Guard Privacy & Online Security News & Information

About Guard Privacy & Online Security.com : Guard Privacy Blog Home : March 2006

March 1, 2006 17:28 - The True Extent Of The Hijacking Of Our PCs Is Revealed

Two news items reveal the extent to which crackers are hijacking millions of PCs, unknown to their users. And what do they use them for? Well, there are two main uses...
  1. To spy on what we are doing, in order to obtain our passwords, financial information and identities for theft and fraud
  2. To network our machines as groups of zombie PCs or botnets to send out millions of pieces of spam and spyware, or to threaten online businesses with Denial of Service attacks... unless they pay up!
The first news item carries the story of security researchers at the Honeynet Alliance, an international volunteer group conducting research into botnets. They maintain that mainstream Internet security companies have grossly underestimated the seriousness and threat posed by the global bot epidemic. They are the root cause of spam, scams, ID theft and DOS attacks and "we should pursue a root-cause solution, instead of treating the latest symptom," said one of the researchers. Earlier this year, the researchers tracked a botnet of more than 350,000 compromised PCs, scattered throughout dozens of countries on five continents... and this is just one of thousands of botnets. So, if you think your computer is safe... think again. To learn more about how your computer can become part of a botnet, read, Is Your Computer A Zombie PC?. The second news item is an interview with a young cracker, who manages a botnet of 13,000 zombie PCs. This interview really brings home how vulnerable we all are to this type of surreptitious attack on our computers. What are the effects of computer hacking? Read this article for all you need to know to guard privacy and online security against these malicious attacks.
To reference this entry please copy the url in this link: (Permalink)

March 2, 2006 20:00 - Free Or Buy Firewalls? Hardware Or Software?

Firewalls are critical to guard privacy and online security. If we connect to the Internet without a firewall and simply hope for the best, we are completely open to loss of personal information, identity theft and financial fraud. Our PC also can become hijacked and used as a zombie computer to launch attacks against other computers, or to spew out spam. We can buy firewalls or we can use a free download. We also have a choice of hardware or software firewalls. But which type is best for our situation? Well, it depends on how we use our PCs and what we use them for... and whether we are prepared to pay for our computer security. This article goes through the pros and cons of each type of firewall, supported by practical advice. Topics covered include...
  1. Why We Need A Firewall
  2. When To Use A Software Firewall
  3. When To Use A Hardware Firewall
  4. Firewall Limitations
Read the full article here.
To reference this entry please copy the url in this link: (Permalink)

March 3, 2006 17:46 - Phishing Kits Help Rise Of Identity Theft Information Criminals

The Anti-Phishing Working Group (APWG) reports that phishing attacks continue to increase, whilst security company Websense believes phishing kits are stimulating the problem. Phishing occurs when fraudsters mimic legitimate websites to steal credit-card numbers and other personal information from unsuspecting Internet users. The data is then used for identity theft and fraud. Victims are usually directed to the bogus website by a supposedly 'official' email. Examples of the reasons used to get us to go there include, to check our data, re-register, or confirm a recent purchase for, say, $200. This latter ploy works well, as a number of people will follow the false link in the email, knowing they haven't made a purchase of $200, but concerned that someone may have fraudently used their credit card! Phishing kits are software tools that can be used to easily create and manage phishing sites. They can include website graphics, content and spamming software... including email addresses! Websense considers these kits will fuel an increase in online fraud in the future. Read more... More identity theft information...
To reference this entry please copy the url in this link: (Permalink)

March 4, 2006 16:05 - How Computer Spyware Infects PCs And The Tell-Tale Signs

By being aware of the main routes for the installation of computer spyware, we can steer away from these sources of infection and reduce the amount of spyware loaded on to our PCs. Also, spyware can often show tell-tale signs of its presence... so, by looking out for these signs, we can be alerted early on to a possible infection. Running a spyware remover or blocker can then detect and eradicate this malware. There are three major ways computer spyware can make its way on to our PCs...
  1. Bundling or Piggybacking
  2. Internet Explorer Vulnerabilities
  3. Drive-by Downloads
And, depending on the type of spyware that plagues our computer, it sometimes can be easy to detect. However, most computer spyware is not so obvious or easy to spot and often, this is the most dangerous spyware. A lot of spyware is so sneaky it may give no indication at all that it's installed. That's why it's imperative nowadays for computer users to use spyware blockers and removers to detect and remove spyware. For details of how computer spyware gets on to our computers, the tell-tale signs and methods of protection, read more here...
To reference this entry please copy the url in this link: (Permalink)

