Ok, so you’ve got a hardware firewall and you’ve got antivirus. You’re safe right? Well, not entirely. I’ve mentioned the flaws of antivirus. It’s always a step behind. A firewall doesn’t protect against unknown viruses, so what else is there to do? I’m going to tackle this in two steps. The first is to know what software is running on your system. Isn’t there a lot of that? How can I keep up?
Tag: legit
-
Interesting vector for browser vulnerability exploit…ebay
incidents.org has received a tip on an ebay item that contained some malicious script…
ISC reader Gareth Attrill pointed us to an eBay auction that has some escaped HTML code that sneaks in a link that tries to get a trojanized .jar (usage.jar) file loaded on anyone who loads the listing. The latest .dat for McAfee immediately detected (and deleted) the code as Exploit-ByteVerify. The lister most likely managed to bypass other protections that otherwise prevents this kind of code from being inserted into item listings. Both eBay and the ISP that is hosting the malware have been notified.
-
More phishing… Paypal is the target this time
Well, truth be told, your money is the target. Phishers are using information on a real class-action settlement to try to lure people in to entering sensitive information. The FBI is warning on these emails. Essentially they cite a (real) class-action settlement (with links) and claim that in order for PayPal to ensure that you receive payment, enter your information here….
-
GMail security problem fixed
Google’s not had a great week it would appear (Sony’s had worse… but that’s another story). The Analytics launch was somewhat rocky from most accounts and there is a GMail security bug that’s been announced and fixed. Details on the bug are here, and a writeup is also here.
Apparently a flaw in the authentication method that Google used could allow a user to log in under another account and read messages as well as pose as a legit user.
-
The wolf in sheeps clothing, software that claims to be anti-spyware, but installs more spyware on your pc
The bad news is that the spyware situation for home pc users can be murkier every day. I remember a particular user who once installed an antivirus program because a popup appeared claiming to have found viruses on his drive, next thing he knew he was having all sorts of spyware problems, viruses found all the time (to “prove” the antivirus component was running.), etc. etc.
Spyware Confidential has the story on the latest wolf in sheeps clothing, something called spyaxe. This link shows a screenshot of one fake warning. One problem is how to describe to people how to identify legitimate versus illegit popups and warnings.
-
Illegal to disable some spyware?
OK – for starters, the keylogger that sunbelt talks about here is a legitimate piece of software for sale. Like anything though it could have illegit uses. Apparently retrocoder is upset that Sunbelt’s software detects spymon and gives the option of disabling it. Spymon is a commercial keylogger. They’ve claimed that it’s against their EULA and copyright law to “reverse engineer” their product. More specifically they’ve complained as such….
-
Botnets and spyare
“It outta be illegal” is the first thing I usually hear as I start the long process of sanitizing a spyware infested windows machine. The fact is some parts of it ARE, some are just ethically questionable. The area that’s against the law is the part that involves tacking control of someone elses computer without their permission, either manually or in an automated way (exploiting a vulnerability to install a trojan or bot.) Today Brian Krebs is reporting on The connection between botnets and spyware at the securityfix.