« Adobe | Main | All Things Mac »

Tuesday, April 14, 2009

Twitter Awareness

The recent cross-scripting attack on the newest buzzword universe called Twitter is merely another bump on the rocky road through Interpipe 2.0

These XSS attacks are the bane of Web 2.0 and will cause disasters for individuals who refuse to become aware of their online surroundings. Compound this with users who remain clueless about what is running on their PC's and you have a large impediment in the push through to Web 3.0 applications.

Now add smartphones and netbooks to the mix ;(

For a fine write up on the Twitter XSS attack see: http://twittercism.com/protect-yourself-on-twitter/

Be sure to check out the fine tip from Twittercism about XSS busting using Firefox browser with the Add-on NoScript with screencaps from Better Safe Than Sorry here.

Posted by Matthew Carrick at 12:07.44 PM EDT | Permanent Link
Edited on: Tuesday, April 14, 2009 12:07.58 PM EDT
| Categories: Adware/Spyware Alerts, Best Practices, Firefox Extensions, Mobile, Mozilla Firefox, Online Apps, Security Alerts, Virus-Trojan-Worm Alerts

Monday, January 19, 2009

Downadup Worm Awareness

The nasty worm dubbed Downadup.AL is reaching out and touching many people. F-Secure has a (beta) application to check your Windows system for infection - it's here: ftp://ftp.f-secure.com/anti-virus/tools/beta/f-downadup.zip. If you use Firefox browser (and why wouldn't you?) using the Add-on No-Script is a wise move to prevent this and other nasties from gaining a foothold into your system. Of course, running a software firewall, hardware router and and Anti-virus application is your best bet to remaining free of doom.
Posted by Matthew Carrick at 10:59.19 AM EST | Permanent Link
| Categories: Adware/Spyware Alerts, Security Alerts, Virus-Trojan-Worm Alerts

Sunday, September 07, 2008

Facebook Botnet Proof of Concept

An application was recently created for Facebook called ‘’Photo of the Day‘’ that displayed a new photo from National Geographic every day. What users were unaware of was that the app turned their PC into part of a botnet that launched a denial-of-service attack on a targeted server. The server was one owned by the creators so no one was harmed but as a concept its frightening.

These co-opted PC's could be used to spread malware, trojans, etc. and are a direct threat the many social nnetworking sites that are now all the rage.

So, always assume that any software, even those online, could be compromised. One of the best ways to protect yourself is to use Firefox browser with the No-script add-on. This would likely have informed users that something weird was up.

Posted by Matthew Carrick at 10:32.01 AM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Concepts, Online Apps

Wednesday, June 04, 2008

Evil Hewlett-Packard support application

If you use an HP computer chances are it has a pre-installed customer support application that has been found to contain multiple security vulnerabilities. The software is designed to make it simple for users to automatically update HP drivers and software. However, flaws in ActiveX components within the HP Instant Support allow drive-by download attacks in cases where users unwittingly visit insecure websites.

HP Instant Support HPISDataManager.dll version 1.0.0.22 and earlier are affected. Users should upgrade to version 1.0.0.24.

To install the upgrade HP users should visit "http://www.hp.com/go/ispe" and choose “launch an online diagnostic session".

Posted by Matthew Carrick at 12:06.02 PM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Security Alerts, Virus-Trojan-Worm Alerts

Tuesday, November 27, 2007

Unpatched QuickTime Flaw

Those using QuickTime should be aware that a flaw in the most current version could allow attackers to execute code remotely on users machines. While there is no patch available CERT has posted various workarounds to minimize the risk.
Posted by Matthew Carrick at 9:12.03 AM EST | Permanent Link
| Categories: Adware/Spyware Alerts, Privacy Issues, Security Alerts