March 5, 2006 20:02 - How A Denial Of Service Attack Stateful Firewall Works

A denial of service attack stateful firewall performs stateful packet inspection and monitors the state of network or computer connections to prevent Denial of Service (DoS) attacks. A firewall is like a barricade or wall. It is designed to keep in our personal information and to keep out intruders. The most useful thing our firewall stops is someone else remotely logging on to our computer. If our PC is compromised in this way, it can be turned into a zombie relay machine to send out floods of spam, or become part of Denial of Service (DoS) attacks against Web sites, such as those that occurred against Yahoo! and Amazon... and completely without the owners' knowledge. It's estimated that millions of machines around the world have been compromised in this way. Good software firewalls can also be configured so that only certain kinds of traffic are allowed to leave our computer or computer network. Hardware firewalls only prevent incoming intrusions. The article takes a look at the differences between hardware and software firewall operation and how they secure traffic flow to and from our computer. Read more...
To reference this entry please copy the url in this link: (Permalink)

March 6, 2006 17:25 - Have A Wireless Connection? Then Beware Of Freeloaders

It's not just hackers or computer geeks who are piggybacking -- the unauthorized tapping into someone else's wireless Internet connection. Ordinary upstanding people are at it also, with many saying the practice does not feel like theft. One occasional piggyback user recently compared it to "reading the newspaper over someone's shoulder." But piggybacking, makers of wireless routers say, is increasingly an issue for users who live in densely populated areas or apartment buildings and for hotels offering a wi-fi service, where the radio waves provide access to others in the area. Because so many users do not bother to secure their networks with passwords or encryption programs, it is easy for piggybacking to take place. Unfortunately, those victims of piggybacking can begin to notice that their high-speed Internet connection becomes so slow as to be unusable. Consumers should understand that an open wireless network invites greater vulnerabilities than just freeloading neighbors. Determined users could get into unprotected computers to infect them with viruses and worms, as a launching pad for identity theft, or the uploading and downloading of child pornography. Read the article... Learn how to achieve the best wireless router security.
To reference this entry please copy the url in this link: (Permalink)

March 7, 2006 18:52 - Mutant Varieties Raise The Spyware Stakes

Spyware authors are using new techniques to hide their programs from malware scanners. Spyware is surreptitiously downloaded by a click on an unsolicited e-mail, a link on a compromized Web site or installed by a small loader piggybacking on shareware or free software. With the new approach, known as mutating spyware, once on the PC, the software application starts downloading new code onto the system one small piece at a time, until the modules are assembled into a malevolent new threat. Many users never even know the software is on their systems until scanners pick up the messages the spyware sends - often containing sensitive passwords, logs of keystrokes or other information. Mutating spyware often relies on a complex distribution of servers that weave and dodge to avoid detection. A system serving music files the majority of the week may then switch to distributing downloadable spyware components for the rst of the week. Many new attacks are created by simply grafting together code bits from other, widely available viruses, trojans and spyware. To make things easier for malware writers, there are readily available toolkits, like Virus Creation Station 4.0 and Virus Creator PRO. Read the article... Learn about spyware and spyware blockers
To reference this entry please copy the url in this link: (Permalink)

March 8, 2006 20:30 - Microsoft Denies Vista Will Have A Backdoor

Microsoft developers have dismissed suggestions that, Vista, the next version of Windows, might feature a backdoor that allows the authorities access to encrypted files. Vista is due to feature hardware-based encryption, called BitLocker Drive Encryption, which acts as a vault to protect sensitive data in the event of a PC being either lost or stolen. A Microsoft spokeswoman told The Register, "Windows Vista is engineered to be the most secure version of Windows yet. It is our goal to ensure enterprise users have full control over information on their PCs. Microsoft has not and will not put 'backdoors' into Windows, its BitLocker feature, or any other Microsoft Products." A Microsoft developer added to this by denying Microsoft is working with governments to create a backdoor into BitLocker. He stressed that in the unlikely situation that Microsoft is forced to include a back door by law, the company will either announce it publicly or withdraw the entire feature.
To reference this entry please copy the url in this link: (Permalink)

March 9, 2006 20:11 - Symantec Reports Internet Attacks Are Increasing

In its recent Internet security threat report, Symantec concluded that online threats are rising and with profit in mind. The report covers the six-month period from July to December, 2005 and shows attackers are moving away from large, multiple-purpose attacks against routers and firewalls. Instead, they are targeting desktop and Web-based applications that provide an entry point to corporate, financial and personal information. Malicious code threats that could reveal confidential information rose from 74 percent of the top 50 malicious code samples last period to 80 percent this period. Cybercrime-related threats are gaining momentum through the use of what is known as crimeware -- software tools built with the purpose of committing online scams and stealing information from consumers and businesses, according to Symantec. Programs that provide attackers with unauthorized control of a computer, known as bots, also contribute to the rise in cybercrime threats. While the number of bot-infected computers is 11 percent lower than last period, bot networks are increasingly used for criminal activities such as denial of service (DoS) based extortion attempts. Symantec noted that bot networks are being used increasingly for activities like denial-of-service attacks and extortion attempts. China experienced the largest increase in bot-infected computers, the report stated, most likely related to the country's rapid growth in Internet connections. Phishing threats, which are attempts to deceive users into revealing confidential information, continued to increase during the last half of 2005. Read the article
To reference this entry please copy the url in this link: (Permalink)

