Guard Privacy & Online Security News & Information

About Guard Privacy & Online Security.com : Guard Privacy Blog Home : September 2006

September 1, 2006 14:19 - New Web Browser To Guard Privacy

The new Browzar web browser claims to allow users to search and surf the web without leaving any visible trace on the computer being used. It's also free.

Browzar is currently in the beta development stage... in other words, you can download it and use it, but there may still be some glitches which will become apparent with usage. It is available for the Windows operating system only and shares several components with the Internet Explorer browser.

Browzar is a project by Ajaz Ahmed, who pioneered Freeserve, the free Internet provider business in the UK. In talking about the benefits of Browzar, he said, "We divulge masses of information about our habits, hobbies and financial dealings while online, often unknowingly, and there are times when all of us would rather this was kept private."

He added, "Using Browzar, anyone can surf the Web privately in the knowledge that no-one will stumble across the sites they have visited when using the same computer."

Browzar helps you guard privacy primarily because it doesn't have a cache (retentive memory). Here are the main privacy features of Browzar...
  1. It doesn't store a history of previously visited websites, so another user can't see where you've been on the Net.
  2. It doesn't store cookies, so websites can't track your browsing habits.
  3. It doesn't offer to auto-complete online forms because it doesn't remember information like passwords, account numbers, credit card numbers or names and addresses. This particular feature helps prevent identity theft or fraud, by not disclosing your personal information to others.
  4. It removes all temporary files when the browser is shut down, so anyone examining your computer can't see where you've been or what you've downloaded.
As the Browzar program is a small size at 264K, it only takes a few seconds to download. It doesn't require you to go through an installation process... you just download Browzar to your desktop and use it straight away.

You can download your free copy from Browzar
To reference this entry please copy the url in this link: (Permalink)

September 4, 2006 18:52 - The Increasing Threat Of Trojan Horses In Spam

According to Sophos, Trojan horses accounted for more than 7 out of every 10 new threats faced by users in August.

The analysis by Sophos showed that 71.8 percent of the new malicious code was Trojan, with nearly 2,000 new exploits.

This trend has been increasing over the last few months. What's been happening is that fewer mass-mailers (malware that can mass mail itself to other email addresses) are being delivered via spam... instead, more Trojans are being delivered to our inboxes via emails.

These Trojans are being delivered in massive quantities, according to TrendMicro's blog. However, because antivirus vendors can release signatures to detect and remove these Trojans within the same day of their release, malware writers have one spam run of a day, two at most. Then they release another variant, causing the AV vendors to respond again.

For instance, TROJ_YABE.R was first intercepted late July 4, 2006. By the next day TROJ_YABE.R was no longer seen being spammed.

Two weeks later, TROJ_DLOADER.DHX made its debut, but again for only a day.

BKDR_HAXDOOR.IL started very late on August 28, and peaked the next day. The day after, no more email samples with BKDR_HAXDOOR.IL were seen.

Learn how Trojans can affect you and how to protect yourself

To reference this entry please copy the url in this link: (Permalink)

September 6, 2006 16:50 - Wi-Fi Security Warning Becomes Law

From 1 October next year, manufacturers will be required to place warning labels on all Wi-Fi equipment.

The law has been passed by California legislators and will force makers of wireless internet equipment to include guidance on keeping data secure on wireless connections. The law is awaiting signature by Governor Arnold Schwarzenegger.

The warnings can take the form of box stickers, notification in setup software, notification during the router setup, or through automatic securing of the connection. One warning sticker must be positioned so that it must be removed by a consumer before the product can be used.

The legislation appears to have been motivated by concerns over "piggybacking", the term used to describe leaving a Wi-Fi connection open which others can use.

The problem for the computer owner is -- as some court cases have shown -- the connection may be used for illegal downloads etc; and it may be the owner who gets accused. Another problem is that a wily cracker can gain access to the computer through the wireless connection.

The legislation acknowledges disagreement in the US as to whether it is legal for someone to use another person's unprotected Wi-Fi connection. However, there are also federal laws, including the Computer Fraud and Abuse Act that prohibit the intentional access to a computer without authorization."
Read the article
To reference this entry please copy the url in this link: (Permalink)

September 8, 2006 14:37 - Spammers Conspire With Companies To Cheat Stock Market

Spammers have introduced a new tactic to their "pump and dump" schemes. The term is used to describe email recipients being offered bogus insider information about a company's share price.

The aim of the spammer is to lure enough victims into buying the stock, in order to ramp up the share price. The spammer, having bought the stock sells at a profit. However, victims could be left with a loss or worthless shares.

