of spyware under the Federal Trade Commission Act. Federal Trade Commission v. Cyberspy Software, LLC, et al., No. 6:08-cv-1872 (Preliminary Injunctive Order, Nov. 25, 2008).

The FTC sued the defendant company and its principal for unfair and/or deceptive trade practices under the FTC Act. According to the court's order, the defendants’ spyware is designed to be installed on a computer without the knowledge or consent of a computer’s user. The defendants provide instructions to customers which demonstrate how to disguise the spyware as an innocuous file. Once a user installs the spyware, the spyware tracks the user's keystrokes, passwords entered, and websites visited.

The court found the FTC was likely to succeed on the merits of the case, and that continued sale of the spyware was likely to cause substantial harm to consumers. Although the defendants argued that the spyware has some redeeming value, such as allowing a parent to track a child's Internet usage, the court noted that the defendants' marketing materials suggested that the spyware should be used for more harmful purposes.

Merry Malware - Tis the season for postcards

I know I have reported about this before but we the holidays fast approaching I again wanted to highlight this topic. You need to be on you guard against this.

Read on.....

Well it’s that time of year again when your thoughts turn to family and friends and you want to ‘reach out’ to them with a nice greeting card - either Xmas or New Years. If you get or give an electronic version all the better as you save on postage and don’t have to wait for snail mail.

We aren’t the only ones thinking of others at this time of year and by that I mean the malware writers. Every year at the holidays we see an upsurge of ‘postcard ware’ based malware. They look like a e-card from a loved one so you are enticed to open them up and while some do display a pretty picture or a play a nice tune in the background they are infecting your pc.

Some recent sample are posted on the Microsoft Malware blog so you can see the pictures without having to get infected.

http://blogs.technet.com/mmpc/archive/2008/12/02/merry-malware.aspx

http://blogs.technet.com/mmpc/archive/2008/12/04/o-come-all-ye-malware.aspx

While many of the e-cards sent at this time of the year are legitimate and sent with the best of intentions it is up to you to double check with the supposed sender if they really did send you one and if you don’t recognize the from e-mail address then don’t open it no matter how tempting it looks.

IE zero day bites broader group of users

Researchers are warning that the unpatched security vulnerability in Microsoft's Internet Explorer affects more versions of the browser than previously thought, and that steps users must take to prevent exploitation are harder than first published.

According to an updated advisory from Redmond, the bug that's been actively exploited since Tuesday bites versions 5.01, 6, and 8 of the browser, which is by far the most widely used on the web. A previous warning from Microsoft only said that IE 7 was susceptible to the attacks. IE is susceptible when running on all supported versions of the Windows operating systems, Microsoft also says.

What's more, while there is some protection from Vista's User Account Control, the measure doesn't altogether prevent the attack, according to this post on the Spyware Sucks blog. Microsoft and others have suggested that those who must use IE in the next few weeks set the security level to high for the internet security zone or disable active scripting. These are sensible measures, but they don't guarantee you won't be pwned, according to this post from the Secunia blog.

Secunia goes on to revise what it says is the cause of the vulnerability. Contrary to earlier reports that pinned the blame on the way IE handles certain types of data that use the extensible markup language, or XML, format, the true cause is faulty data binding, meaning exploit code need not use XML.

Microsoft has yet to say whether it plans to issue a fix ahead of next month's scheduled release. For the moment, the volume of in-the-wild attacks remains relatively modest and limited mostly to sites based in China. But because attackers are injecting exploits into legitimate sites that have been compromised, we continue to recommend that users steer clear of IE until the hole has been closed.

Plenty of other researchers have weighed in with additional details about the flaw. Links from SANS, Sophos, and Hackademix here, here and here.®

Remove SpyRemover Pro. Description and removal instructions

SpyRemover Pro is rogue anti-spyware application that uses shareware/crack websites as a way to get into the user’s computer. Parasite claims to be respectable software but in reality is scamming program which shows falsified virus infection reports. And all this is doing only to mislead user into purchasing of a license. Spy RemoverPro strongly refuses to be uninstalled, so manual removal could be very difficult. There is no actual information for users about spywares that SpyRemover Pro can detect or remove. Download of this application is absolutely free, but there is paid one license. What about problems that parasite will bring to you? The answer is that your computer will become slower and internet connection limited. How ever if you want to avoid your money loses try to avoid of SpyRemover Pro download and install. Stay away from the websites that promotes this parasite and scan your system with real spyware remover.

