The week in security, vol. 4

December 6, 2007 - Comment

You’ve read and loved it three times before, so here it is for a fourth time — a big mess of security-related links. These rather orderly messes are compiled by ParetoLogic’s Jeff Green to edify and entertain those interested in spyware and PC security. As an aside, if you’ve e-mailed SpywareDaily[at]ParetoLogic[dot]com in the past couple

You’ve read and loved it three times before, so here it is for a fourth time — a big mess of security-related links. These rather orderly messes are compiled by ParetoLogic’s Jeff Green to edify and entertain those interested in spyware and PC security.

As an aside, if you’ve e-mailed SpywareDaily[at]ParetoLogic[dot]com in the past couple of weeks, chances are we didn’t receive your message due to a mind-melting supernova of spam. We’ll clean it up and get back to you as soon as we can. For other ParetoLogic contact info, look here.

Spyware/Malware/Virus/Phishing/etc:

In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation.

http://www.eweek.com/article2/0,1895,1945808,00.asp

Security company McAfee has acquired SiteAdvisor in a move to fortify defenses for people before they browse potentially malicious Web sites.

http://news.com.com/McAfee+buys+search-warning+company/2100-7350_3-6057923.html?tag=nefd.top

The antivirus provider said Tuesday that as profits from cybercrime grew in 2005, criminals increasingly tried to prevent antivirus providers from developing protection against the latest threats. "Honeypots," or lightly protected systems set up to collect samples of malicious software for antivirus companies, were a prime target, Kaspersky said.

http://news.com.com/Cybercrooks+ramp+up+against+antivirus+firms–and+each+other/2100-7349_3-6057654.html?tag=nefd.top

It’s easy to create malicious code, penetrate firewalls, and steal personal and financial information. "Ethical hacker" Andrew Whitaker can show you how

http://www.businessweek.com/technology/content/apr2006/tc20060403_499982.htm?campaign_id=bier_tca

The confrontation between virus writers and the anti-virus industry is escalating, with malware authors also going after fellow VXers.

http://www.theregister.co.uk/2006/04/05/vxers_at_war/

Anti-spyware activist Ben Edelman has flagged a spyware-powered click-fraud scam using Yahoo’s Overture advertising service to fleece advertisers.

http://www.eweek.com/article2/0,1895,1946001,00.asp

Hai Nam Luke has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks.

http://secunia.com/advisories/19521/

A NSW Police blunder has led to a database of email passwords – including those of the anti-terrorism chief and hundreds of journalists – published on the internet.

http://www.smh.com.au/news/national/police-secret-password-blunder/2006/04/05/1143916566038.html%5D

A rogue anti-spyware application is falsely identifying popular security products and file system tools as spyware. Security firm SurfControl advises users not to touch the application, UnSpyPC, with a barge pole

http://www.theregister.co.uk/2006/04/07/unspypc/

Security:

Hewlett-Packard acknowledged this week that software used to control two of its color printers could be exploited by attackers to remotely steal files from Windows PCs.

http://www.techweb.com/wire/security/184429355;jsessionid=EZ0OMLZO02CDGQSNDBECKHSCJUMEKJVN

Legal (Big Week):

‘Star Wars Kid’ cuts a deal with his tormentors.  Case settled out of court in what would have been the first case of cyber-bullying.

http://www.theglobeandmail.com/servlet/story/RTGAM.20060407.wxstarwars07/BNStory/National/home

Here’s the video for anyone who missed it over the last few years…

http://www.guzer.com/videos/starwarskid.php

Rocky Delgadillo’s office charged three officers of Enternet Media with criminally distributing spyware to some 18 million computers …

http://www.lavoice.org/index.php?name=News&file=article&sid=1654

And now for Direct-Revenue:

New York’s attorney general sued another Internet pop-up advertising company Tuesday, accusing it of secretly installing malicious programs on personal computers and sending ads through "spyware" that is already installed.

http://hosted.ap.org/dynamic/stories/S/SPITZER_SPYWARE?SITE=CADIU&SECTION=HOME&TEMPLATE=DEFAULT

And here’s the official press release which includes a link to the 76 page affirmation (statement of case and charges):

Attorney General Eliot Spitzer today sued one of the most elusive internet spyware companies, alleging that the firm surreptitiously installed millions of pop-up ad programs on consumers’ computers.

http://www.oag.state.ny.us/press/2006/apr/apr04a_06.html

German federal police on Tuesday arrested seven members of a suspected phishing gang on fraud charges after a three-month investigation.

http://www.techweb.com/wire/security/184428438;jsessionid=FQLSLC2Y4UFVQQSNDBECKHSCJUMEKJVN

In sharing information about an undercover federal investigation of Web frauds involving credit cards and stolen tax refunds, the Secret Service demonstrated that it can adapt with the times.

The seven initial arrests stemming from what the Secret Service has dubbed "Operation Rolling Stone" show that federal investigators have started to learn how to crack through deceptive IP addresses and encrypted IM communications.

http://www.eweek.com/article2/0,1895,1946230,00.asp

Misc:

Microsoft has urged UK PC vendors not to give customers the opportunity to buy a PC without a pre-installed operating system.

http://news.zdnet.co.uk/0,39020330,39261437,00.htm

Vehicles that are able to parallel park themselves while drivers sit and relax behind the wheel are coming to the United States, according to a Local 6 News report.

http://www.local6.com/technology/8458908/detail.html

Somewhere on a shelf in a cavernous warehouse in Alabama rests the life-like noggin of Philip K. Dick, quietly dreaming of electric sheep. Or maybe the robotic head of the legendary sci-fi author got blown up. These are among the possible explanations for the bizarre disappearance of an artist’s homage to Dick. But we’re getting ahead of ourselves. This tale of loss should start from the beginning.

http://www.wired.com/wired/archive/14.04/posts.html?pg=2

A few weeks back, a hack surfaced on the Internet that let users of Apple’s new Intel-based computers install Microsoft Windows XP.

It was probably more trouble than it was worth for most users, but Apple has come around with its own, much smoother pathway to Windows.

http://www.eweek.com/article2/0,1895,1946733,00.asp


Opinion:

Is it possible for a Mac to catch a Windows disease? Yes, though it’s not likely.

http://www.eweek.com/article2/0,1895,1947255,00.asp

Yes…it’s official…thanks to Boot Camp from Apple, you can now dual boot and run Windows XP on your new Intel based Mac!!!  Here are some screen shots of people that have!

http://www.eng.bu.edu/~anc/macosx_bluescreen/blue2.jpg
http://www.dealcatcher.com/forums/m_402248/tm.htm


Humour:

Motion Picture Association of America, Inc. (MPAA) chairman Dan Glickman and Recording Industry Association of America (RIAA) president Cary Sherman today announced the historic merger of the two organizations. The newly-created entity is being called the Music And Film Industry Association of America, Inc. The announcement, made today at the MPAA headquarters in Los Angeles, CA has been a long time coming, according to Glickman.

http://mafiaa.org/press_room/

Almost sounds like a real version of Wallace and Gromit in The Curse of the Were-Rabbit!

Pity if you will the poor burghers of the Northumberland village of Felton – living as they are under a palpable pall of fear provoked by the attentions of a monstrous, allotment-menacing devil rabbit.

http://www.theregister.co.uk/2006/04/07/devil_rabbit/

 

If you enjoyed this post, make sure you subscribe to my RSS feed!

Comments

Write a comment

*

This blog is kept spam free by WP-SpamFree.