March 10, 2006 21:29 - Firefox Plans Anti-Phishing Feature

Mozilla Firefox is planning a phishing shield for Firefox 2, planned for release in the third quarter of this year. According to Silico.com, Mike Shaver, a technology strategist at the company which oversees Firefox development, said: "Everybody understands that phishing is a significant problem on the web. We are putting anti-phishing into Firefox, and Google is working with us on that." Phishing is a growing menace that attempts to steal sensitive data such as user names, passwords and credit card details. With the continued rise in online attacks, security tools to warn users of fraudulent web sites are becoming more available. Microsoft plans to include features to protect surfers against online scams in Internet Explorer 7, due later in 2006. While Firefox 2 will get a phishing shield, no decision has been made on how it will be incorporated into the Firefox browser. Shaver reported that Google had contributed code and expertise to the project. Although IE and Firefox, the two most-used web browsers, don't currently include anti-phishing features, there are browser add-ons that guard against such scams. These free and commercial anti-phishing programs (see How to Have the Best Internet Identity Theft Protection) use a variety of techniques to guard privacy against these scams and ID theft. They include blacklists of known fraudulent websites, white lists of good sites and analyses of web addresses and web pages.
To reference this entry please copy the url in this link: (Permalink)

March 11, 2006 20:06 - UN Says ISPs Should Be Forced To Block Spam

The International Telecommunication Union (ITU), the UN organisation responsible for global telecoms standards, has recommended that ISPs be required to enforce codes of conduct regarding their customers, and to block spammers' email access. Althogh some ISPs are spending large amounts to combat spam, a smaller number profit from carrying spam or take no action. The ITU said that most anti-spam laws are targeted at hunting down and prosecuting spammers, which is an expensive option and needs to change. It is seeking "a level playing field" so all ISPs take action against spam, especially those who are currently ignoring or aiding the threat. The ITU is proposing legislation requiring ISPs to set up codes of conduct. These would be set up voluntarily and submitted to telecommunications regulators for approval, who would further ensure standardisation. It seems that a number of ISPs have made great strides against spam, probably motivated by legislation avoidance. But because the ISPs are reluctant to "police" customers, spammers have gone unchallenged and so the ITU is convinced it is now time to legislate. Read the article... Click here for advice on spam and how to reduce its risks.
To reference this entry please copy the url in this link: (Permalink)

March 13, 2006 14:39 - Skype Internet Calls Guard Privacy. But There Are Some Negatives

Skype is a high-quality, encrypted Internet telephony system, known as Voice Over Internet Protocol (VOIP). It was released in 2004 by the creators of Kazaa, the popular file-trading system and now has millions of Internet users. Every Skype user has a unique Skype user name and password to log in, which the network then verifies. Once logged in, you can initiate a call through your computer to any other Skype user, who also has to be logged in. Unlike other VOIP systems, Skype uses a protocol that's both proprietary and secret. All communications are encrypted with a 256-bit advanced encryption standard, which is great for those concerned about eavesdroppers. However, this also makes Skype a problem for many companies. For organizations such as investment companies that are required by law to monitor communications between their employees and their customers, Skype is an untappable voice gateway and can tunnel through, over or around most kinds of firewalls. The advantage to the individual is that Skype is more secure than most cell phones, which have their encryption disabled, or landlines that don't have any encryption at all. Skype does have its negatives. The first is that the Skype client running on your computer can and will relay calls between other network users without your knowledge. That can pose a problem on networks that have only a small bandwidth. The other drawback is that bad guys can, of course, use Skype to send worms and viruses. So ensure you block files transmitted by anyone you don't know or integrate Skype with your computer's antivirus system. Read the article
To reference this entry please copy the url in this link: (Permalink)

