Guard Privacy & Online Security News & Information

Guard Privacy & Online Security Home : Guard Privacy Blog Home : August 2007

August 2, 2007 21:37 - Botnets Increase Their Threat - Is Your Computer A Zombie PC?

The American Association for the Advancement of Science has warned that botnet controllers are attempting to use their hordes of zombie PCs to automate identity theft, pilfer bank accounts on a mass scale, and launch denial of service attacks on Web sites.

A zombie PC is created when the computer becomes infected with backdoor malware, which allows a third party to take control of the computer without the user's knowledge.

What makes this wave of computer break-ins so alarming, say security officials, is its scope, sophistication and criminal intent. "We have identified over 1 million compromised computers as part of a larger investigation," said the deputy director of an FBI Cyber Crime task force.

"A consensus among security people is that there are 15,000 to 18,000 active bot nets at any given time and maybe 8 million to 10 million compromised systems under bot-herder control," said Andre Di Mino of network consultants Shadowserver Foundation.

Some criminals develop and sell the software tools -- called malware -- used to infect PCs and Web sites. The bot herders buy and use this malware to find and enslave unprotected PCs, which they then use to automate crimes like identity theft. Other cyber crooks serve as fences to wholesale stolen IDs, or as deal-brokers who hire bot herders for tasks such as pumping out zillions of spam e-mails, or defrauding online advertisers by using zombie PCs to "visit" pay-per-click ads.

Prevent Your Computer From Becoming A Zombie PC

To reference this entry please copy the url in this link: (Permalink)

August 6, 2007 21:33 - Wi-Fi Hotspots A Security Risk

Researchers demonstrated at the Black Hat conference in Las Vegas that Web-based e-mail accounts hosted by MySpace, Facebook, Yahoo, Gmail, and Hotmail are vulnerable to hacker attacks when account holders use unencrypted Wi-Fi hotspots.

It was demonstrated how to scan a public hotspot and sniff out an unsuspecting victim. The hacker then grabs the cookie that the e-mail provider puts on the authorized user's computer and uses the intercepted cookie to mimic the victim's e-mail account, despite not having the actual password.

To avoid being hijacked, users need to ensure everything accessed at a hotspot should be through an encrypted channel, using specific programs such as an anonymizer, and which use the https option when accessing an e-mail account. Certain e-mail providers offer this option already.

To learn more about securing your connection using anonymous surfing, take a look at How Commercial And Free Anonymizers Work

To reference this entry please copy the url in this link: (Permalink)

August 16, 2007 20:46 - Check You Have Microsoft's Patches For These Vulnerabilities On Your Computer

Microsoft has released nine patches within its monthly schedule to fix fourteen vulnerabilities and anyone using Windows will be impacted -- so make sure you have them installed.

The patches released Tuesday make this the largest since February, when Microsoft corrected twenty vulnerabilities. They address security issues in Visual Basic, Virtual Server, Virtual PC, Windows Media Player, Windows Gadgets, Office, Excel, Internet Explorer, and Windows.

Six of the critical updates patch problems which would allow for remote code execution. For instance, one patch deals with a problem with Microsoft XML Core Services, which could be attacked if a Windows computer is exposed to a malicious website.

There are two other vulnerabilities that could be exploited when using Internet Explorer 6 and 7 on Windows 2003, XP, Server 2003, and Vista. Here, a malicious webpage can lead to an attack by installing malicious files on a computer.

Of the six critical vulnerabilities, only one is Vista specific and plugs an exploit in Windows Gadgets, which could allow remote code execution.
The full list of patches is located online at the Microsoft notice page.

To reference this entry please copy the url in this link: (Permalink)

August 20, 2007 21:12 - How To Recognize And Avoid Spyware

Because of its popularity, the Internet is an ideal target for advertising. As a result, spyware and adware, has become increasingly prevalent -- in fact, posing a larger threat to your computer and personal infromation than viruses.

US-CERT -- a US government security agency -- has produced a security bulletin explaining...
  1. What spyware is
  2. How to prevent spyware from installing on your computer
  3. How to remove spyware
If you haven't subscribed to their security bulletins, I'd recommend you do -- they are free and although often basic, they sometimes contain some great nougats of information. You can subscribe at Security Tips

Here are some extracts from the spyware bulletin...

What is spyware?

Despite its name, the term "spyware" doesn't refer to something used by undercover operatives, but rather by the advertising industry. In fact, spyware is also known as "adware." It refers to a category of software that, when installed on your computer, may send you pop-up ads, redirect your browser to certain web sites, or monitor the web sites that you visit. Some extreme, invasive versions of spyware may track exactly what keys you type. Attackers may also use spyware for malicious purposes.

How can you prevent spyware from installing on your computer?

  • Don't click on links within pop-up windows
  • Choose "no" when asked unexpected questions
  • Be wary of free downloadable software
  • Don't follow email links claiming to offer anti-spyware software

How do you remove spyware?

  • Run a full scan on your computer with your anti-virus software
  • Run a legitimate product specifically designed to remove spyware
  • Make sure that your anti-virus and anti-spyware software are compatible

Remember, there's a load of information on spyware at my website. For the best spyware removers, take a look at Antispyware Evaluation

To reference this entry please copy the url in this link: (Permalink)

August 23, 2007 19:59 - Monster Job Website Attacked. Was Your CV There?

Personal details involving several hundred thousand people on the Monster.com jobs Web site have been stolen in an online attack. It's still not sure whether only the details of U.S. subscribers were stolen, or whether other nationalities were involved. If your CV was listed there, then pay attention to the information below.

Symantec said that a specially-designed computer program -- a remote "Trojan" called Infostealer -- was used to access the company's website using stolen employers' log-in details. The log-ins were used to steal personal information such as names, e-mails, home addresses, CVs and mobile phone numbers.

Patrick W Manzo, vice president of compliance and fraud prevention at Monster, said: "To the best of our knowledge, this is not a hack of Monster's security, rather, legitimate customer credentials are being used to log in to the database."

The cybercriminals also instructed the trojan to send spam e-mail using a mail template downloadable from the command and control server in the Ukraine," the report said.

The stolen information has been used to craft personalized phishing e-mails to job seekers. If the recipients took the bait, they had spyware or other malicious programs secretly installed on their computers. But even if the phishing attempt wasn't successful, the names, addresses and other details on the resumes can themselves be lucrative.

Symantec has advised Web users to limit their exposure to such frauds by reducing the amount of personal information they post on the Internet.

To reference this entry please copy the url in this link: (Permalink)

July 2007 « 

 

 RSS
RSS Feed For This News

Guard Privacy Blog Home | Archives | Guard Privacy... Hot New Topics | Internet Privacy & Security Risks... News! | Spyware & Spyware Blockers... News! | | Guard Privacy From Spyware | Guard privacy With Anonymizers