Saturday, October 20, 2007

RealPlayer Exploit

User of Internet Explorer under Windows are vulnerable to drive-by downloads simply by visiting an evil Web page. As usual, it is an unknown and unpatched ActiveX component that is causing the problem. Note that both Microsoft Outlook and Outlook Express clients are also at risk. Best practices? Uninstall RealPlayer, use an alternative browser such as Firefox or Opera and use another email client such as Thunderbird or Penelope. Those who just can't part with RealPlayer should visit http://service.real.com/realplayer/security/en/ and (when available) download and install the patch. Ryan Naraine over at ZDNet.com has a great write up with info and fixes.
Posted by Matthew Carrick at 12:37.42 AM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Alternative Applications, Best Practices, Mozilla Firefox, Mozilla Thunderbird, Opera, Penelope Email, Privacy Issues, Security Alerts

Monday, June 11, 2007

OpenOffice.org Virus Spreads

A virus written in numerous scripting languages that can affect Windows, Linux, and Mac OS X computers is slowly spreading via infected OpenOffice.org documents. Best practice is, of course, to never accept documents as attachments in email if you were not expecting them. Inform the sender that it is always best to announce attachments before sending. Having a good Anti-Virus and firewall is also an excellent idea just in case nasties end up on your system. Better safe than sorry!
Posted by Matthew Carrick at 11:34.31 PM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Alternative Applications, Best Practices, Openoffice.org, Privacy Issues, Security Alerts, Virus-Trojan-Worm Alerts

Friday, June 08, 2007

Yahoo Messenger Critical Upgrade

Yahoo Messenger has released an upgrade to fix a known security hole that would allow attackers to execute code on your PC. Please upgrade to version 8.1.0.401 from here: http://messenger.yahoo.com/download.php
Posted by Matthew Carrick at 7:45.13 PM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Alternative Applications, Best Practices, Instant Messaging, Privacy Issues, Security Alerts, Virus-Trojan-Worm Alerts

Monday, May 14, 2007

Google: 1 in 10 Websites Unsafe

Especially if you use Internet Explorer as opposed to Firefox or Opera. The chance of being nailed by a "drive-by download" is almost non-existent when using any browser other than Internet Explorer. Do yourself a favour and try a safer alternative.

Posted by Matthew Carrick at 3:56.12 PM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Alternative Applications, Headlines, Mozilla Firefox, Opera, Privacy Issues, Security Alerts, Virus-Trojan-Worm Alerts

Friday, July 21, 2006

MySpace.com + IE Flaw + Known Exploit = Chaos

It appears Internet Explorer is again being exploited by evil Windows Metafile (.WMF) images. Worse, these images reside on MySpace.com with some 50+ million users. This exploit quickly follows the most recent Microsoft Update forcing drastic action from someone.At out-of-cycle patch from Microsoft or a third-party fix from a two-person shop in Guyana all works for me. Until a fix appears use an alternative browser such as Opera or Firefox.
Posted by Matthew Carrick at 2:12.00 AM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Alternative Applications, Mozilla Firefox, Virus-Trojan-Worm Alerts

MS PowerPoint Attachment Trouble

If you receive an email from an unknown Gmail address and it contains an MS PowerPoint presentation then delete it.
Posted by Matthew Carrick at 1:35.20 AM EDT | Permanent Link
Edited on: Monday, July 31, 2006 4:27.20 PM EDT
| Categories: Adware/Spyware Alerts, Alternative Applications, Mozilla Firefox, Security Alerts, Virus-Trojan-Worm Alerts

Saturday, July 08, 2006

Macromedia Flash Player Update

The most recent version is available here:http://www.adobe.com/products/flashplayer/. This fixes a few security boo-boos and is a must have download.
Posted by Matthew Carrick at 12:38.05 AM EDT | Permanent Link
Edited on: Monday, July 31, 2006 4:27.03 PM EDT
| Categories: Adware/Spyware Alerts, Privacy Issues, Security Alerts

Wednesday, May 24, 2006

IM Worm Targets Yahoo Users

A worm dubbed yhoo32.explr is spreading across Yahoo's IM network. It forwards itself using the contact lists of people whose computers have already been infected. If installed it hijacks the browser home page steering the users to an evil site that attempts to load spyware.
Posted by Matthew Carrick at 1:12.38 PM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Alternative Applications, Instant Messaging, Security Alerts, Virus-Trojan-Worm Alerts

Wednesday, May 17, 2006

Poker Players Beware!

