Spyware Hunter

Nortel Networks recently warned of three serious vulnerabilities in its VPN routers, which are said to allow remote hackers to take partial control of the devices and get access to network. All model numbers of the Nortel VPN Routers 1000, 2000, 4000, and 5000 are affected.

According to an online advisory from Nortel Networks, Nortel was reported to have said that there are the existence of three complex areas of functionality in the router, which was previously Contivity. One vulnerability that is said to let a hacker get illegal remote access, is involved with the way users are configured. While two user accounts are kept in store by default in the VPN Router LDAP template, and they are concealed from the system manager. The accounts are utilized for excavating protocols such as L2TP, IPSEC, PPTP, and L2F.

The 2nd vulnerability, which is involved with illegal administration access, resides in the router’s Web-enabled device administration. A hacker is expected to exploit the URL to gain access to a few administrative pages but for authorization. The advisory warns that once the hacker gains access, it gets most possible that they could compromise a few of the configuration settings on the compromised VPN Router.

All of the VPN Routers make use of the similar DES (Data Encryption Standard) key to encrypt user passwords and that lands to weak password encryption, as a result making it simpler for hackers to crack passwords with brute force cracking methods. The company has suggested PC users that they should upgrade their VPN Routers system software to version 6_05.140.

Read

Recently a judge was reported to have found a suspended Monroe County sheriff’s deputy guilty of making use of spyware to spy on his neighbour’s PC. Ruling following a non-jury trial, acting state Supreme Court Justice Stephen R. Sirkin convicted Investigator R. Michael Hildreth of a misdemeanor of spying and an offense of official misbehavior, however released him of a crime of 3rd degree PC intruding.

Hildreth, 45, is encountered with a fine starting from a conditional discharge - a type of court-supervised probation - to almost 4-years imprisonment. The trial charged Hildreth of carrying out an illegal spying of nearby neighbor James E. Missel, whom he thought posed a threat to young girls in their area on Northrup Road in Penfield. Assistant District Attorney Mark Monaghan maintained a follow-up spying subsequent to Hildreth’s arrest turned up no proof of unlawful activity by Missel.

Hildreth purportedly disseminated Missel an e-mail as to possible job prospects with an attachment that, while opened, implanted the spyware software eBlaster on Missel’s PC and enabled Hildreth to keep an eye on each keystroke done, site-visited and chat room entered on the PC. Hildreth also left a PC disk in his neighbor’s mailbox, allegedly from the similar possible employer, with the similar job info. While put in the PC’s disc drive, it also made download of the malicious spyware.

Read

Recently a news was hovering around online world that a hacker has obtained sensitive data from software company called Valve, comprising credit card info from users who have bought content from its digital distribution system Steam. It has been reported that an online user by the false name MaddoxX has sent a message on an anti-Valve site with photos of what as is claimed by him are internal Valve files, comprising the balance sheet and customer transaction data of the company.

While concerned users started complaining about the reported hack on Valve’s official message boards, the talks were deleted. Valve has not so far stated any thing officially in relation to the events, which started spreading out recently.

MaddoxX’s online profile is claimed to state that he is a twenty-two-year-old man from Russia. In his original posting, MaddoxX writes,

Woohoo VALVe you can see those creditcards...on the Internet anytime soon. [I] just need to finish the excel files.” Moreover, he seems to be holding the sensitive data hostage and asking for some kind of ransom. Calling out Valve, he says, “I prefer you come with something good unless you want me to expose ALL of the customers [and] their information.

If the hack seems to be really critical, Valve is legitimately obliged to notify its customers in a few states.

Read

Panda Software recently introduced a new Vista-compatible version of Panda Anti-virus+Firewall 2007, which is touted to be integrated with a new system for stopping nasty URLs and a smartly crafted tool for blocking malware, which makes use of rootkit methods to hide from view.

Windows Vista compatibility is said to be one of the leading sports in this version, plus Panda Antivirus+Firewall 2007 is also at one with Windows XP 64 bits, Tablet PC and Media Center.So, if you want to download the latest version of Panda Antivirus+Firewall 2007, visit at.

Jaime Herrero-Velarde, director of Consumer Marketing at Panda Software elaborates,

Windows Vista has been presented as one of the safest operating systems. Nevertheless, several vulnerabilities have been found that can be exploited to infect PCs running this operating system. It is therefore advisable to have additional protection that completes and increases Vista security. One of the features that can be improved is the firewall. Vista includes a built-in firewall, but it doesn’t have all the functions that complete protection requires. Panda Antivirus+Firewall 2007 includes intrusion prevention against WiFi networks, malware detection, default scanning of inbound and outbound traffic and a complete Intrusion Detection System.

Panda Antivirus+Firewall 2007 is included with a system to keep a tab on nasty URLs. Making the task of fighting threats more effectual, this tool is claimed to stop users to make access to web pages developed to do phishing attacks or those are included with spyware. The latest Panda Software’s solution also sports smartly crafted technology to give protection against rootkit-using-malware. Panda Antivirus + Firewall 2007 also claims to find out files related to concealed processes and those bug-ridden with rootkits and flags them as malware to remove them.

Read

A new study has claimed that 4 in 5 blogs on a few of all the rage websites are consisted with potentially nasty content, like pornography or adult language. The latest research say that the web pages, all the rage amongst children and teenagers, function as online diaries for PC users worldwide.