March 14, 2006 20:53 - A Review Of The Different Types Of Spyware

According to various studies, 80-90 percent of all Internet-connected computers are infected with spyware. Spyware silently installs on to our PCs and can be downright malicious or just plain annoying. Although there are many different types, spyware can be categorized into two broad classifications...
  1. Surveillance or monitoring spyware
  2. Advertising spyware or adware
Surveillance or monitoring spyware is the more serious and malicious type of spyware and can,
  • scan your hard drive for all information it contains
  • search programs
  • monitor keystrokes
  • change your browser's home page
  • scan browser history for web sites visited
  • monitor various aspects of your computer and Internet activity
Read the full spyware review
To reference this entry please copy the url in this link: (Permalink)

March 15, 2006 21:43 - Google Likely To Hand Over Information

A federal judge in California said that he intends to order Google to give up data on users' search queries after the government significantly reduced the scope of its original request. U.S. District Judge James Ware said he would issue a final ruling "very soon." The US government requested last year that Google hand over all search queries, and the URLs that they identify, over a one-month period. They later revised the request to one million URLs and one week of anonymous search queries. The US Department of Justice claimed that it required the information to revive a law that aims to shield children from online pornography. Google refused to comply with the request, arguing that it constituted a violation of privacy rights and that its database is a trade secret. Google's decision prompted the DoJ to file a lawsuit in January, this year. The Justice Department downplayed Google's concerns. It argued privacy rights would not be trampled because the information requested would not identify individuals or be traceable. During the hearing, the judge said he was likely to "grant some relief" to the government, in the form of search results for random web addresses. Read the article
To reference this entry please copy the url in this link: (Permalink)

March 16, 2006 18:27 - Will AOL Make It Easier For Spam To Get Into User's Inboxes?

AOL (America Online) is the USA's best-known mass mailer. But it is under fire for the way it plans to handle mass mailings online in the future with its plan to create a priority lane for commercial e-mail. It has been reported that starting later this month, companies can pay to be added to a certified e-mail delivery system run by an AOL contractor, Goodmail Systems. By abiding by Goodmail's rules, their messages will be delivered straight to AOL users' inboxes, and bypassing AOL's spam filters. Advocacy groups, businesses and charities have protested against the plan, warning that the fees would create a two-tiered Internet... a reliable one for wealthy e-mailers and an unreliable one for everyone else. Because it's free, anonymous and tricky to authenticate, e-mail is plagued by virus writers, phishers, scammers, spammers and a host of other malware proponents, intent on stealing our personal information or selling us something. Goodmail vouches for the authenticity of both the companies that use its certified e-mail system and the messages they send. That gives banks, fundraisers and service providers a way to assure AOL customers that they are who they say they are. However, AOL's plan also offers mass marketers an easy way to evade spam filters. Protect yourself from spam by using a spam blocker and these tips.
To reference this entry please copy the url in this link: (Permalink)

March 17, 2006 12:16 - The 20th Anniversary Of The Computer Virus

The article in Enterprise Security Today marks the 20 year anniversary of computer viruses. Not much to celebrate here, you may think; but going through the history of virus development, we can get a feel for just how virus writers have changed tactics to try to keep ahead of technical and antivirus developers. The Brain virus is credited with being the first mass virus, detected in 1986. It only infected the floppy disks of the time, but still managed to spread around the globe... without the aid of the Internet or e-mail! As the Internet and e-mail gained popularity, so macro viruses overtook the boot-sector viruses. In 1996, Concept became the first cross-platform virus, infecting both the PC and the Mac. Concept also added 'social engineering' to the game, using tempting subject lines to get users to open email files. The Melissa virus, in 1999, changed play again, with the term "zero-day vulnerability" describing its release and rapid infection. Then came the worms that could self propagate, exploiting users' e-mail, executables, network shares, or Web server vulnerabilities. After 20 years, viruses are ever present and able to attack any development with Internet access. No computer, PDA, cell phone, or MP3 player is safe, making antivirus protection absolutely critical. Learn more... Computer Virus Definition And How Viruses Affect Us
To reference this entry please copy the url in this link: (Permalink)

March 18, 2006 13:21 - Norton Takes Out AOL

First we had the McAfee update last week, which started deleting or quarantining Excel. Now we have an update to Norton AntiVirus and Norton Internet Security, which resulted in the disconnection of AOL dial-up and broadband users. "This update incorrectly detected traffic patterns used as part of the AOL connection as a potential risk," Symantec said in a statement. They went on to say, "As a result of the incorrect update, AOL dial-up customers lost their connection and AOL broadband users were unable to access AOL servers. The erroneous update was removed from Symantec’s servers about seven hours after it was released, and a corrected version was posted". Read the article. The problem for these users is, because they can't get online, they can’t get the LiveUpdate to fix the issue. So, Symantec is advising its customers to disable their Norton security software, then go online to get the update. If you're one of these customers and don't know what to do, try to get hold of another computer or connection and log on to the specific help page at Symantec. Unfortunately, Symantec don't provide a telephone contact unless you go through their website... and then there's some form filling to go through before you're granted one. I would have thought a special telephone helpline would have been set up for this problem they've caused their customers.
To reference this entry please copy the url in this link: (Permalink)

March 19, 2006 18:20 - The Subpoena For Google's Information Is Minimized By Judge

On Friday, Judge James Ware denied the Justice Department's full demand for access to some Internet search queries of Google users.

