Spyware Hunter

The researchers at IBM’s Internet security systems division were recently reported to have stated that the targeted attacks that makes use of flaws in famous doc file formats and carry out using tough-to-detect shell code are getting growingly all the rage menace these days. For the last twelve months, there has been a speedy boost in the quantity andvariety of shell-code execution attacks leveled at their customers, maintained by experts working with the ISS X-Force group

Amongst the kinds of files at the most laid into in the assaults are the most widespread categories of docs spread to scores of organizations nowadays, such as Microsoft Word, Excel and PowerPoint formats, plus Adobe PDF files. Persistently, the bug-ridden docs are being disseminated inside particular organizations by hackers who pose the threats as legal files being distributed within an organization using e-mail. Not like hordes of Web-borne threats, the ostensibly inoffensive docs usually does not warn of their in fact having malware code.

Researchers at the Atlanta-based ISS division asserted that in view of the fact that the threats are repeatedly disseminated from masqueraded e-mail addresses, which seems to be reliable, and exist within docs that haven’t been checked with the similar security threats as Web-borne apps in current years, end users are being victimized by the attacks in throngs.

Read

The bug that started baffling loads of Google users last Thursday is even now creating trouble despite of being company’s Personalized Home Page renamed and upgraded. The creepy-crawly is said to be causing the free service, which claims to enable users to turn Google.com into a customized portal, to revert an undecided number of pages to their default settings or to months-old versions. The majority of users pass their considerable time and exertion modifying their Google.com page with syndicated content feeds, plus with “gadget” apps, to turn it into their center for Web content, online services and apps. They were irritated.

A source acquainted with the problem was reported to have maintained that the creepy-crawly impinged on “a single digit percentage” of users of this service, which is figured in “tens of millions,” as said by company sources, which means that the figure of infected users may well vary from a minimum of 200,000 to more than a few million. Discussion forums hit the roof previous Thursday morning with information from troubled users, and Google, subsequent to making a clean breast of the trouble, didn’t proclaim it fixed unless more or less 36 hours after.

Read

Sophos has warned PC users of unsolicited emails and protect their web gateways, after finding out a spam campaign, which is said to be masquerading as an electronic postcard, however in fact makes an attempt to allure the incautious into being bug-ridden by a web-based Trojan horse.
Sophos claims to have taken over hundreds of the spam messages being disseminated that are contained with the subject line: You have received a postcard!

Rest of the body text reads as follows:

‘Hello friend !
You have just received a postcard from someone who cares about you!

If you’d like to see the rest of the message click here to receive your animated postcard!

Computer users who are tempted to go after the web link are landed to a downloadable executable file (postcard.exe), which is made out proactively by Sophos products as Zapchas-A and is developed to let remote hackers access to the bug-ridden Windows PC.

Read

Marshal, an email and Internet content security supplier, recently launched a Service Provider Edition of its MailMarshal software, along with its security offerings of a ‘new generation’ security appliance founded on its MailMarshal SMTP software. MailMarshal Service Provider Edition is said to make available MSPs and ISPs with hosted email security services, which can be modified to their customers’ particular needs.

Services delivered are comprised with email filtering, policy control, archiving and reporting and the capability of granting differing levels of administration access rights to service suppliers’ customers’ own administrators. MailMarshal SPE presents service suppliers to modify their email security services - and give different levels of administration access rights - to go with the specific needs of each customer.

The MailMarshal eIOOOO is a hard-edged email-processing platform that gives support to load balancing out of the box plus is also pre-configured with an anti-virus scanner. It is claimed to make available content security plus a protection against malware, making it perfect for firms that choose the convenience of appliance hardware however have need of all-inclusive content protection at the gateway perimeter.

The Marshal security suite is also said to supply content assessment plus security against security risks such as: spam, phishing, viruses, spyware, fraud, porn, DHA, DOS, regulatory non-compliance and intellectual property theft, says the company.

Read

Agnitum recently rolled out Outpost Security Suite Pro (OSS), which is said to be battle-hardened security against the malicious Web-borne threats to home and small-business Windows users. A complete, proactive security, Outpost Security Suite Pro is included with a single product the company’s commended personal firewall, a groundbreaking complete anti-malware engine, intelligent spam filter, tools to put a stop to illegitimate program interactivity, and self-defense protocols that stops efforts made by malware to find a way around or close down the software.

Mikhail Penkovsky, global vice-president for Marketing and Sales, was quoted as saying;

OSS provides the robust security that users expect from Agnitum. This is not only another security suite. Our broad-based proactive protection, built around one of the world’s most advanced personal firewalls, delivers efficient, low-impact protection for all users, no matter what their level of experience.

The suite is based on Agnitum’s Outpost Firewall Pro, a high-quality personal firewall that claims to give protection of over a million users globally. For the last many years, Outpost Firewall Pro has integrated anti-spyware, ID theft security and leak prevention, plus the groundbreaking community-based ImproveNet service, which claims to embed users with hardened and ready-to-use configuration regulations that is a symbol of real-world application deployments.