Whereas, a new research has come up with the warning to parents that they ought to keep an eye on their children Internet activities. ScanSafe also claimed to have stumbled upon over one in each 20 blogs are integrated with potentially disastrous PC viruses, spyware or other malicious softwares, which are claimed to be capable enough of committing theft of personal or private info.

The study also claimed to have detected that over half of all children studied had had a look at the websites that are containing adult material. The study of over 7b web requests and over 12m web threats is the biggest of its type ever conducted. The fame of blogging has bursted for the previous twelve months. The numeral of them has gone double to 70 m, a reported by Technorati. A few of the all the rage are blatantly dedicated to sex, like the award-winning ‘Belle de Jour, diary of a London call girl’ and ‘Girl with a one-track mind, diary of a sex fiend’.

Read

Spammers are known for scamming with the misuse of the natural or tragic incidents to scam interested and curious e-mail readers. And this does not differ in the case of latest Virginia Tech shootings, of which I had already talked about in my previous post. But no need to be afraid of it now as the SPAMfighter that boasts of working hard to provide protection to e-mail users from seeing and clicking the malicious link.

SPAMfighter, besides this particular spam mail, also claims to filter out other nasty or infectious mails that are disseminated with fake charity websites, with the aim of committing theft of credit card info from openhanded e-mail users who are just attempting to help. SPAMfighter performs by doing a scan of incoming e-mails. For example: if an e-mail deems to be spam, the SPAMfighter automatically filter it from the user’s inbox to a chosen SPAMfighter folder. As a result, email users are prevented from thinking e-mails like these are legal and so being victimized to the scam.

Read

SurfControl PLC, the leading security solutions supplier, recently announced to have come up with the launch of its MailControl, an e-mail security solution, to meet the constant demand of costumers in Singapore and Malaysia. The company says that the product, which boasts of getting hold of more than 99% of spam, will be put for sale by means of SurfControl’s local reseller network.

So, considering the development strategy of its SurfControl in the Southeast Asia market, the company thinks that the move will help users combat against the Web-borne threats Singapore and Malaysia, as they are victimized increasingly by the malicious attack of spyware or malware. For further info, please visit TFN.newsdesk@thomson.com kal/ic

Read

Webroot recently claimed to have found out the most common types of nasty security threats in the United Kingdom, singling out the Trojan Downloader Zlob as the biggest criminal. Webroot was reported to have stated that a few variants of the Trojan, which masks itself as a risk-free program and is normally disseminated as an email attachment, let hackers in fact remotely control and exploit bug-ridden PCs for nasty purposes. Webroot said Zlob frequently deploys fake security programs like SpywareQuake, SpyFalcon, SpyLocked and WinAntivirusPro, besides other malware.

The most prevalent adware was reported 180search Assistant/Zango, which is followed very much by Hotbar/Zango and Starware Toolbar, which is also said to be an ‘extremely high-level threat’ capable enough of keeping track of a users’ Web browsing behaviors and making info available to a third party. Keyloggers is also said to be the biggest fear for UK PC users, with Webroot selecting Perfect Keylogger as the most normal System Monitor. Such tools are claimed to be capable of keeping an eye on keystrokes, emails, chat room conversations, instant messaging, websites visited, usernames and passwords.

Read

LANDesk recently announced to have included a built-in host intrusion protection to its collection of handouts. The best-of-the-breed and state-of-the-art technology is claimed to assist VARs to provide their customers with endpoint security from zero-day threats.

Devin Anderson, business line manager at the subsidiary of Avocent, in Huntsville, Ala, was quoted as saying;

This inclusion is valuable to our channel partners because it lets them sell a solution into a business, rather than just point products. Previously LANDesk customers relied on anti-virus software for network protection. The latest technology is claimed to carry security a step ahead, providing security to combat threats, which have not been detected so far or are hidden.

LANDesk’s HIP system makes use of rules-enabled technology that watches network traffic and machine activities to make out incongruities or happenings of security policy violations relied up preclassified rules commissioned by security and IT administrators. LANDesk stated the latest system incorporates strongly with its current security application to make available built-in patch, anti-virus and anti-spyware management, NAC (network access control), mobile device security and HIP in a standalone management console and complex solution.

Read

Sophos recently said that Miami-Dade Public Schools has made selection of Sophos to give protection to ninety thousand desktops and fifty thousand email accounts from spam, viruses, worms, spyware and possible malicious apps for the next four years. The district is also going to make use of Sophos Professional Services to guarantee that the switch from its legacy McAfee solution to Sophos is completed without a glitch.

After over a year of assessing many security suites, Sophos was chosen as the best-of-the-breed option for the district depended upon extensiveness of coverage; tempo of finding; better PC performance; the size, momentum and regularity of updates; an easy console; better-quality finding technology; and the excellence of Sophos’s technical support.

Thomas Sims, director, network services, Office of Information Technology at Miami-Dade County Public Schools,

Throughout the evaluation, Sophos was enormously attentive to our needs and requirements. In the end, we decided to invest in Sophos based on its exceptional level of service and expertise; simplified management capabilities; and proactive, multi-tier protection across our entire district.

Mark Hatton, president of Boston-based, Sophos, was quoted as saying,

We are pleased to have been selected by one of the most widely recognized school districts in the United States to provide comprehensive security at the endpoint and gateway. Sophos is committed to providing flexible, reliable and centrally managed solutions that are consistent with the district’s needs.

Read