Federal lawyers earlier this week slashed their Google request to 5,000 randomly selected search terms entered by users and 50,000 website addresses in the company's searchable index.

Ware granted the request for the Web addresses but declined to force Google to release the search queries. He wrote in his 21-page ruling that he was balancing the government's need to gather data against Google's expectation that it could operate without undue interference or fear that its trade secrets might be revealed.

The ruling was a victory for Google, which argued that handing over the records would violate the privacy of its users.

"We will always be subject to government subpoenas, but the fact that the judge sent a clear message about privacy is reassuring," said Google's associate general counsel, Nicole Wong. "What his ruling means is that neither the government nor anyone else has carte blanche when demanding data from Internet companies."

Unfortunately, the huge amount of personal data gathered and stored by sites like Google will remain irresistible to investigators.

"This issue is going to come up over and over again," said Cindy Cohn, legal director of the Electronic Frontier Foundation. "I don't think this should make anybody very comfortable about the future. Google still has this stuff and people will still try to seek it."

Read article...



To reference this entry please copy the url in this link: (Permalink)

March 20, 2006 15:52 - New, Refined, Spyware Trojans Aim To Make Money

PC Tools, an Australian antivirus company, has discovered a new piece of spyware -- a keylogging Trojan that captures mouse clicks as well as key strokes.

PWSteal-Bancos-Q targets customers of online banking and financial institutions. Although primarily operating in Brazil, the company have warned that variants may affect financial sites worldwide.

This is a further refinement by malware writers as the technique is designed to overcome the use of virtual keyboards by many online banking sites in an effort to avoid keylogger infections.

A second Trojan called "Zippo.a" and also known as "Cryzip", hijacks files by moving them into password-encrypted ZIP files. It leaves a message for the victims informing them on how they need to pay $300 to an E-Gold account to recover their data.

Sophos experts who have analysed the Trojan horse have determined the password used to encrypt users' data. For anyone unfortunate enough to be caught by this Trojan, the password is "C:\Program Files\Microsoft Visual Studio\VC98".

A good antivirus program will remove Trojan threats from your computer. To learn more, read What's Key To The Best Antivirus Program?


To reference this entry please copy the url in this link: (Permalink)

March 21, 2006 16:55 - Claims That Windows Vista Has Spyware Licked

Windows Vista, Microsoft's awaited successor to the Windows XP operating system, is supposedly built around security.

Some analysts are predicting the operating system could spell the demise of spyware writers as well as the anti-spyware companies. But where is all this confidence coming from? Take for instance, the following comments...

John Pescatore, who is an analyst with Gartner said "The spyware threat will definitely shrink or shrivel. We got a handle on spam. It still gets through, but it is such a small percentage now, we know how to deal with what gets through. That same thing will happen to spyware. It will be under control."

"We have taken out a significant number of the attack vectors that spyware authors use today," said Austin Wilson, a director in the Windows Client group at Microsoft. "We're not saying that spyware will be gone because of Windows Vista. We do think we will make a significant impact."

"The aftermarket for Windows anti-spyware is going to dry up almost completely," said Yankee Group analyst Andrew Jaquith. "Windows Defender is going to become the default anti-spyware engine, certainly for most consumers that have Vista machines."

Gartner's Pescatore agreed. "Integrating Windows Defender into Windows Vista is sort of the last nail into the standalone anti-spyware coffin," he said.

Personally, I think these judgements are a little premature. I have been using Windows Defender since its inception, when it started out as Windows AntiSpyware Beta and in my commercial and free spyware remover tests, it always was -- and still is -- behind the top commercial antispyware programs, such as CounterSpy, in the detection and removal of spyware.

In addition, we know that when the anti-malware developers bring out a more effective "anti" product, the malware writers develop a more sophisticated product. Well, I for one, am not going to hold my breath for Vista!



To reference this entry please copy the url in this link: (Permalink)

March 22, 2006 19:49 - Zombie PCs Used In New Type Of Denial-Of-Service Attack

VeriSign has reported a powerful new denial-of-service (DoS) attack that hits the infrastructure of the Internet by exploiting the computers that manage online traffic -- the Domain Name System (DNS) servers.

