Kerio Personal firewall will be acquired by Sunbelt according to the sunbeltblog. It looks as though the acquisition will be complete within a month. They hope to offer downloads “within weeks”. There will be a price reduction and discounts for Sunbelt users, and discounts for Kerio users on Sunbelt software. Also it looks like the free edition will continue.
Category: Security
-
More phishing… Paypal is the target this time
Well, truth be told, your money is the target. Phishers are using information on a real class-action settlement to try to lure people in to entering sensitive information. The FBI is warning on these emails. Essentially they cite a (real) class-action settlement (with links) and claim that in order for PayPal to ensure that you receive payment, enter your information here….
-
Spyware news and musings
It’s funny, in the last couple days 180solutions had a blog post that was somewhat… what’s the term I’m looking for ? well they were quite defensive and concerned about “anti-spyware zealots” about “Scanning companies” and trying to work with them to explain their business model. Of course, legal action is not something they want to pursue, but if the business talks with the scanning companies fail, well it’s an option. Some months ago they claimed to be trying to clean up their act. Supposedly they were to crack down on “affiliates” using unscrupulous means to spread their ad content.
-
Sony class-action suit picks up researcher Mark Russinovich as an expert witness
News continues on the Sony mess…. (Expect to hear about this for some time…) The researcher that informed the world about the Sony DRM rootkit, Mark Russinovich, has joined the class-action suit against Sony and First4Internet as an expert witness on the matter.
Russinovich said he opted to join the suit because he “wanted to make sure that a message was sent loud and clear to Sony and hopefully to the rest of the industry. And if a technical expert is required to back up the suit, then that’s what I’m willing to do to make sure that message gets driven home.”
-
MS IE Javascript exploit for zero-day (0-day) vulnerability
An exploit for last weeks zero-day (0-day) javascript vulnerability in Microsoft’s Internet Explorer is in the wild. I saw this post from Sunbelt a couple nights ago go up and disappear, at the time I didn’t have long enough to read it… It’s back today and there are instructions for mitigating the risk. However, there is still no patch from Microsoft and no word on when to expect one. According to the Sunbelt post the exploit in the wild is being used for browser hijacking/spyware install stuff.
-
Beware emails that sound too good to be true
A new phishing scheme is promising tax refunds in the amoutn of over $500 to recipients of the scam. Sophos has an advisory. It looks pretty devious – asking people to type in the link address (or copy and paste) and using URL redirect to make it use an official site to then redirect to the phony site.
-
Apple Security Update
13 Seperate vulnerabilities are addressed by the latest Apple security updates. 9 vulnerabilites exist in network facing services like the web server, a couple in the web browser, another couple in SSL (secure socket layer) handling. In other words, get updating.
-
Sun Java security updates/ Windows software update rant…
Incidents.org has the story on Sun’s release of new versions of the Java Runtime Environment and the Java SDK to fix some remote security vulnerabilities.
These security vulnerabilities could allow malicious, untrusted code to compromise a user’s computer. Sun recommends that users update to the newest version of the SDK and JRE available at http://java.sun.com .
-
Viruses and worms can come in from many directions
For a long time, email was the primary vector for viruses, before that floppy discs carried bugs from pc to pc. Then came network worms exploiting windows security vulnerabilities which led to the rise of firewalls and the increase in viruses piggy-backing into the system through browser bugs. But, any program that listens for data coming from the network could be an entry way for good traffic, or bad. The Securityfix is talking today about November being a record month for Instant Messenger worms.
-
Sony still dragging heels on DRM recall
New York’s Attorney General is trying to hold Sony’s feet to the fire. Over a week after the recall of the Sony discs carrying the controversial DRM Rootkit XCP, affected discs were still available for purchase at several retail outlets. From the betanews article…