If you downloaded RBCalc.exe as distributed by checkraised[dot]com then you have a rootkit on your system! Always check downloads before you make them to ensure they are safe.
Posted by Matthew Carrick at 11:57.01 AM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Best Practices, Privacy Issues, Security Alerts, Virus-Trojan-Worm Alerts

Thursday, March 30, 2006

Flexispy.A Symbian 60 Trojan / Keylogger

This nasty litle piece of work is actually a commercial product named Flexispy! It records information about voice calls and text messaging sessions. The information is sent to a company server where it can be viewed on the web. Now, I can imagine many scenarios where this type of application could be used in a positive manner but lets get realistic and assume it will be used for nefarious purposes. F-Secure has all the details.
Posted by Matthew Carrick at 8:47.09 AM EST | Permanent Link
| Categories: Adware/Spyware Alerts, Mobile, Privacy Issues, Security Alerts, Software Tools, Virus-Trojan-Worm Alerts

Sunday, November 13, 2005

MS to Remove Sony Rootkit via Anti-Spyware & Malicious Software Removal Tool

Microsoft has decided that the Sony Rootkit poses a threat to its operating systems. Future updates to the Microsoft AntiSpyware application and the now commonly updated Malicious Software Removal Tool will contain the signatures required to remove the truly evil Sony Rootkit. Thanks Bill!
Posted by Matthew Carrick at 9:04.15 AM EST | Permanent Link
| Categories: Adware/Spyware Alerts, Best Practices, Privacy Issues, Software Tools, Virus-Trojan-Worm Alerts

Tuesday, November 08, 2005

Sony Rootkit UNinstaller Almost Worse than Rootkit!

According to Mark Russinovich of Sysinternals.com (the chap who initially discovered the menace) the uninstaller only forces XP to issue the Windows command "net stop" that disables the driver. This inept handling can and has caused XP to crash. The President of Sony BMG's global digital business division Thomas Hesse has explained it all, "Most people, I think, don't even know what a rootkit is, so why should they care about it?" Right. I don't know what Sony stock is either so why should I care if it drops like a rock? Check out the story at The Register here: http://www.theregister.co.uk/2005/11/09/sony_drm_who_cares/ and don't miss the link to the NPR interview with the clueless Sony Prez.
Posted by Matthew Carrick at 11:00.47 PM EST | Permanent Link
| Categories: Adware/Spyware Alerts, Privacy Issues, Security Alerts, Software Tools, Virus-Trojan-Worm Alerts

Thursday, November 03, 2005

Sony Rootkit Uninstaller Available

Sony is now offering users an uninstaller for the Rootkit that would have secretly installed on their PCs if they had placed a Sony music CD in their CD drive anytime after March 2005. While the Rootkit is (probably) not in itself dangerous it does allow hackers a potential entry point into a users PC and for this reason alone should be removed. Bad Sony, bad dog!
Posted by Matthew Carrick at 12:40.53 AM EST | Permanent Link
| Categories: Adware/Spyware Alerts, Privacy Issues, Security Alerts, Software Tools

Tuesday, November 01, 2005

Sony, DRM & Rootkits

Sony BMG is currently using a rootkit-based DRM system on some CD records sold in USA.


The system is implemented in a way that makes it possible for viruses (or any other malicious program) to use the rootkit to hide themselves too. This may lead to a situation where the virus remains undetected even if the user has got updated antivirus software installed.