SpyRemover Pro properties:
• Changes browser settings
• Shows commercial adverts
• Connects itself to the internet

• Hides from the user
• Stays resident in background

10 Questions To Ask Yourself And Determine If You Are Spyware Savvy

Most of us who use computers

are afraid of spyware and the problems it causes. So, you learn all about spyware and the ways to protect yourself from it. How will you know whether you have complete knowledge? Well what you can do is to surf the World Wide Web for the latest on spyware and computer security.

Most of us who use computers are afraid of spyware and the problems it causes. So, you learn all about spyware and the ways to protect yourself from it. How will you know whether you have complete knowledge? Well what you can do is to surf the World Wide Web for the latest on spyware and computer security.

You can test your knowledge by taking self-tests and quizzes. Companies like Microsoft are very consumer friendly and make an effort to upload tons of information on computers and software for users in search of knowledge.

According to Microsoft you can test your knowledge by answering the following questions:

1. How will you prevent children from accidentally downloading spyware?

The answer must be: You can prevent children from downloading spyware by giving them a limited user account.

2. What are browser cookies?

Ans: These are created by unethical persons to track your browsing preferences for their own use, to spam your pc with advertisements and marketing ploys, to steal personal information like bank account details, credit card numbers and so on, and to cause harm to your computer and business by stealing data/files.

3. How can you use technology to protect your computer?

Ans: Many giants in computer technology are offering software and hardware to prevent spyware attacks. For example Windows Defender Beta 2 is one option.

4. What is Windows Defender?

Ans: It is an anti-spyware software that can detect spyware and warn you immediately, inform you of possible dangers and new spywares, remove spyware. It protects your PC against pop ups, slow functioning, security threats, and infections.

5. What are common signs that show your computer is infected?

Ans: Signs are unwarranted pop ups, strange PC behavior, change in homepage settings, appearance of new tool bars not installed by you, slowing down of computer, loss of files, crashing of computer, and so on.

6. What are the precautions to be taken?
Ans: Precautions are: install a fire wall, update all software, pay attention to security settings, use anti-spyware programs, use the internet safely.

7. Is a firewall useful?

Ans: Yes, it examines all information and acts as a filter anything even faintly suspicious will not be permitted, it will create a protective cloak and prevent undesirable sources from detecting your computer on the net.

8. How does spyware work and what protects your computer?

Ans: A spyware is a thief it can use information on you, steal files, and place undesirable material on your computer. The pc must be protected by use of firewall, anti-spyware hardware as well as software, and careful browsing as well as downloads.

9. Where can you get protection against spyware?

Ans: There are many choices a few are: Platinum Internet security 2005, Microsoft Beta 2, Webroot Spy Sweeper, Sunbelt Counter Spy, and Spybot.

10. Name three security measures?

Ans: One must not open e-mails with attachments from unknown sources; use a spam guard for all e-mail accounts, and avoid using messengers.

These days knowledge is available at the click of a mouse button so update your knowledge base and keep abreast of new developments.

How Do I Remove Viruses, Adware, Malware, etc.?

Background.
How Do I Remove Viruses, Adware, Malware, etc.? The short and snippy answer (for the moment) is 'get a Mac.' ;-)

But assuming you use Windows in one flavor or another as most of us do, read on. All of the software I recommend below is free for home and non-commercial use.

Symptoms? If your PC has recently become much slower than usual, displays unrelated pop-ups, or takes the browser to sites you didn't choose, you may very well be infected.

Avoid Malware
It's of course best to avoid malware (I'll use this term to refer to malware, viruses, adware, etc.) to begin with. To that end I recommend six things.
1. A hardware NAT router, even if you only use 1 computer w/ your broadband connection.
2. Enable the built-in Windows firewall.
3. Run some anti-virus software.
4. Stay up to date with the OS security updates.
5. Be smart.
6. Use a safe browser.

For a router, pretty much any name brand router will do. I've had very good luck with Linksys but other prefer various brands. The Linksys WRT54G is a very common, reliable, and affordable model. [often under $70]

There are several free and payware software firewalls available for Windows. I used to use the free ZoneAlarm for 3+ years but stopped about 2 years ago. It was slowing down my machine and between the built-in Windows firewall and the hardware router I wasn't convinced it was really necessary. It is true that the 3rd-party software firewall will tell you if you have malware 'phoning home,' but if you follow these other instructions that shouldn't really be an issue. Also, when most people are asked by the software whether or not to allow some outbound connection they usually have no idea what they are being asked and just click 'Okay' anyway, defeating the purpose.