Recent research by academics into share spamming revealed that recipients of spam e-mails could lose 8% of their investment in just two days. However, spammers already holding the stock in the companies they "pump" could see a return of between 4.9% and 6% for their efforts.

In the new tactic, discovered by SophosLabs, spammers have begun approaching firms, offering to raise their share price in exchange for a percentage fee.

Scammers are telling companies that they can boost their own stock prices by up to 250 percent within two to three weeks, and are even offering a one day free trial. The emails also claim that the scammers will offer advice on future share price movements to investors, for a 30 percent share of the income.

Part of the email reads...

"You own an underrated stock and the market price of your stock is from 0.001 to 1$. We can increase the price of your stock and we can increase average day trading volume. We can increase price up to 200-250% in 2-3 weeks and also we can increase volume by 10 times each trading day. You don't have to pay anything in advance. First we increase the price and the volume, then you pay."

Sophos experts report that pump-and-dump stock campaigns account for approximately 15 percent of all spam, up from 0.8 percent in January 2005.

For more information on spam and your protection, take a look at How To Ensure Your Spam Slammer Really Works
To reference this entry please copy the url in this link: (Permalink)

September 11, 2006 12:43 - Spyware Brothers Infected 18 Million Computers

The Federal Trade Commission (FTC) has reached a $2.05 million settlement with two California companies accused of violating federal laws for placing spyware on consumers' computers without their knowledge. It is estimated that 18 million computers were affected worldwide.

The payment from Enternet Media Inc. and Conspy & Co. is the second-biggest spyware settlement collected by the FTC. The sum is estimated to be the money that the companies earned from the advertising revenue generated by their spyware.

The companies were run by brothers Nima Hakimi, 21, and Baback Hakimi, 24, who didn't admit guilt in the settlement. At the FTC's request, a federal judge froze the defendants' assets in November, 2005, and ordered it shut down. The FTC also said that the case against the brothers was assisted by Microsoft, Webroot and Google.

Late last month, the brothers pleaded guilty to three counts of computer crime, were each fined $15,000 and were sentenced to 200 hours of community service and 120 days in jail or 60 days of Caltrans work, a spokesman in the Los Angeles city attorney's office said.

According to the FTC's complaint, the defendants' Web sites caused "installation boxes" to pop up on consumers' computer screens that offered free music files, cell phone ring tones, photographs, wallpaper, and song lyrics. When users downloaded these free items, their computers were infected with spyware that tracked their browsing habits and inserted banner advertisements and pop-ups. Enternet received money from the advertisers whose products were featured.

Enternet also "hijacked" home pages, taking consumers to the websites of featured advertisers rather than where they wanted to go, the FTC said.

5 Key Steps To Spyware Protection
To reference this entry please copy the url in this link: (Permalink)

September 13, 2006 13:15 - German Police Commandeer Anonymous Surfing Servers

German authorities have seized some Tor servers that enable users to surf the web anonymously. The seizure was part of an investigation into an online child pornography and could allow the police to track down visitors to the illegal websites.

Tor is a routing service that redirects user's traffic along a set of servers. Additional layers, or nodes, make it harder to trace the origin of a web user, because a web site will see the IP address of the last Tor node and not the actual IP address of the user. Similarly, the individual's Internet Sevice Provider (ISP) sees only the IP address of the Tor server the user is connected to and not the web site being visited.

Tor is used by a wide range of organizations and people who want to gurd privacy, safety and security on the Internet. Using Tor can anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications.

BoingBoing interviewed Shava Nerad from the Tor project, who explained that, while 6 computers that serve as Tor nodes were seized by police, the move does not represent a crackdown on Tor or anonymity services by German authorities.

She explained that investigators were recording every IP address that hit a server, and then tried to match it with the associated computer.

How anonymous surfing will guard privacy and safety on the Net
To reference this entry please copy the url in this link: (Permalink)

September 15, 2006 12:16 - DollarRevenue Linked To Botnet Attack

Researchers at the German Honeynet Project, tracking the latest MS06-040 worm attack, have discovered a direct link between the botnet-building attack and DollarRevenue, who pay between a penny and 30 cents per installation of its heavily criticized ad-serving software.

The Botnet hunters at the Manheimm, Germany, counted about 9,700 infections from a single command-and-control center and calculated that the attacker was making hundreds of dollars a day in commissions from DollarRevenue alone.

"This is a lucrative business," said Thorsten Holz, a project founder who spends much of his life monitoring botnets. "In this case with the DollarRevenue installations, the owner compromised about 33,000 machines in five days," Holz said.