The aim of these attacks is similar to traditional DoS attacks -- to extort money from companies. Failure to pay up results in the attack, which overloads the Website servers. This causes the servers to crash and renders the Website inoperable. For retail and financial sites relying on online financial transactions, the effect can be devastating.

This newer technique is far more potent because it launches using fewer hacked computers -- often compromised home computers -- known as botnets or zombie PCs, and is far more overwhelming.

VeriSign Chief Security Officer, Ken Silva, explained the new attacks use a set of zombie PCs that send out a torrent of queries. The difference is that these queries are sent to the DNS servers with a forged return address, which directs responses to the intended victim's servers.

So, instead of the bots directly attacking the servers, as in traditional attacks, it is the DNS servers that end up attacking the targeted Web sites. The DNS servers are performing their normal function as the directory service for the Internet and ensuring that requests for data are routed to the correct site.

Because the returned results contain significantly more information than the original request, the victim's network receives thousands of fraudulent messages that amount to gigabytes of information... making it far more powerful than a standard DoS attack.

Read here for What Are The Effects Of Computer Hacking? and how to prevent becoming part of a zombie PC network.

To reference this entry please copy the url in this link: (Permalink)

March 23, 2006 21:51 - Research Shows Firefox Browser Safer Than IE

A study of spyware drive-by installations by the University of Washington, has shown the Firefox browser to be more resistant to spyware risks than Internet Explorer.

The researchers conducted a crawler-based examination of both executable content and scripted page content, covering 20 million URLs. Nearly 20% of the domains examined contained executable programs, with 4.4% of the domains containing piggy-backed spyware.

Even though the largest portion of spyware was adware, 14% of the spyware contained malicious functions, such as Trojan downloaders and dialers.

Using Internet Explorer, drive-by downloads were attempted by 1 in 250 URLs and drive-by attacks that exploit browser vulnerabilities occurred in 1 in 500 URLs. 1 in 62 domains contained at least one scripted drive-by download attack.

When the team examined whether the Firefox browser was susceptible to drive-by installations, they found that only 0.08% of examined URLs performed a drive-by download installation. However, all of these required user consent in order to succeed. There were no drive-by attacks that exploited vulnerabilities in Firefox.

To find out more about spyware, IE and Firefox, see Spyware Blockers & Browsers.

To reference this entry please copy the url in this link: (Permalink)

March 24, 2006 20:47 - StopBadware Condemns Four Applications That Compromise Online Security

In its first report, StopBadware.org condemns Kaaza and three other programs as "badware", their synonym for malware.

You may ask, "Who or what is StopBadware?"

Well, StopBadware.org is a "Neighborhood Watch" campaign aimed at fighting "badware". The organization seeks to "provide reliable, objective information about downloadable applications in order to help consumers make better choices about what they download onto their computers."

The organisation is led by Harvard Law School's Berkman Center for Internet & Society and Oxford University's Oxford Internet Institute. It is supported by several prominent tech companies, including Google, Lenovo, and Sun Microsystems.

So, which are their first targets and what are the reasons for bringing them to our attention?...

  1. Kaaza, the file-sharing program, was criticized for misleadingly advertising itself as spyware-free, not completely removing all components during the uninstall process, interfering with computer use, and making undisclosed modifications to other software.
  2. MediaPipe, a "download manager" that provides users access to media content, does not fully disclose what it is installing, does not completely remove all components and "obligations" during the uninstall process, and modifies other software without disclosure.

    One of it's outrageous behaviors is reserving the right to charge users even after the software is uninstalled!

  3. SpyAxe, claims to detect and remove 'potentially undesired items'. It fails to uninstall completely, is difficult to exit without purchasing the full version of the product, and it interferes with computer use and modifies other software without disclosure.
  4. Waterfalls 3, a screensaver from Screensaver.com was found to include components that are generally considered spyware, is bundled with a Trojan horse-like program, and modifies other software without disclosure.

    The spyware is called Webhancer, which monitors Web sites visited by the user and reports this information to a remote server.

We are constantly at risk from spyware when we are connected to the Internet. See how we put ourselves at risk and how we can protect ourselves at Commercial & Free Spyware Remover Programs Tested.

To reference this entry please copy the url in this link: (Permalink)

March 25, 2006 20:17 - 'Extremely Critical' Vulnerability In Internet Explorer

After confirmation earlier this week that it was examining two flaws in Internet Explorer (IE) that could result in the loading of malware into the browser or a Denial of Service attack, Microsoft now has to deal with the revelation of a third vulnerability.

The new flaw in IE was discovered by Danish vulnerability company, Secunia, who have categorized it as "extremely critical".

