Exploit Prevention in software

Monday, May 15th, 2006

There’s been a lot of talk about hardware enforced DEP as a mitigating factor in some of the exploits in the last six months. There’s also a new software product that can limit the impact of zero-day exploits. The software is for windows and is called SocketShield. Suzi at Spyware Confidential has taken it for [...]

How-to Remove SpyAxe and SpywareStrike

Tuesday, January 10th, 2006

There’s a good post at Spyware Confidential about the removal of the SpyAxe and SpywareStrike pests that are circulating widely these days. There is a good CastleCops Wiki page with Malware removal information on SpyAxe (With screenshots). Also, there is a good walkthrough of removal here, which includes instructions for smitremfix.    Send article as [...]

Another update to exploit?

Thursday, January 5th, 2006

I didn’t see this reported anywhere, but since yesterday when there was an update to the metasploit module for the WMF vulnerability I think there’s been yet another update. I read yesterday that it had been updated and could evade all known IDS signatures. I downloaded the update to continue my Win98 testing. Then today [...]

WMF 0-day update

Thursday, December 29th, 2005

Last night while I was in the midst of infecting a virtual machine, Microsoft issued a release that there’s a “possible vulnerability”… fortunately, their technical document is a bit more straightforward… technet advisory here. Spyware Confidential also has a good roundup on the coverage so far. There’s a bit more disturbing stuff coming too…    [...]

Lawsuit against 180solutions, eXact, Direct Revenue

Tuesday, December 20th, 2005

Things are going to be interesting. A lawsuit has been filed against the three listed above, everyone’s favorites…. 180solutions, Direct Revenue, and eXact Advertising. This is coming from the Sunbelt Blog who received a tip. The suit has been filed in California, the defendants want to move the suit to Federal Court.    Send article [...]

Top 10 spyware tricks of 2005

Tuesday, December 20th, 2005

You can tell we’re in the last 10-12 days of the year when we start seeing all sorts of year end retrospectives, year’s in review, countdowns of the top ___ of ___year ending___. Well, spyware has seen a banner year in many respects and Suzi at Spyware Confidential has a rundown of the top 10 [...]

Artists revolting against DRM

Friday, December 16th, 2005

This is under the security tab because DRM software protection has proven to be a computer security issue… Spyware Confidential is reporting on artists revolting against the Sony DRM. According to the story… My Morning Jacket, the artists who recorded the copy protected CD “Z” I mentioned here, are doing more than protesting Sony BMG’s [...]

Spyware’s likely suspect sites.

Friday, December 2nd, 2005

Spyware Confidential is writing of complaints from Wrestling fans of several wrestling related sites that have become sources of unsolicited spyware and adware installs. Some of them are aware of the spyware and encourage users to sign up for the ad-free service (pay) to avoid the problem. The spyware in many cases are installs that [...]

Spyware news and musings

Wednesday, November 30th, 2005

It’s funny, in the last couple days 180solutions had a blog post that was somewhat… what’s the term I’m looking for ? well they were quite defensive and concerned about “anti-spyware zealots” about “Scanning companies” and trying to work with them to explain their business model. Of course, legal action is not something they want [...]

Community site to help users understand EULA’s better

Tuesday, November 29th, 2005

This is a great lead from Spyware Confidential. There is a relatively new site out and about called eulascan.com. They allow user submitted comments on EULA’s (End User License Agreements). Of course, EULA’s are the terms and conditions that pop up on installing software and (these days) appear on the packaging of everything from software [...]

Web www.averyjparker.com

Switch to our mobile site