Read

Anchiva Systems recently announced to have united with Anti-Spyware Coalition, ASC, the global organization, which is aimed at educating end-users as to the risk of spyware. Spyware is mostly coined to detail all forms of malware and ASC has issued a guideline, which is titled as “Best Practices: Guidelines to Consider in the Evaluation of Potentially Unwanted Technologies,” that evidently characterizes the underlining technology that brings about software malware.

Anchiva Systems makes available network-based gateway continent security suites that is able to put a stop to spyware from getting into a company. Gateway-based solutions are capable of blocking increasingly perilous files because of being made download from the Internet. A few internet-borne bugs do not even need users’ action to make download to their computers.

Ari Schwartz, deputy director of CDT and coordinator of the ASC, was quoted as saying,

Our greatest asset in the fight to combat spyware and give users back control of their own computers is the concerted efforts of leaders in the anti-spyware space. We are extremely pleased to welcome Anchiva Systems into the Anti-Spyware Coalition, and look forward to drawing on their extensive expertise in the area of network-based protection.

Samuel Chen, Chief Technology Officer, was quoted as saying,

We are pleased to belong to the ASC. The ASC has been instrumental in defining what spyware is and how anti-spyware vendors should classify whether a specific code should be classified as spyware. Each week Anchiva collects thousands of potential dangers programs from its worldwide network of honey pots. The ASC guidelines make our classifications decisions easier.

Read

Sunbelt Software recently announced the top 10 most widespread spyware threats for the April 2007. The information have been derived from monthly scans done by Sunbelt’s award-winning anti-spyware product, CounterSpy.

The top ten most prevalent spyware threats for the month of April are:

(1)Trojan-Downloader.Zlob.Media-Codec 1.68 per cent
(2) Virtumonde 1.59 per cent

(3) Trojan.FakeAlert 1.16 per cent

(4) ClickSpring.PuritySCAN 0.61 per cent

(5)Malware-Stopper 0.52 per cent

(6) Trojan.Unclassified.gen 0.38 per cent

(7) Trojan-Downloader.Win32.ConHook 0.30 per cent

(8) 180solutions.SearchAssistant 0.30 per cent

(9)Trojan.Smitfraud 0.28 per cent

(10) SpyLocked 0.26 per cent

Read

Robot Genius, an Oakland, Calif.-based start-up, recently said to have created a new suite of security softwares developed to fight nasty software assaults such as spyware, adware, and rootkits by a threefold approach of prevention, finding and remediation. The products are able to be downloaded independently or utilized together.

The first module of the software package is RGcrawler Data, an automated Web crawler for pinpointing and trying out likely nasty software on the Internet; the 2nd is RGguard, a browser plug-in that cautions the user of possible attacks; and the 3rd is Spyberus, a behavior-enabled security client developed to hunt down and undo the results of nasty software deployed on a computer.

The company maintains that Spyberus has a 99% success rate in reversing spyware, adware, rootkits, and other types of nasty software. Free trial versions of RGcrawler Data and Spyberus can now be availed on Robot Genius’ Web site; RGguard is coming soon.

Read

Small firms have been called on to keep away from being apathetic while it comes to skirmishing security, it has been purported. Recent research from the FBI discovered that 90% of small companies had experienced a security crisis with the last twelve months, so far the National Cyber Security Alliance (NCSA) has maintained that most are even now not defending their resources, as said by vnunet.com.

Ron Teixeira, executive director of the NCSA was quoted as saying,

Even though small business recognize the need to make cyber-security a priority, many are intimidated by the perceived resources needed to implement the right security plan.

As a remedy to this, the NCSA has recommended organizations to utilize effectual passwords and powerful authentication processes, plus to deploy anti-virus and anti-spyware products. Likewise, a security contingency plan ought to be in place in the event that a system is exploited, it included. In the meantime, a Scottish hacker who gained entry in US government PCs from his North London flat could face 40 years in jail if his newest appeal is ineffective this week. But Gary McKinnon, 41, claims he was just trying to come across aliens.

Read

Fraudsters are reported to be active in Sussex and its nearby areas. They are said to be committing theft of one’s ID and make use of it to obtain money, credit or goods in their ’s name. ID fraud is claimed to be flourishing in the country seeing that crooks commit theft of someone’s ID and utilize it to get money, credit or goods in the person’s name.

One of the county’s ID theft hotspots is said to be Central Brighton, where almost 35% of its populace are victimized by a high-risk of ID theft crime, whereas Horsham, Haywards Heath, Worthing and Chichester are the other areas in Sussex that have been highlighted as other ID theft hotspots in the study by credit experts.

The police have warned people that ahead of throwing their credit card receipts, bank statements and bills, considering them their regular rubbish, they should think twice and thrice as the thrown rubbish could make an easy way for the offenders to commit theft of their personal or private info. Sussex Police further say that another way for offenders to obtain personal information is card cloning, wherein a dishonest staff in shops or restaurants swipes a card and info are downloaded onto a PC.

Not only this cash machines are also being targeted by the offenders, frequently putting bogus facades on the machines to copy people’s pin numbers. Sussex Police is now forewarning public not to throw any personal documents into their waste and to shred anything they think might consist of their personal information. Detective Chief Inspector Trevor Bowles, of the main crime branch at Sussex Police, said: “There are a number of ways people can protect themselves against identity theft.

Read