In an advisory, Secunia described the latest problem as "an error in the processing of the "createTextRange()" method call applied on a radio button control. This can be exploited by e.g. a malicious web site to corrupt memory in a way, which allows the program flow to be redirected to the heap. Successful exploitation allows execution of arbitrary code."

Microsoft, in their advisory, stated, "an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. In an e-mail based attack, customers would have to click a link to the malicious Web site or open an attachment that exploits the vulnerability."

While awaiting Microsoft's monthly security update for this vulnerability, Secunia advises users to protect themselves by disabling Active Scripting in IE.

On the other hand, you could switch your browser to a safer alternative. Take a look at Internet Privacy and Security... Safer Browsing, to find out more.

To reference this entry please copy the url in this link: (Permalink)

March 26, 2006 09:42 - Spyware Even Breaches Government Securuty... So, What About The Rest Of Us?

SecurityPark have reported on a security audit on a government organization, conducted by Finjan.

For a one week period, information on the surfing activities of 25,000 users was scanned by Finjan. They analyzed the data to determine breaches of the government body's security policy. For the week, there were 171,000 breaches, including 37,323 instances of access to Spyware sites, 7,660 attempts to exploit Operating System/browser vulnerabilities and 284 instances of spyware.

Finjan commented, "Today the writers and purveyors of malicious code are finding ways of bypassing widely-deployed anti-virus and firewall solutions in order to infiltrate internal systems and machines. These methods exploit users' familiarity with active content, as well as our conditioned response to click "OK" on pop-up windows in web based content."

For the rest of us, there's a good reason to install commercial and free spyware remover programs... spyware now surpasses viruses as the biggest threat to our PCs and personal information.

The AOL/National Cyber Security Alliance (NCSA) Online Safety Study, found that four in five of home PCs are infected with spyware. What's more, over one-third of PCs contain serious monitoring spyware and Trojan horses. The NCSA wants to encourage more home and small office PC users to protect their sensitive personal and financial information from spyware.

However, you need more than spyware removal programs to get the best protection against spyware -- for the additional tools and know-how, check out Commercial & Free Spyware Remover Programs Tested.

To reference this entry please copy the url in this link: (Permalink)

March 27, 2006 19:58 - Brits Have Insufficient Protection For Internet Privacy And Security

Although British consumers awareness of Internet threats may have increased, they are not doing enough to protect themselves.

Evidence for this came from a study by AOL who questioned users' knowledge of online security and the protection they were using. Even though 86% were concerned about security, only 48% use any specialist protective software. 20% rely on their ISP to protect them and 16% do nothing at all to protect themselves when online.

Even knowledge of contemporary threats is sketchy. For instance, three quarters of those questioned understood the term "virus", but only 18% knew the term "phishing".
Read the article.

To see a summary of what threats are lurking as soon as you connect to the Internet, take a look at The Impact Of Computer Internet Security Risks Explained.

Just as important, however, as the AOL study shows, is this knowledge needs to be turned into protection. However, many people are baffled as to what they need. For instance, what software protects against what and is there any duplication with the different types of software?

The article Internet Privacy And Security... How To Decide What's Essential, helps those who are fazed by choosing the right software to guard privacy and online security by splitting protection into three levels...

  1. The first is what's critical for Internet privacy and security? This is protection software that you MUST have installed on your PC and will protect you from the severest threats.
  2. The second is the Advisory Level for Internet privacy and security. This protection works in conjunction with the critical level to give you optimum protection for you, or your family or your home business. It's your choice whether to install this protection.
  3. The Personal Level for Internet privacy and security is mainly about specialist software for people who wish to guard privacy to a more sophisticated degree

To reference this entry please copy the url in this link: (Permalink)

March 28, 2006 15:30 - Russian DIY Kits For Spyware And Trojans

An article in The Register describes how a do-it-yourself spyware creation kit is being sold on a Russian Web site for less than $20.

The kit, called WebAttacker, includes scripts to simplify the task of infecting computers and also spam-sending techniques which lure victims to bogus Web sites.

Topical spam messages, such as bird-flu protection or claims that Slobodan Milosevic was murdered, carry links to the bogus website. Visitors are exposed to malicious code that can be executed via browser and operating system exploits, resulting in the installation of a keylogger or banking Trojan, for instance.

This isn't the first time DIY kits for malware have been made available from Russia. Earlier this year, researchers at Sunbelt Software uncovered a Website program that was being used to create keylogging and Trojan horse programs to target banking customers in the US, UK and Canada.

The program provides an easy-to-use interface for creating new variants of a Trojan horse known as WinLdra. These variants can steal credit card numbers and online banking log-ins from machines on which it is installed, and can direct e-Gold payments into an account owned by the attacker. The program makes it easy for even unsophisticated hackers to create a specialized Trojan horse program.

