Guard Privacy & Online Security News & Information

Guard Privacy & Online Security Home : Guard Privacy Blog Home : January 2007

January 2, 2007 19:33 - Your Own Online Business That Works With This Fabulous Free Offer!!

Have you got a special interest or knowledge and thought, "If only I could write about this stuff on my own website, others would benefit from this information and I could make money... but I just don't know how!"

Well, everything you need to start, grow and make money from your own home online business -- or an existing business -- can be yours for this free trial or Buy 1 Get 1 Free offer from SiteBuildIt. But first, hear how people like you have found their SiteBuildIt experience, by taking a look at these video clips.

You're also looking at an SBI site right now. Wow, did I feel as though a weight was off my shoulders when I bought this package and developed http://www.guard-privacy-and-online-security.com

It's proved its worth to me time and time again. I was in the position of not knowing how to start building my successful website... until I took a look at the SBI VideoTour, which shows and tells you what you get and just how user-friendly this package is.

OR, if you'd prefer to read about it, then you'll find this explanation will interest you.

You can either try SiteBuildIt for 30 days, free of charge... or, if you buy the package for one website, you get another website package absolutely FREE.

For instance, by buying one package you can give another to a family member absolutely FREE... or buy with your friend for half-price each!

Now, unfortunately, although the free trial is always open, the buy one get one free closes at midnight, January 3rd.

Like me, some of you will want proof that SiteBuildIt is the most effective and best value for money of all the website packages out there. Well, by looking at and reading SiteBuildIt Results, you'll soon feel, like I did, that you're in the best hands!

And hear this... it doesn't stop there. Dr. Ken Envoy and his team have the best web customer service levels I've ever come across. Any question, any support you require, it's there within guaranteed hours.

Anyway, don't just take my word for it, see what others have to say about their experience with SBI.

Good luck,

Pete

To reference this entry please copy the url in this link: (Permalink)

January 4, 2007 15:26 - Acrobat Vulnerability May Allow Web Attacks

Security experts warned yesterday that the Acrobat Reader software, used on millions of computers in homes and businesses, has a flaw likely to be exploited by cybercrooks.

Symantec has called the weakness in the browser plug-in for opening the popular .pdf file format "breathtaking". The problem was first highlighted by researchers Stefano Di Paola and Giorgio Fedon, who presented a paper in Berlin last week on security issues.

What Is The Flaw?
"The Acrobat weakness involves a feature called "open parameters" in the Web browser plug-in for Adobe's Reader program. The plug-in allows arbitrary JavaScript code to run on the client side. The code could include a malicious attack on a computer," wrote Hon Lau on Symantec's Security Response Weblog

Who Is Affected?
Lau added that anybody hosting a .pdf file, including well-trusted brands and names on the Web, could have their trust abused and become unwilling partners in crime. Due to the power and flexibility of JavaScript, the attacker has a wide scope for inflicting damage.

For example, Ken Dunham, director of the Rapid Response Team at VeriSign iDefense, said an attacker could find a PDF file on a bank Web site and then create a hostile link to that file along with malicious JavaScript.

How To Guard Privacy And Security Against This Flaw
Adobe stated that users can upgrade to Adobe Reader 8, the latest version of the Adobe software released last month, and which does not contain the flaw. They are also working on updates to previous versions that will resolve the issue.

In the meantime, I suggest you disable the Acrobat plug-in in your browser until you have version 8 installed.

To reference this entry please copy the url in this link: (Permalink)

January 5, 2007 20:56 - Use OpenOffice? Then Fix This Critical Vulnerability

A patch has been released for a vulnerability in the OpenOffice.org productivity suite. The problem is rated as "highly critical" by Secunia.

The problem was first reported in October 2006, but the vendors that distribute OpenOffice chose not to issue the patch until OpenOffice.org acknowledged earlier this week that it was a security issue, said Mark Cox, director of Red Hat's Security Response Team.

The vulnerability concerns the way OpenOffice handles images in the WMF graphics file format. Exploitation of the vulnerability, which affects all but the newest version of OpenOffice, can enable a hacker to perform a buffer overflow and then introduce malicious code to the victim's PC.

OpenOffice has uploaded the patch to its Web site. Manually install the file in place of the current program or upgrade to the latest version of the software.