I think all versions of Windows since and including XP SP2 have the firewall enabled by default.

There are many choices for anti-virus software. I recommend staying away from the large suites like Norton & McAfee. They are often bloatware and will slow your machine down quite a bit. I use and recommend the free AVG and Avast AV tools. They both update regularly and work well. I've been using them for several years and never had a problem. Note: Only use one or the other on a given PC, not both. [I've heard good things about Clam A/V but never used it myself.]

Make sure you have the automatic updates enabled for Windows.

By 'be smart' I mean be careful what apps you run and what things you click on. Be VERY hesitant to open attachment that come in your email, even from supposedly trusted sources. They could be infected and not realize that they are sending malware. If you go to a web page and a pop-up tells you to click and download something because you're infected, don't. If something tells you it needs to download a new codec for Windows Media Player, don't. There are some exceptions to these rules, but you're better off erring on the side of caution.

Use a safe browser. IE 7 & 8 are much better than previous versions w/ respect to security, but still prefer Firefox and more recently Google's Chrome. If you run Firefox you may also want to run the NoScript extension. It by default disables JavaScript on all web pages/sites, allowing you to selectively enable them for sites you trust. This can be a headache if you're not comfortable with the process.

Assuming all of the above you should be very unlikely to end up w/ malware on your Windows machine. But what if in spite of that you get some anyway, or already have some? ...

Removing Malware
If you think you may be infected there are several free tools you can and should run. I've yet to see one tool that will remove them all, but a combo of 2 or 3 will usually do the trick.

I prefer to run both Spybot and AdAware, one after the other. You may want to run them once a month even if you don't suspect a problem anyway. I've also heard many good things about a new tool called Malwarebytes; I haven't tried it yet but intend to.

So there you have it. Be smart, use a hardware router, and take advantage of the free software. ;-)

Thi is certainly not the absolute final word on the subject, but if you do these things I think you'll avoid the vast majority of malware problems on Windows. And if your machine seem infected with numerous things that the tools simply can not remove properly, the best thing to do is format the drive and reinstall Windows from scratch. Sometimes that's the only sure way to know the system is clean.

Oh, one more thing, if you download stuff from questionable torrent sites and tools like Limewire, you're almost begging to get malware on your machine. Stay away from both.

US shuts down 'scareware' sellers

The US government has moved to shut down sellers of fake security software.

The Federal Trade Commission (FTC) has won a restraining order that stops several sellers of "scareware" from continuing to trade.

Millions of people are thought to have been caught out by the software which, once installed, issues false alerts about viruses and illegal porn.

The FTC is pursuing further legal action to win a permanent ban on those peddling the scareware.

Frozen funds

Court papers submitted by the FTC show that the peddlers of the fake security software tricked websites into advertising their products.

The companies behind the fake security software won customers via adverts on many popular websites.

Anyone clicking on an advert was taken to the webpages run by the fake security firms which then ran a "scan" looking for security problems.

Every scan found a host of security problems and urged visitors to buy software to fix them. Typically the scans found evidence of viruses, spyware and, in some cases, illegal pornography.

"However," said the FTC, "the scans were entirely false."

In its legal action the FTC targeted two firms: Innovative Marketing, Inc. and ByteHosting Internet Services, LLC.

The fake security products the firms were peddling were: WinFixer, WinAntivirus, DriveCleaner, ErrorSafe, and XP Antivirus.

A US District court granted an injunction which stops Innovative Marketing and ByteHosting Internet Services from continuing to advertise their products, and from making false claims about their efficacy.

It has also asked firms hosting the websites owned by these firms to block customers from accessing them. And it has also frozen the assets of the two companies so it can reclaim cash and refund those caught out.

More than one million US citizens and many more around the world are thought to have been caught out by the "scareware" scam.

"The popularity of the rogue anti-virus and spyware products has rocketed," said Yuval Ben-Itzhak, chief technology officer at security firm Finjan.

"People are paying 40-60 dollars for bogus software which does nothing," he said, adding that Finjan research suggests up to five million people around the world have fallen victim to the huge number of firms selling "scareware".