The command-and-control infrastructure is most often an IRC server installed illegally on a high-bandwidth educational or corporate network. A botnet is a collection of broadband-enabled computers infected with worms and Trojans that leave back doors open for communication with the malicious attacker.

Holz's team has seen botnets that control between 10,000 and 25,000 compromised computers, and he says high-profile flaws in widely used applications are "quickly turned into exploits."

"It's pretty standard to see about 7,000 infections per day whenever there's a new exploit. The size of the botnets is low on purpose to avoid too much noise," he said.

Michael Sutton, a security specialist at Atlanta-based SPI Dynamics, said botnet-related crime is a "billion-dollar business."

"On one side, you have these big advertisers pumping money into the adware business," he said. "On the other side, you have these shady companies with shady affiliate deals, cashing in. I've seen reliable estimates that the business of serving ads via adware is worth $1.6 billion a year. That's a phenomenal industry."
The full article
To reference this entry please copy the url in this link: (Permalink)

September 18, 2006 14:49 - US Court Awards $11.7M Against AntiSpam Organization

A US court has ordered anti-spam organization Spamhaus to pay $11.7m in damages for "illegally" listing email marketing firm e360insight as an affiliate of a known spammer.

Among other things, the The U.S. District Court for the Northern District of Illinois also ordered Spamhaus to publish an apology stating that the company and its CEO, David Linhardt are not spammers.

Linhardt wrote in an email to silicon.com sister site CNET News.com on Thursday stating, "This ruling confirms e360insight's position that Spamhaus.org is a fanatical, vigilante organization that operates in the United States with blatant disregard for US law."

Spamhaus counters this point and argues that Linhardt should re-file his case in the proper venue, a British court. On its website, Spamhaus stated, "Default judgments obtained in US county, state or federal courts have no validity in the UK and can not be enforced under the British legal system. As spamming is illegal in the UK, an Illinois court ordering a British organization to stop blocking incoming Illinois spam in Britain goes contrary to UK law which orders all spammers to cease sending spam in the first place."

To apologize and state that e360insight was inaccurately labelled as a spammer would be a lie, Spamhaus said and so e360insight will remain on the Spamhaus blacklist.
Read the article

For protection against spam, see How To Choose Spam Slammers That Really Work!

To reference this entry please copy the url in this link: (Permalink)

September 20, 2006 21:48 - Another Internet Explorer Zero Day Exploit

Chinese security researchers have published the detailed exploit code for a new zero-day vulnerability in Microsoft's Internet Explorer browser.

The exploit, which was posted to XSec.org and Milw0rm.com Web sites, could be modified to launch code attacks without any user action on fully patched Windows computers.

Malicious hackers typically use code execution browser bugs to launch drive-by attacks to load Trojans, bots and other forms of malware on Windows computers.

A spokesman for Microsoft's Security Response Center said the company is investigating the latest warning, which adds to a list of known high-risk vulnerabilities that remain unpatched.

In an interview with eWEEK, Roger Thompson, chief technical officer at Atlanta-based Exploit Prevention Labs, said he was able to use the code to simulate an attack, but added that the exploit was not always reliable.

Thompson added that the exploit managed to crash fully patched versions of the browser and could be easily modified to work in targeted attacks.

The latest published exploit comes at a sensitive time for Microsoft's IE product team. A cumulative IE update that shipped in the August batch of patches had to be re-released twice because of two separate flaws that were introduced into the browser by the original patch.

According to vulnerability statistics from Secunia, about 30 percent of IE flaws reported in 2006 remain without patches. Roughly 60 percent of all reported IE bugs were rated "highly critical" or "extremely critical."
To reference this entry please copy the url in this link: (Permalink)

September 22, 2006 21:38 - Spyware Attacks Via Internet Explorer Flaw

A previously undocumented flaw in Microsoft's Internet Explorer Web browser is being exploited by online criminals to install a wide range of malicious software when visiting web sites with the vulnerability.

The exploit -- due to a Microsoft Vector Graphics Rendering Library Buffer Overflow -- has been discovered by the Sunbelt Software research team while conducting some routine online surveillance of known crimeware gangs.

According to the researchers, the exploits at the moment appear to be hosted mainly on hardcore porn sites. These sites are using this vulnerability to drop massive amounts of spyware on unsuspecting users. Roger Thompson of Exploit Prevention Labs called it a "massive malware run" with "drive-by attacks hosing infected machines with browser tool bars and spyware programs with stealth rootkit capabilities."