The quotes above were taken from F-Secure - The whole article is here.
Posted by Matthew Carrick at 8:41.34 AM EST | Permanent Link
| Categories: Adware/Spyware Alerts, Privacy Issues, Security Alerts

Saturday, October 22, 2005

World Of Warcraft = Spyware

It seems the company the produces the popular game World of Warcraft, Blizzard, has been caught reading the processes on users PC's. Now, even though the EULA states this is happening and users could decline it's still a massive invasion of privacy. Read the story here: http://www.eff.org/deeplinks/archives/004076.php and check out the way to "spy on the spy" here: http://www.rootkit.com/newsread_print.php?newsid=371.
Posted by Matthew Carrick at 10:04.18 AM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Privacy Issues, Security Alerts, Software Tools

Tuesday, August 30, 2005

Windows Registry Flaw

A recently detected flaw in Windows registry concerns its handling of long string names. A malicious program could hide itself in a registry key by creating a string with a long name which would allow it to remain hidden. Keys added afterwards would also remain obscured so the horror could escalate. The vulnerability affects Windows XP and Windows 2000 even if they are fully patched according to Secunia. A detection tool can be found here: http://isc.sans.org/LVNSearch.exe
Posted by Matthew Carrick at 11:52.58 AM EDT | Permanent Link
Edited on: Tuesday, August 30, 2005 12:39.13 PM EDT
| Categories: Adware/Spyware Alerts, Software Tools, Virus-Trojan-Worm Alerts

Friday, August 26, 2005

Srv.SSA-KeyLogger

If you still use Internet Explorer to surf the 'Net you may be at risk of turning over private information concerning sites you visit such as Paypal or your online bank. Sunbelt Software has discovered a keylogger that can be installed by merely visiting an evil web site where a "drive by download" may occur. The infection opens a backdoor on the system that harvests usernames + passwords that are then sent to repositories. Some 30,000 indviduals have already been victimized. Sunbelt has offered a detection tool. Please consider using an alternative browser such as Firefox or Opera as a way to prevent this type of threat in the future..
Posted by Matthew Carrick at 9:54.01 AM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Virus-Trojan-Worm Alerts

Saturday, August 06, 2005

CoolWebSearch Spyware Uncovered

Identity theft via CoolWebSearch has apparently been uncovered. If true, and the facts are not yet comfirmed to my satisfaction, this massive illegal harvesting of financial and personal information may hopefully wake folks up regarding the potential security risks when using an unprotected Windows OS. Use a firewall and anti-virus software. Buy a hardware router. Install and run anti-spyware applications. Do not run your Windows in Administrator mode. Get a grip, dammit!
Posted by Matthew Carrick at 8:29.49 PM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Best Practices

Monday, July 25, 2005

Spyware "calling home" Increasing

The Register reports that the UK firm ScanSafe estimates that around 8% of outbound traffic from PC's is evil Spyware applications attemping to connect to the Internet.
Get thee hence to a firewall, varlet, or thy doom is certain!
Posted by Matthew Carrick at 6:28.00 PM EDT | Permanent Link
| Categories: Adware/Spyware Alerts

Monday, July 11, 2005

MS Anti-Spyware Allows Claria Adware?

It appears that Microsoft's Anti-Spyware application now defaults to allowing these well known purveyors of spyware to exist on users computers. For this reason alone we suggest you always run more than one spyware removal application - consider this as the layered defence. Try Spyware Blaster, HijackThis! and Spybot - Search & Destroy.

Posted by Matthew Carrick at 10:43.40 AM EDT | Permanent Link
Edited on: Wednesday, July 20, 2005 6:31.58 PM EDT
| Categories: Adware/Spyware Alerts, Alternative Applications

Wednesday, June 29, 2005

Newest Windows AntiSpyware (Beta)

This is indeed good news. The original version of this application was due to die on June 31, 2005. This newest version will live until Dec 30, 2005. It is, of course, new and improved with Vitamin B, B12 and Riboflavin. Yes, we know Windows is a security nightmare but this application is a further step in the right direction for Microsoft.Get it. Use it.
Posted by Matthew Carrick at 2:30.43 AM EDT | Permanent Link
Edited on: Wednesday, July 20, 2005 4:12.38 PM EDT
| Categories: Adware/Spyware Alerts

Monday, March 14, 2005

Java Applet trojan

This new Java trojan will download and infect Internet Explorer with spyware and/or adware even is you are running another browser that supports Java.
>
>So, if you have Java switched on in your browser and a dodgy website asks you whether you want to run Java applet, just answer no.
>
>To be absolutely safe turn off Java. Ooh, but you'll miss all the bounching balls and goofy sound effects. End sarcastic comment.
Posted by Matthew Carrick at 11:57.43 AM EST | Permanent Link
Edited on: Wednesday, July 20, 2005 5:36.32 PM EDT
| Categories: Adware/Spyware Alerts, Best Practices

Thursday, February 10, 2005

Future Threats

"I won't be in to work today . . . my pacemaker caught a virus from my Bluetooth headphones in my car and when I talk I sound like Ethel Merman on steriods so I, ah . . . gotta reboot."