Dan Hubbard, chief technology officer at Websense, said many "scareware" firms ran very sophisticated operations. Many use search engines to ensure web users see their adverts and tune their products to each territory.

"They seem to know the law in different regions," he said. "They monetise it very well."

Malware and Spyware - Are They the Same Thing?

Everyone has heard of Spyware, it is that nasty program that gets into your machine and causes havoc. It redirects you when you are not expecting it, it messes with your browser settings, and most of the time, it comes by way of the unsuspecting users allowing it in. There is another face to this coin however, in the name of Malware. This program runs off similar parameters, and has a chameleon like effect. Considering they are of the same bloodline, is it easy to ascertain that they are the same problematic bug?

Here is a look at the roots of the Malware and then you can judge for yourself. It was back in the year 1949 that the notion of a computer program that could self-reproduce was recognized. This is what is known as the theory of complicated automata. Malware uses encryption that is rudimentary, as it is self-obfuscating. This is the case where detecting a computer virus would become more difficult, as algorithmically challenging the main systems programming. The Malware is indeed quite resistant to reverse engineering. Once it is in, the notion is that it will be a definite chore to remove it. This seemingly passive, yet vary evasive program uses a public key and is known to the computer savvy as a crypto virus. When this virus attacks, it drops plain text data on the machine of the user. This by all means is a hybrid of the regular run of the mill Spyware, by all accounts. Finding the maker of the said Malware is pretty much the only way to get rid of the encryption of the plain text issue that has been installed.

This being said, Malware is indeed a form of virus and would be placed on a person’ computer without their consent. Its sole purpose is to infiltrate and destroy. There is another name for this virus; lawmakers call it as scum-ware. There are no absolute features of this virus, more the intent of the creator of the said pest to harm someone else’s machine. Many times people confuse Malware with a program that may have a bug on it, or the program is defective. Generally malicious software is created to infiltrate and cause harm on the intended machine. Sometimes the intent is not to harm at all, rather just to annoy, yet considering no one really knows what is going on in someone else’s computer leads to the destruction of their files. It was more of a prank than the MS-DOS viruses, and Internet worms where developed, not as was first believed that they were harmful. It is often thought that the young programmers of these bugs are merely playing around, just curious as to what the bug can really do, or how far it will spread throughout the Internet.

This is not to say, that there is not a bug without hostile intent involved. Many times the bug is set in motion to corrupt data, or loose file systems all together. This is where data junk is placed on the hard drive itself. The idea that someone could come into your system and corrupt it or vandalize it for sheer pleasure just goes to show you the lack of maturity, and respect some people have for the rest of the population. Worms are often noting more than a nuisance that leaves graffiti tag, so to speak where ever it goes. Revenge is also a great motivator for these absolutely ridiculous programs, a form of get back for this gone bad between friends or peers. This unfortunately is not uncommon, as people leave forms of backdoors or time bombs, meant to completely mess up a system by reason of resentment. Now the basis of malicious software is primarily profit motivated. It is now the case and point that no, Malware is not like Spyware. The latter of the two, being a pest and follows your movements. Malware is a malicious program, and attacks the file system, and logs on your machine. Pretty much it is only Malware that is a virus, Spyware is more of a tactic to monitor your movements and behaviors. This is for the purpose of marketing and sales pitches.

Warning Spyware Detected on Your Computer - The Fix

If you have started to receive messages stating ” Warning spyware detected on your computer ” then it should be quite obvious that your operating system has become infected with spyware. Spyware infections pose great threats to your computer system in that they can harvest personal data and manipulate system settings with the aim of causing instability and stealing information. So the question at this point is what to do when you get a message saying ” Warning spyware detected on your computer “.

When it comes to spyware removal you will find that the only safe and reliable way of removing these infections is to make use of spyware removal applications. If you attempt to uninstall or delete a particular piece of software which has an infection manually you could end up saving money but you will NEVER get rid of the infection completely. This is because infections like spyware and viruses are designed to spread, duplicate and infect other targeted files and configurations within the windows registry which can only be correctly removed with a spyware removal application. So this is why you should never ignore messages that say ” Warning spyware detected on your computer ” which is a common mistake that most people make thinking that it will go away.

