Here’s some good news for anyone who has been struck by auto-running malware from a USB stick in the past. Microsoft has rolled-out an “important, non-security update” through Windows Update, changing the behaviour of Autorun when you plug a USB stick into your computer. Not sure what Autorun is? It’s the technology which causes a [...]
09 February 2011
I have looked at 1,123 legitimate sites which have been hijacked to host spam pages redirecting users to a fake AV page. I’d assumed that most of them would be running WordPress, Joomla!, OSCommerce and other open source software known to have a history of security issues. In reality, these software packages actually represent less than [...]
09 February 2011
““Most organizations focus the majority of their security budgets and efforts on prevention techniques while largely ignoring response activities (detection and response).”” – Mandiant, when discussions observations from investigating Advanced Persistent Threat (APT) activities in their M-Trends 2011 report. (Lenny Zeltser on Information Security)
09 February 2011
During last weekend a viral rogue app campaign hit Facebook again. This time the application was called "Profile Creeps" which, like many other rogue applications before it, promises to do what Facebook simply doesn't allow *ANY* app to do – let us know who looks at our profile. But users are still tricked into installing [...]
09 February 2011
Quite a lot of people take now their netbook or smartphone with them when travelling. Because of this, almost every quarter of the year we read stories about sensitive personal data was lost because some laptop or USB stick got stolen. Moreover, with the rise of the mobile devices like smartphones, tablets and pads, anyone [...]
09 February 2011
Today we were happy to find out that our blog is a finalist for Best Corporate Security Blog in the 2011 SC Magazine Social Media Awards. You can vote for us, as well as your favorite security bloggers, here. Look for the “Second Annual SC Social Media Awards Voting” headline. If you like our updates [...]
09 February 2011
Today seems to be administrators nightmare day: Not only Microsoft released the announced updates on the regular Patch Tuesday, but also Adobe for Reader and Flash Player and Google for the Chrome web browser. And even worse, this doesn’t make the computers 100 % secure again as security company TippingPoint yesterday released information about security [...]
09 February 2011
January 11, 2010 Last year could be called “the year of cyber fraud.” Today there are few users who’ve never heard of it. While developers of security software keep working to improve their products, and law enforcement agencies keep cracking down on fraudsters, new fraud schemes continue to surface. The only solution to the problem [...]
09 February 2011
Smart Internet Protection 2011 is a rogue security product that pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application. It replaces the Personal Internet Security 2011 in the FakeVimes family. VIPRE detection name: SmartInternetProtection2011.FakeVimes SmartInternetProtection2011 graphic interface ( (Click graphic to enlarge) How [...]
09 February 2011
Hi folks, It’s fairly well known (well, well-known if you’re a security geek) that CVE-2010-3962 is in the Wild, but over the last couple of days, we’ve begun detecting it in the Eleonore Exploit Kit. This raises the stakes considerably, as it means that anyone can buy the kit for a few hundred bucks, and they have a [...]
09 February 2011
As published in the previous blog post, analysis of the current version of Koobface uncovered a very interesting part about it – its “ability” to resolve CAPTCHA protection at the Facebook web site. To put it simply, if Koobface was unable to resolve Facebook’s CAPTCHA protection, it would’ve been unable replicating because in order to [...]
09 February 2011
I received an newsletter from eEye yesterday. Normally I just dismiss those without taking a second look but this time I actually got pretty pissed. (more…) View full post on MW-Blog
09 February 2011
$ 5.00 LAMP TIMER If you have kids who own their own computers, an inexpensive lamp timer is an excellent way to enforce a digital curfew. I can assure you that your child is occasionally using the Internet at 3:00 am, and this is not helping him or her stay focused in class. There [...]
09 February 2011
Michael Argast is my guest on this weeks Chet Chat as we discuss the weeks news you can use. I have transcribed this episode (by hand) for the hearing impaired and those of you who prefer text to audio. Please send feedback to studio@sophos.com if you find this helpful. It is a lot of extra [...]
09 February 2011
While there is nothing new or Earth-shattering in this post, I thought I’d share what I have seen as the top abuses of open web proxies – as this is an everyday occurrence involving a large volume of web transactions and is a constant annoyance on the Internet. An “open proxy” is…In other-words a server [...]
09 February 2011
The anarchic Internet group called Anonymous recently hacked HBGary Federal and rootkit.com, an online forum dedicated to analyzing and developing rootkit technologies. All user passwords at rootkit.com have been compromised. Given this compromise, I’d like to point out one of my favorite topics in application security — password hashing. It’s all too common that Web [...]
09 February 2011
The next AMTSO meeting is about to begin in two weeks! It’s in San Mateo, CA on February 10th and 11th and you can find more details as well as preliminary agenda here. If you would like to join and are not an AMTSO member, feel free to contact me! (AVG Blogs | Karel Obluk)
09 February 2011
Exactly 30 years ago, the European Union Convention 108 about data privacy has been accepted. It is truly amazing that the ground works for data privacy legislation were laid such a long time ago, at a time when there were no mobile phones and almost no personal computers, and it still applies! Of course, the [...]
09 February 2011
It’s been a while since the previous post discussed commercial “intelligence gathering tool”. It would have seemed ridiculous, if this time it wasn’t UK government who thinks it’s acceptable to hack into home computers, spread malware via email, log users’ keystrokes, or sniff users’ traffic, if it “believes” that it is “proportionate” and necessary to [...]
09 February 2011
hack verb \ˈhak\ a : to write computer programs for enjoyment b : to gain access to a computer illegally ac·tiv·ism noun \ˈak-ti-ˌvi-zəm\ a : a doctrine or practice that emphasizes direct vigorous action especially in support of or opposition to one side of a controversial issue hacktivism – hacking meets activism Anonymous Logo The [...]
09 February 2011
We’ve just published a video going through the last 25 years of PC malware history in 9 minutes. The video contains several demos of what old viruses used to look like. Check it out here. On 09/02/11 At 07:57 AM (F-Secure Antivirus Research Weblog)
09 February 2011
This wandered into a spamtrap last night, and you should consider firing it into the heart of the Sun: “Am sorry for not informing you about my propose trip to UK and presently I’m writing this with tears in my eyes,my family and I came down here to Cardiff,United Kingdom for a short vacation unfortunately [...]
09 February 2011
Flickr Credit: Raqib Our security research team is constantly monitoring what is happening on the Web that we at AVG should be aware of. Looking for malicious URLs, exploits, new obfuscation techniques are just a few of the tasks we are doing 24×7 to ensure we provide you the best security. However, fun is also [...]
09 February 2011
This blog post is not for the technical guru! While it’s not for mums and dads either, its main purpose is to explain to an average user how to manually remove persistent malware that cannot be easily deleted otherwise. A reader who starts shivering from hearing the words “Linux” or “Ubuntu” could find this post [...]
09 February 2011