Ack.
Posted by Matthew Carrick at 5:31.58 PM EST | Permanent Link
Edited on: Wednesday, July 20, 2005 5:43.49 PM EDT
| Categories: Adware/Spyware Alerts, Best Practices, Bluetooth, Mobile, Security Alerts, Technology, Virus-Trojan-Worm Alerts

Monday, January 17, 2005

No More Internet for Them

Oh, my heavens! Here we have folks who have given up on broadband Internet access in the hopes that this will cure the problems of virii, spyware, malware, trojans and pop-ups on their computers.

The article has no mention of alternatives to Windows OS, browser alternatives to Internet Explorer or email alternatives to Outlook Express.

Sigh.

Posted by Matthew Carrick at 12:57.06 PM EST | Permanent Link
Edited on: Wednesday, July 20, 2005 5:59.43 PM EDT
| Categories: Adware/Spyware Alerts, Alternative Applications, Best Practices, Concepts, Eudora Email, Mozilla Firefox, Mozilla Thunderbird, Openoffice.org, Opera, Software Tools

Thursday, January 06, 2005

Microsoft Releases Anti-Spyware beta

Microsoft has followed up last month's purchase of software maker GIANT with the release of a beta version of Windows AntiSpyware.

Security has always been a weak point at Microsoft and this problem has, up until recently, been solved by third-party software vendors who have produced well thought out applications to save us from evildoers.

Since Bill has seen the light we have received Microsoft Firewall and now the Microsoft Anti-Spyware beta.

I would suggest you at least try the Anti-Spyware and see if it offers any increased security when used in conjunction with established Anti-Spyware applications - remember this is BETA and may not work quite as expected.

Note also that it appears that unless Bill can validate your version of Windows 2000 or XP you may be denied the download.

Several lunatics at slashdot.org claim the validation procedure can be ignored. Your mileage may vary.

Comments welcome from all those with busted Windows OS's and you Windows 2000 beta users - you know who you are . . .
Posted by Matthew Carrick at 3:13.31 PM EST | Permanent Link
Edited on: Wednesday, July 20, 2005 6:03.21 PM EDT
| Categories: Adware/Spyware Alerts, Best Practices

Wednesday, December 15, 2004

Rogue/Suspect Anti-Spyware Products & Web Sites

The Spyware Warrior List of scumware passing itself off as Anti-Spyware. Before you download a new application to defend against adware, malware, etc be sure to check a search engine or
here to confirm the cure isn't worse than the disease.
Posted by Matthew Carrick at 11:31.11 PM EST | Permanent Link
Edited on: Wednesday, July 20, 2005 6:17.20 PM EDT
| Categories: Adware/Spyware Alerts, Best Practices, Software Tools, Virus-Trojan-Worm Alerts

Thursday, December 02, 2004

Spyware Database Search

The folks at pestpatrol.com offer a searchable database of thousands of software applications, both free and commercial, that contain spyware, adware, malware, tracking cookies, dialers, homepage changers, etc.

So before you download that neat new program you found check this site and confirm that you won't infect your system.

You would also be wise to check several popular Search Engines for the name of this neat software and the word "spyware" (without the quotes) - If this search returns indications of weirdness perhaps you had better not download the software.
Posted by Matthew Carrick at 4:59.34 PM EST | Permanent Link
Edited on: Wednesday, July 20, 2005 6:22.07 PM EDT
| Categories: Adware/Spyware Alerts, Best Practices, Software Tools, Virus-Trojan-Worm Alerts