Furthermore, pc security tools like these are capable of detecting infection signatures within the contents on your hard drive and will be able to show you what type of risk levels the infections possess as well as their names. So basically any website that offers information or cures on how to get rid of messages like ” Warning spyware detected on your computer ” will direct you towards some form of infection removal application. It is best to avoid free spyware removal tools as many of them are notorious for containing malicious infections themselves and could end up corrupting your system if you use them.

When it comes to using infection removal applications I can highly recommend Xoftspyse which continues to gain huge popularity and respect as the most effective spyware and virus remover on the web today. If you would like to scan your computer with the latest version you can download it directly at the link below.

Spyware - Eradicate It Now

Spyware removal has become a tedious work. As the spyware threat has worsened, a number of techniques have emerged to counteract it. Among these are

• programs designed to remove or to block spyware
• educating the users in such a way that spyware removal no longer is needed
• user practices which reduce the chance of getting spyware on a system.

Spyware remains a costly problem even with all new technology used to combat them. If a large number of spyware programs have infected a Windows computer, the only way to save the computer may be to back up user data, and fully reinstalling the operating system.

Anti-spyware programs

One of the markets most popular anti-spyware programs, Adwarealert will help you find and ultimately rid your computer of unwanted spyware software.

Many programmers and some commercial firms have released products designed to remove or block spyware. Steve Gibson's OptOut, , practially invented a growing category. Programs such as,

• Adwarealert
• Lavasoft's Ad-Aware SE
• Patrick Kolla's Spybot - Search & Destroy

rapidly gained popularity as effective tools to remove, and in some cases intercept, spyware programs.

Recently Microsoft bought the GIANT Anti-Spyware software, renaming it as Windows AntiSpyware beta and releasing it as a free download for Windows XP, Windows 2000, and Windows 2003 users. The renamed software for now exists as a time-limited beta test product that will expire at the end of July 2006. Microsoft is continuously developing and updating this product.

Antispyware protection, removal and antivirus

Major anti-virus firms such as Symantec, McAfee and Sophos have come later to the table, adding anti-spyware features to their existing anti-virus products.

In the beginning, anti-virus firms did not want to add anti-spyware functions, citing lawsuits brought by spyware authors against the authors of web sites and programs which described their products as "spyware".

However, recent versions of these major firm’s home and business anti-virus products do include anti-spyware functions. The spyware is treated differently from viruses though.

Symantec Anti-Virus, for instance, categorizes spyware programs as "extended threats" and now offers real-time protection from them (as it does for viruses). The drawback with these programs is that they are very complex and in many cases produce more hurdles to jump over then you as a user really need.

Like most anti-virus software, anti-spyware software requires a frequently-updated database of threats. As new spyware programs are released, anti-spyware developers discover and evaluate them, making "signatures" or "definitions" which allow the software to detect and remove the spyware.

If a spyware program is not blocked and manages to get itself installed, it may resist attempts to terminate or uninstall it. Some programs work together: when an anti-spyware scanner (or the user) terminates one running process, the other one starts up the killed program again, making it virtually impossible to clean the computer.

Some spyware will detect attempts to remove registry keys during the spyware removal and immediately add them again. Usually, booting the infected computer in safe mode allows an anti-spyware program a better chance of removing persistent spyware.

The most extreme way of cleaning is to move the hard drive to another computer, boot on the normal boot disk that computer has, and then clean the infected disk. You can also mount the infected disk over the local network and scan & clean it to remove as much spyware as possible.

It doesn’t matter what way you choose to clean your computer, but using a good spyware removal program will make your life much easier …

Browser Highjackers: Whats This Mean in Terms of Spyware?

There is usually alot of confusion within the term "spyware" but we clear one thing up today with this post. Hopefully we can clear one thing up with you.

Read on....

When you think of a hijacker, what comes to mind? Generally, people think of someone who takes over a situation and runs it the way they want to get what they want. This is the hard cold fact about hijacking, and while it is definitely less violent than a physical hijacking, the results can be all the same. Someone comes in, takes over, and in the end the innocent party minding their business is the one who loses. Welcome to the not-so -pleasant work of browser hijacking. When someone gains entry to your machine, you can almost be sure that they are going to tamper with all that you have available. First and foremost it is the Internet browser, this seemingly is the easiest target to get too, and they do utilize it to the fullest. When it is taken over, you can be sure you will have virtually no control over what they are doing. You will not be able to stop it, short of turning your machine completely off or disconnecting from the Internet. By this time, it will clearly be too late.