To reference this entry please copy the url in this link: (Permalink)

January 8, 2007 21:08 - Spyware Predicted To Be The Scourge Of 2007

In a press release from PC Tools, Michael Greene, Vice President of Product Strategy, predicts 2007 will offer major changes in the security Internet sector. Here is a selection of these predictions:
  • Malware attacks, driven by financial gain, will double in 2007  malware writers will continue attacks on unwary users with more malicious and threatening spyware.
  • Spyware, crimeware, and phishing attacks will overtake viruses as the primary form of malware attack on the Internet. Phishing will become an even more critical threat on the security landscape.
  • Malware will focus on "micro-burst-attacks" rather than massive broad scale attacks -- thus the total number of computers affected will double. Ultimately, the number of threats that security companies will actually need to address will increase 4 fold or more. With security companies already struggling to manage the current volume of threats the need to process this increased volume of threats will be critical. Those companies without automated solutions to crack these large numbers of threats will simply crumble.
  • Identity theft will continue to increase as a major driver in online security. The impact to online retailers will be so significant that a new retail industry coalition will emerge to address these growing threats.
  • Microsoft Vista(TM) will be actively exploited, and will be railed as the Operating System that could not secure the desktop.
  • Social Networking Sites and content sharing sites will continue to be a major attack vector for malware writers. These sites will be forced to "certify" content as malware free. This will drive the next wave of security products. Expect this phenomenon to fuel a real-time file analysis service offered by major security vendors.

To reference this entry please copy the url in this link: (Permalink)

January 10, 2007 21:52 - Anti-Spyware Needs A Re-Think

I read a very interesting article entitled, "The Antispyware Model: Broken", explaining how current antispyware software is outmoded and needs a radical re-think to cope with the escalating developments in spyware. The article is in Issue 39 of CounterSpy News and I've extracted some of the challenging points made by Alex Eckelberry...
  • The traditional antispyware model has been fundamentally broken. Antispyware programs had started out originally as niche products, marketed by the likes of mavericks such as Patrick Kolla (SpyBot), Nicolas Stark (LavaSoft) and Bob Bales and Roger Thompson (PestPatrol), and they all relied upon a brute force method of removal. Basically, your classic antispyware product was a giant database attached to a scanning engine. In other words, antispyware products are basically big fat databases attached to big fat system cleaners.
  • This model worked fine in the early days, and you could typically handle some pretty bad stuff, but the spyware programs got increasingly difficult to remove, such as the practice of using "resusucitators" - programs that would notice when you killed a file, and then recreate it. It got so bad that Merijin Bellekom, who had created CWShredder to kill CoolWebSearch, simply threw up his hands in frustration. As he said "I simply do not have the tools to remove the latest variants, they are too aggressive or complicated to allow automated removal by CWShredder."
  • The model was (and is) flawed. While the major antispyware products have improved dramatically, they simply cannot deal effectively with all the different kinds of today's threats. You have the problem of depth (how much work is required to remove an infestation) and breadth (the sheer number of infestations that may be found in the wild).
  • Now, while spyware was evolving, antivirus vendors were playing catchup. Antivirus engines had been dealing with nasty stuff for years, and were quite capable of removing all kinds of evil malware like worms and trojans. It's a known problem that many antivirus products have become bloated and inefficient. The reason has a lot to do with the fact that the major antivirus companies need to support a broad range of viruses that may not even run on today's platforms, because of useless certifications, support for older platforms, etc. But it's part of why your AV product may take such a big hit on your system resources. More memory-hogging suites and more bloat. It's a broken model, because no one ever decided to really fix it.
  • So what's our answer to all of this? Wipe the slat clean. Rethink the ideas behind desktop security. Create a new method that's more efficient and more powerful. A number of parts have had to come into play to make this happen. I had to hire Joe Wells and a number of other rocket scientists and invest a significant amount of the company's financial and human resources. I also acquired technology, such as the Kerio firewall, which brought with it a number of innovative technologies such as Host Intrusion Prevention System (HIPS) and a Snort-based Intrusion Detection System (IDS). I'm also in the process of making an investment in some bleeding-edge rootkit technology. Meanwhile, I've had to just be patient and let the team do their work, something not easy for me. CounterSpy V2 (currently in beta) is our answer to the problems of dealing with tough blended threats, and incorporates a number of new technologies, such as VIPRE and our FirstScan technology, to deal with the really tough threats.
To find out more about this new technology, visit CounterSpy

To reference this entry please copy the url in this link: (Permalink)

January 12, 2007 14:17 - Teacher Faces Jail Over Spyware Porn

A substitute school teacher in Connecticut has been found guilty of exposing children to porn on the school PC. As a result of her conviction, Julie Amero could face up to 40 years in prison.