SunbeltBLOG lists nearly 50 threats being installed though this exploit, including the BigBlue keystroke logger, which monitors and captures data from computers including screenshots, keystrokes, web cam and microphone data. The exploit is also being used to install the invasive Spybot worm and trojan downloaders and backdoors.

This new exploit, combined with two other publicly available unpatched IE flaws, should cause anyone using the Microsoft browser to think twice about continuing to use it. Alternatives are Firefox and Opera.
To reference this entry please copy the url in this link: (Permalink)

September 25, 2006 22:46 - Attacks Against Home Computers On The Increase

According to a report on Internet threat trends by security-software maker Symantec Corp; crackers are increasing their attacks on home-computer users and financial-services firms.

The report shows that during the last six months, malicious attackers are increasingly using Web browsers and other desktop applications to invade home computers. The aim? To gather personal data like credit-card numbers and bank-account information to use in fraud schemes.

So why are these attackers targeting home PCs? Well, they are considered the weakest link in Internet security because many consumers either don't use antivirus and firewalls or fail to keep them updated.

Crackers are successfully finding and exploiting large numbers of flaws in browsers and other widely used Web tools, including file readers, music players and graphics viewers. Of the 2,249 new software vulnerabilities documented by Symantec during the six-month period, the highest number it has ever recorded - 69% - were in Web applications.

Crackers use such programming flaws to deposit malicious programs, like bots and keystroke loggers, onto the computers of unwitting Web surfers.

This can be done by breaking into Web sites and planting malicious programs or by setting up their own sites and luring visitors to them through email invitations.

The best defense against infection is downloading fixes for the flaws provided by browser makers, and security software to rid PCs of malicious programs.

Similar tactics are also being used against financial-services firms. Symantec has seen a rise in targeted attacks on these companies' employees, who are increasingly being invited to visit Web sites or download programs by people pretending to be colleagues or peers. Attack programs on the sites or in downloads then open tunnels into the corporate network.

The strategy, known as social engineering, is a low-tech attempt to get around the financial-services industry's typically expensive and cutting-edge network defenses.
Read the article
To reference this entry please copy the url in this link: (Permalink)

September 27, 2006 21:20 - Early Fix For Critical Internet Explorer Bug

Microsoft yesterday released a patch for a critical flaw in Internet Explorer, due to attackers finding new ways to exploit the problem. Unexpectedly, the release took place well ahead of its next monthly scheduled round of security updates.

The critical vulnerability concerned the way Internet Explorer renders VML graphics and also affected Outlook. Because the attack code works on the latest version of Windows XP, is now publicly available, and attacks are increasing logarithmically, the VML bug was becoming a very serious vulnerability.

By yesterday, more than 3,000 Web sites were already infecting users with malware that exploited the VML bug. Security experts also warn that there are many variants of the VML malware, some of which may be missed by security software.

In the past few days they have been circulating phoney e-mails, claiming to be a patch for the VML problem. If downloaded, this fake patch actually installs malicious software on the victim's system.
Read the article
To reference this entry please copy the url in this link: (Permalink)

September 29, 2006 20:01 - US Continues Demands For ISP Search Data

Yes, it's reared its head again! The US government wants access to our personal information on where we go surfing on the Net. U.S. Attorney General Alberto Gonzales wants new rules to help law enforcement agencies and government to legislate the Internet.

Gonzales asked senators to adopt legislation that would require Internet service providers to keep customer records for at least a year. He has said that discarding user logs is hampering investigations into online sex crimes, particularly child predators. Well, I'm all for protecting kids online, but I don't quite understand why we all have to be treated as potential child molesters at the expense of the majority's privacy.

Personally, I think it should be a case of prevention rather then cure. After all, we know the authorities in the past have taken over paedophile websites to garner and prosecute those who sign up to the website... just look at Operation Or.

And those social networking sites, like FaceBook -- how come the government aren't looking at compelling such sites to impose more verifiable sign-up procedures to filter out those adults whose intent is to prey on youngsters? Perhaps the inconvenience of smaller membership numbers and a lower earnings ratio has an impact on government support and donations by the larger commercial outfits?

To me, this is a case of NOT tackling the root of the problem. On the other hand, what a good reason to use to get even greater control of our supposedly free citizens!
To reference this entry please copy the url in this link: (Permalink)

August 2006 « 

 

 RSS
RSS Feed For This News

Guard Privacy Blog Home | Archives| Internet Privacy & Security Risks... News! | Guard Privacy... Hot New Topics | Spyware & Spyware Blockers... News! |