This, again, is a form of Spyware, and it generally hits home computers or small business machines that they can weasel themselves through. It is the easiest for their entry, if they are clustered in a group of programs, and they lay in wait for you to accept a harmless java download or active x offer. This is very common when someone is sharing music via a music share program such as Lime Wire or Kazzaa. Once the program recognizes that there is an opportunity for entry, it is designed to open a field of banners and graphics that look relatively safe and professional for a website or distributor. Once they have this download sequence in process, it is easy for them to unload multiple packets of tainted information. This is sent in prior to the infiltration itself. The reason this information is sent in first is to allow for the lowering of all guards and firewall properties. This is where the program spreads out within the new host system, it goes to the e-mail directory for future propagation, it attacks and seizes the Internet browser, and makes changes to settings to interrupt the flow of the computers workings.

Once the browser hijacking has taken place, it is easy for someone to remotely direct you to sites that are not on your agenda. Many times it will take you to porn sites, in the attempt to gain valuable information on you to use at a later date. This is pretty much done to establish a card password or number of the IP address in order to use the information from offshore accounts. This will then be set up to use your home number as a base so to speak, for a porn site, where thousands of dollars can amass quite quickly in your name. This Internet browser hijacking will redirect you to undesirable sites, and frequently tamper with your browser settings. This will make for very frustrating and aggravating surf on the web. If this program is strong enough, it will easily place time coded stamps on the entire e-mail list in your computer. What this will do is then send a segment of information to all your contacts, under your name of course. When the person views the name, it will be recognized as safe, and open the file that was sent. This is how the propagation is initiated. In turn infecting all contacts on the list that open the said mail packet. Not only will it attack your e-mail contact list and hijack your Internet browser, but also it will move files around in a shuffling fashion. This will then make difficulties for many of your programs to operate properly. Sometimes they will not start or operate at all. It is important to ensure that this menace is stopped, by keeping a close eye out on what you click on and download. Just because it looks fairly safe does not mean it is. It is up to you to ensure that you are not the next target, alert your friends on suspicious programs that you have seen, if you frequent the same sites as them.

Reading spyware reviews will be helpful when you are looking for anti-spyware

This title will explain already what this post is all about today so it typical style please

read on....

Using some type of anti-spyware program is very important for your computer. While surfing the net, you can pick up a lot of nasty infections. Spyware can function on your computer. For example, many people have had their systems crash from spyware. Or even worse some people have had their personal information stolen. Such a case is not rare. So you must equip your computer with anti-spyware. You can read anti spyware review to help make your decision if you are in the market for a spyware remover. Now there’s a lot of options out there. It’s worth taking some time to read up on which programs have a good reputation. Reading spyware reviews must be helpful when you are looking for anti-spyware programe.

U.S. federal court allowed CyberSpy Software to sell its spyware legally

This is bound to cause out rage. It has here, how can this be allowed to happen. Its like allowing spam to be acceptable. Spyware is wrong simple as that plus its highly annoying.

Read on....

According to the recent report of the PC World the U.S. federal court has allowed a Florida company that sells a spyware program to continue its business on condition it changes advertising pitches that emphasize the product's clandestine nature. Since November 6, 2008 CyberSpy Software has been unable to sell its RemoteSpy application on the score of the injection granted by the court after a complaint by the U.S. Federal Trade Commission (FTC).

CyberSpy marketed RemoteSpy by giving detailed instructions on how to install the program on computers and surreptitiously collect data, alleged by the FTC. In accordance with the court determination CyberSpy cannot formulate its offering to the customers as ‘the program can be secretly installed or that keyloggers can be passed on as innocuous programs.’ As for CyberSpy, in an earlier court filing the company claimed that it warned users against monitoring computers without a person's consent as long as it is illegal with the terms stipulated in the software's license agreement. The company alleges that RemoteSpy is intended for legal uses such as monitoring children's Internet browsing.

While under the court’s permission CyberSpy Software run by one person, Tracer R. Spence, goes on its activity the company’s heavy emphasis on spying and how to hide the program raised concerns from the Electronic Privacy Information Center, a Washington, D.C. based civil liberties advocacy group, which filed a complaint with the FTC in March. U.S. District Judge Gregory A. Presnell underlined the danger of CyberSpy‘s promotional and instructional material focused on the ability of RemoteSpy to invade the privacy of an unsuspecting victim.