Defense witnesses claim the pornographic pop-ups were a case of spyware on the school machine. Although the school did have content filtering, the license had expired.

The prosecution alleged that the graphic images were the result of Amero actively visiting pornographic sites. State Prosecutor David Smith questioned why she didn't simply pull the plug on the PC. Amero claimed she could not control the graphic images that began circulating on the PC. "The pop-ups never went away. They were continuous," she testified.

In support, computer expert W. Herbert Horner, who performed a forensic examination of the computer for the defense, said Amero may have been redirected to the sexually-oriented sites through a hairstyling site accessed from the computer. He said the site allowed spyware to be downloaded onto the computer which allowed the pop-ups. The detective in the investigation admitted there was no search made for adware, which can generate pop-up advertisements.

But after listening to the students testifying and a police security expert, the jury rejected these arguments and convicted Amero.

It was reported that Judge Strackbein attempted to pressure the defense into an unwanted plea deal, in place of a trial. The defense attorney for Amero, moved for a mistrial shortly before closing arguments Friday, based on reports that jurors had discussed the case at a local restaurant. The jurors denied these allegations and were allowed to consider their verdict.
See the full article

To reference this entry please copy the url in this link: (Permalink)

January 15, 2007 14:58 - DIY Phishing Kit Available On Net

A software kit is on sale on the Internet that makes it possible for makes it easier for fraudsters and non-experts to run sophisticated phishing fraud attacks on websites.

The discovery of the kit's availability was announced by RSA, the security division of EMC Software. The company said that a fraudster using the 'Universal Man-in-the-Middle Phishing Kit' creates a fraudulent URL via a simple and user-friendly online interface, which communicates with the legitimate Web site of the targeted organization in real-time.

The kit is said to have a user-friendly interface designed to help the nontechnical criminal. It automates the programming needed to pull off a normally tricky man-in the middle attack on websites, such as banks or e-commerce sites.

Typically, the attack generated by the kit would start by duping users into clicking on a link embedded within a phishing email. This would direct them to a fraudulent URL able to communicate with the genuine website in real time, retrieving content from that site to make the scam appear as convincing as possible.

"As institutions put additional online security measures in place, inevitably the fraudsters are looking at new ways of duping innocent victims and stealing their information and assets," said Marc Gaffan of RSA.

"While these types of attacks are still considered 'next generation,' we expect them to become more widespread over the course of the next 12-18 months," he said.
Article

What Is Phishing And How Do You Block It?

To reference this entry please copy the url in this link: (Permalink)

January 19, 2007 19:13 - Storm Virus Spreads Like Ligntning

E-mails claiming to contain details of the storms that battered Europe contain a malicious virus, security firms warn.

F-Secure Corp., a Finnish antivirus company, said spammers had sent hundreds of thousands of files attached to e-mails with the heading "230 dead as storm batters Europe," -- referring to a storm on Thursday that disrupted travel for tens of thousands, shut down power and killed at least 41 people.

"The timing is particularly clever," F-Secure said. "They are taking advantage of people's curiosity in a natural disaster that has news value."

The new virus, called Small.DAM, has infected at least 10,000 computers worldwide and was spread through emails with a variety of subject lines purporting to be news. Other variants included "British Muslims Genocide" and "U.S. Secretary of State Condoleezza..."

The virus is a trojan -- a program or message that look benign but contains malicious code -- that is installed when a user opens the e-mail and clicks on an attachment. The attachment could be called Video.exe, Read More.exe, Full Clip.exe or Full Story.exe. The file creates a back door to a computer that can be exploited later to steal data or to use the computer to post spam.

The Storm virus is already close to being as large as the bigger attacks of 2006, F-Secure said, though it's still smaller than Sasser and Slammer.
ArticleThe Dangers Of Trojans

To reference this entry please copy the url in this link: (Permalink)

December 2006 « 

 

 RSS
RSS Feed For This News

Guard Privacy Blog Home | Archives | Guard Privacy... Hot New Topics | Internet Privacy & Security Risks... News! | Spyware & Spyware Blockers... News! | | Guard Privacy From Spyware | Guard privacy With Anonymizers