Spyware Hunter

An up-and-coming leader in network gateways for SMB, Untangle recently said to have integrated web safety to its Identity Theft Blocker application. The app, besides filtering out phishing emails, now claims to stop pharming websites. This alteration was brought in return to the on the increase threat that identity theft represents on the web and the on the rise complexity of pharming assaults.

Pharming websites impersonate legal sites such as banking or ecommerce and make use of social engineering to swindle users into parting with their user names, passwords and other confidential info while they by mistake log into the fake sites. The web properties frequently make use of URLs that give the impression of being similar to the target site.

For instance, replacing the “w” in wells fargo with two “v”s (vvellsfargo.com), adding an extra “i” to wachoviia.net, or by prefixing the target domain to the pharmer’s url, such as paypal.phishingsite.com.

Besides, pharming sites have turned out to be so well developed that visually making out the actual from the bogus has been almost without a solution.

Dirk Morris, founder and chief technology officer of Untangle, was quoted as saying,

Pharming is big business and the sites and techniques continue to become more and more sophisticated. Even Google Adwords has been used by cyber-criminals to bait victims. Our customers count on us to keep them up-to-date with the latest in security, and Untangle is pleased to provide this additional layer of protection for their users and networks.

Read

Recently I went through an interesting and informative article wherein researcher Ben Edelman was reported to have cited that a half-dozen cases of affiliate merchants being swindled by spyware, mainly by purporting commissions on organic traffic getting to the merchants. Edelman also mentioned that on the one hand where a few spyware purveyors are making attempt to wash out their image, the core designs of some cases even now acts as they all the time have like they even now keep track of user behavior activities, even now relay surfing to their central servers, plus even now display pop-up ads — behaviors users exactly disservice because of critical impacts on confidentiality and efficiency.

His prolonged objective of disdain, Zango, displayed in one exemplar of purporting a commission on organic traffic. To make it sounder, let’s take a look how a browsing session ensued for him while navigating to Blockbuster:

On May 13, my automated testing system browsed Blockbuster. Observing the requested traffic to Blockbuster, Zango opened a popup sending traffic to Roundads.com. Roundads redirected to Performics and then back to Blockbuster.

To a typical user, this pop-up is easy to ignore — just a second copy of the Blockbuster site, which users had requested in the first place. But the pop-up has serious cost implications for Blockbuster: If the user signs up with Blockbuster, through either window, then Blockbuster concludes it should pay a $18 commission to Roundads via Performics.

That’s a sham: Were it not for Zango’s intervention, Blockbuster could have kept the entirety of the user’s subscription fee, without paying any commission at all.

An other example of Edelman displayed that how Blockbuster rival Netflix also faced up such illegal claims for commissions. Edelman was quoted as saying of the deal Netflix has in place for this otherwise organic traffic,

Aside from reducing wasteful advertising spending, Netflix might also want to sever these relationships because the underlying spyware imposes serious costs on consumers.

Read

IBM, an inventor of magnetic tape storage over 50 years ago and a leading supplier of data encryption, was recently reported to have lost an unrevealed number of backup tapes that were contained with personal info of employees.

Company spokesperson Fred McNeese was quoted by SCMagazine.com that the tapes were unintentionally lost Feb. 23 whilst they were being transported by an intermediary purveyor from an IBM location in Westchester County, N.Y. to an everlasting storage capability.

Fred McNeese also mentioned that a few of the tapes, hinging on what info was being carried by them, were encrypted, whereas others were not. IBM would not make public to what number of tapes were lost or to what number of employees – lots of them retirees – were impinged on, however McNeese stated that the tapes are not easy to be accessed on a computer and none of the data has been misrepresented.

McNeese was quoted as saying,.

It’s a plural number (of affected people). We don’t know if anybody’s got them (the tapes), but if someone’s got them, we don’t want to give them additional information.

Read

An Austin based security researcher demonstrated how a software flaw, used to control oil refineries, power plants and other critical structures, can be hacked by terrorist groups or criminals.

The software is used to manage supervisory control and data acquisition, or SCADA, systems - computers that regulate the functioning of such important infrastructure as oil and gas pipelines, water treatment and power transmission facilities and the giant factories used by large technology companies.

Attendees at Defacon hackers conference on computer security were surprised as well anxious about vulnerabilities in infrastructures which affect our day-to-day life such as SCADA system.

The flaw can pose major problems, as it is capable of crushing SCADA computer systems, which carry mostly lightweight software, making it easy for intruders to cheat by sending a false request.

The main targets of attack are sensors within the facilities, linked to internet through encrypted connections, said Ganesh Devrajana, a security researcher with 3Com Corp.’s TippingPoint in Austin, Texas.

Authorities and other officials present at conference took it as a matter of great terrorism concern and emphasized the need to point out similar weaknesses existing in other programs.

Image Credit: ABC News

Via: Aviran

In creative crookedness, the spammers are genius. This is the stark reminder of recent arrest of Robert Alan Soloway in Seattle, Washington.

27-year old Alan Soloway, the high profile spammer whom Microsoft has portrayed one of top 10 spammers in the world was finally arrested by federal authorities for operating the fraudulent empire of mail fraud, wire fraud, aggravated identity and money laundering.

Soloway has been active in the infamous racket since 2003. He used zombies (computers infected with malicious codes) to send millions of junk mails and unsolicited bulk e-mails pursing people to use his internet marketing company to advertise their products.

The notorious spammer continued his illegal business even after loosing a $7 million lawsuit against Microsoft way back 2005. Soloway has the ability to send 20 million email advertisements in 15 days. So far, he has made a hefty amount of $773,000 out of illegal business.