Users are also given detailed instructions for deploying the Trojan program and for transmitting stolen information back to a computer controlled by the attacker. The infected machine can even be turned into a zombie PC and controlled remotely.

One feature even allows the attacker to provide an account number for online payments company e-Gold Inc. If a user on the infected machine attempts to make a payment using that service, the Trojan will reroute the payment to the attacker's account.

Learn more about surveillance spyware, such as Trojans, at Spyware Review.

For spyware/Trojan protection, visit Commercial & Free Spyware Remover Programs Tested.

To reference this entry please copy the url in this link: (Permalink)

March 29, 2006 19:04 - Largest Ever Spam Fine For Internet Marketer

The U.S. CAN-SPAM Act has teeth after all. The Internet marketer, Jumpstart Technologies, has been fined $900,000 -- the largest amount so far -- by the Federal Trade Commission (FTC) for violating the Act.

Jumpstart offered free movie tickets to consumers in exchange for the names and e-mail addresses of five or more of their friends, the FTC said.

Jumpstart then sent the friends e-mail with the original consumer's e-mail address in the 'From' line and a personal subject line. In many instances, the subject lines falsely indicated that their friend was sending them free tickets. Many people who tried to opt out of the promotion kept getting similar messages for weeks afterwards.

The FTC's complaint also alleged that the company engaged in deceptive advertising by misleading consumers about the terms and conditions of the FreeFlixTix promotion.

To qualify for a "free" movie ticket, some consumers had to submit their credit card information to one of Jumpstart's advertising partners and sign up for one of their promotions. Some of Jumpstart's advertising partners required that consumers pay for the promotion, while others made "free" offers that consumers had to cancel at a later date to avoid a charge.
Read the full article

Read the article on Advice On Spam & How To Reduce Its Risks.

To reference this entry please copy the url in this link: (Permalink)

March 30, 2006 20:48 - What's At The Heart Of An Anti-Virus Program?

The effectiveness of an anti-virus (AV) to detect and remove viruses is all about its scanning engine.

The scanner identifies viruses using 'signature' files -- small files which show a pattern, like a fingerprint, similar to that shown by known viruses.

AV companies use 'honeypot' computers to capture viruses in the wild so that new signature files can be developed. As soon as they are, the virus signatures are made available for download to our AV program.

As new viruses are released every day, it makes sense to have an antivirus that provides signature-file updates at least on a daily basis. Some AV programs update signatures on a 3 hourly, or even hourly, basis.

Scanning software looks for a virus in one of two ways...

  1. With the signature files loaded on the computer, the scanning engine searches for matches to the signatures of known viruses. Most scanning software will catch not only the initial virus but many of its variants as well, since the signature code usually remains intact.
  2. In the case of new viruses for which no antidote has been created, a top anti-virus scanner will employ heuristics that look for unusual virus-like activity on our system.

Read more about anti virus programs

To reference this entry please copy the url in this link: (Permalink)

March 31, 2006 20:09 - Veritest Shows Webroot Enterprise SpySweeper More Effective Than Two Other Competitors

Webroot has reported that according to independent tests carried out by Veritest on three enterprise spyware removers, Webroot Software's SpySweeper came out tops.

The results, from tests over four months, showed Webroot Spy Sweeper Enterprise 2.5.1 was nearly twice as effective as McAfee Antivirus Enterprise with AntiSpyware Module 8.0 and more than three times as effective as Sunbelt Counterspy Enterprise version 1.5.268.

The method included a test bed of two hundred randomly selected pieces of spyware, in the adware, system monitor, and Trojan categories. Each product was judged on its ability to detect and remove each piece of spyware.

Overall, Webroot fully cleaned 94 percent of the entire test bed, McAfee cleaned 53 percent and Sunbelt only 26 percent.

It's not surprising SpySweeper was superior to McAfee. Generally, the specialist spyware remover companies, like Webroot and Sunbelt, have been in the spyware game far longer than the mainstream security software companies and their databases and products still tend to dominate.

But it is a surprise that Sunbelt Software fared so poorly. Their CounterSpy product for the home computer has won many awards for most effective product etc, and came second in my own tests (although this was a few months ago).

Many of us will be wondering if the large test difference between the SpySweeper and CounterSpy enterprise versions will be translated into the home versions.
Learn more about SpySweeper

To reference this entry please copy the url in this link: (Permalink)

February 2006 «  » April 2006

 

 RSS
RSS Feed For This News

Guard Privacy Blog Home | Archives| Internet Privacy & Security Risks... News! | Guard Privacy... Hot New Topics | Spyware & Spyware Blockers... News! |