The federal authorities are now planning to forfeit him from the money which he earned from his unfair business. He is kept in the federal detention for a hearing on Monday.

Image

Social networking sites are supposed to provide us powerful platforms where minds share ideas, but they are now open for online criminals who can access to your sensitive personal information shared on the net.

The security experts have demonstrated the security flaws of Web 2.0 sites at the ongoing Black Hat and Defcon hacker conferences. They have shown how MySpace is vulnerable to online criminals who can play with your personal information.

Rick Deacon, a 21-year-old hacker who attended the conference revealed that he has found out a security flaw in MySpace. It is zero-day flaw that invites online frauds to take away your personal web pages and inject malicious code. However, it does not have any affect on the IE, only Firefox Web browser is prone to this threat, he said.

MySpace did not comment on the Deacon’s revelation saying that they have a powerful security team.

It is the rudimentary problem that the leading web 2.0 sites face today despite their denial.

Image:

Smart PC Solutions recently rolled out a free USB Flash Drive-based anti-spyware and anti-virus solution, which claims to get you rid of making the vague decisions by offering you the better of two worlds: automatic security against all identified threats built-in with definitive performance whilst doing so. The solution is all the time with you. Keep your antivirus flash card always with you for ultimate protection. While traveling, make sure your security and confidentiality by examining Internet cafe PCs for viruses, spyware and keyloggers.

1-2-3 Spyware Free spots and does away with all types of viruses, spyware, Trojan and detrimental modules that may creep into your computer through the usual undertaking of surfing the Net. 1-2-3 Spyware Free is operated from a devoted USB Flash Drive, making it not possible for nasty programs to contaminate or put out of action the anti-virus.

1-2-3 Spyware Free makes downloads of all updates itself on a schedule, offering crystal clear and unattended operation, which is generally overlooked in more difficult and much more costly products. 1-2-3 Spyware Free is trouble-free and out of harm’s way to be utilized. Real-time safety informs you of any wary behavior that could be tried by a nasty program, and lets users obstruct perilous behavior to put a stop to infectivity.

Read

Symantec recently said to have filed a series of eight civil lawsuits against distributors of bogus Symantec software, looking for a total of over $55 million in damages from the cases caught up. Symantec alleges in filings in US District Court in California that the businesses are guilty of trademark infringement, copyright infringement, fraud, unfair competition, trafficking in counterfeit labels and documentation, plus fake advertising. Symantec has requested the consent of a jury trial in all case and is on the lookout for damages in proceeds from every entity ranging from $4M to $10M in every claim.

The software company is seeking $4 million US and $10 million in damages in individual claims from the following companies: Acortech (California), mPlus (California), Logical Plus (New York), SoftwareOutlets.com (Florida), Rowcal Distribution (California), Global Impact, Inc. (Florida), Directron.com (Texas) and eDirect Software (Canada). Symantec looked for a long-lasting ban in each of the lawsuits to block the companies named above from putting up for sale “unauthorized Symantec products” and to give in all alleged counterfeits of Symantec goods.

Symantec was also reported to have said that maybe fake software did not work well and smash up a user’s system, or it is potential to be laden with ID theft softwares. Bogus software are also not said to be capable of receiving automatic updates and so leave the user open to to new online threats. These software pirates were moving large quantities of counterfeit product and, as a result, numerous unsuspecting users are now at risk for having their information stolen or lost.

Read

Panda Labs recently claimed to have come across an online app that controls botnets, and not just any app, it is placed pretty good and provides you back certain pretty good info on the botnet, many a PCs, how many are up, where they are, etc. Known as Zunker, it churns out to be a computer management app like no other. Panda Labs has reported that the program can provide botnet creeps easily-accessible graphs of individual botnet performance, like the majority of available compromised “zombies” on every at any one time, and their levels of doings on a daily or monthly basis.

Practically, Zunker is said to sprint, as would any other PC management system not including that the intention of the app is against the law. Panda Software says that Zunker is being utilized to manage and keep an eye on tens of thousands of computers across up to 54 nations, which would let it be bridled by a rather standard botnet. It is claimed that 54% of the computers infested were controlled by it at the time of its detection.

Panda Software’s Luis Corrons, was reported as saying,

The program has been carefully designed and is easy to use. Zunker organizes the bots by country, and shows how many bots there are along with reports from each one, how much spam has been sent and what software has been used by the bots to send the spam (Gmail, IM, forums, etc).

Zunker is touted to be capable of providing botnetters information on the duration of meticulous botnets — how many bug-ridden computers were still being operated — and let files be downloaded to bug-ridden computers to carry out actions ahead of fundamental spam dissemination, like info thievery.

Read

An antispyware bill, which was introduced back in March by California Democrat Zoe Lofgren and Virginia Republican Bob Goodlatte, has finally been approved by the US House of Representatives

Sponsored by Zoe Lofgren, a California Democrat, and Bob Goodlatte, a Virginia Republican, the bill is reported to make it illegitimate to make access to a PC but for authorization to commit another federal crime, like a PC scam. Such crimes might bring about to up to five years imprisonment, while getting or relaying personal info so as to deceive or harm somebody carries a punishment of up to two years in jail, as does denting a PC.

The bill additional would endow the Department of Justice with US$10 million yearly for four years to handle phishing, or utilizing fake e-mail addresses or Web sites to bait unwary preys to give personal info like credit-card numbers and pharming, which is related with hackers redirecting traffic to bogus Internet sites to deceitfully gain personal data.

Read