Wednesday, August 29

Spammers and PDF spam

Is PDF spam simply not working for the spammers?:

Sophos has reported a dramatic decrease in the amount of spam emails using PDF file attachments to spread their unwanted messages. According to research compiled by SophosLabs, Sophos's global network of virus, spyware and spam analysis centres, levels of PDF spam have dropped from a high of close to 30 percent of all spam earlier this month, to virtually zero.

"If PDF spam email messages have all but disappeared, there can only be one reason - they're not working," said Graham Cluley, senior technology consultant for Sophos. "Spammers wouldn't turn away from PDF spam if it was an effective way to fill their pockets with cash and direct consumers to their websites, dodgy goods or dodgy investment opportunities. This drop indicates that the spammers are finding it hard to fool the public into reading marketing messages distributed in this way."

Levels of PDF spam spiked on 7 August 2007 when a single campaign, designed to manipulate stock prices of Prime Time Group Inc, accounted for a 30 percent increase in overall junk email levels. Since then, however, PDF spam has shown a sharp decline.

"Of course, it's too early to say that this is the last we will see of PDF spam. There could still be more campaigns to come, but its dramatic fall may be a sign that we are witnessing its demise," continued Cluley. "Our advice remains the same to all internet users - it make sense to ensure that your email inbox is properly defended with a product which can defend against the threats of spam and malware."

Sophos experts point to a number of disadvantages for spammers who try and use PDFs in their spam campaigns which may explain its decline.

"PDF spam simply isn't as immediate a way of communicating with your intended audience as an instant glimpse of the marketing message in your victim's email preview pane," explained Cluley. "Furthermore, have you tried opening a PDF file? Adobe Acrobat chugs into action, taking a fair while to load before it can show you the contents of the PDF. Consumers learn pretty quickly that it's a waste of time to open every unsolicited PDF they receive, which means the spammer's message doesn't get read, and the cybercriminals don't make any money."

Cross-site scripting and Firefox 3

Mozilla Aims At Cross-Site Scripting With FF3

Web 2.0 has enabled a broad array of Websites to be more engaging for users. It has also enabled a new and now very common attack, namely cross site scripting, commonly referred to as XSS attacks.

Mozilla is aiming to put an end to XSS attacks in its upcoming Firefox 3 browser. The Alpha 7 development release includes support for a new W3C working draft specification that is intended is secure XML over HTTP requests (often referred to as XHR) which are often the culprit when it comes to XSS attacks. XHR is the backbone of Web 2.0 enabling a more dynamic web experience with remote data.

New ESET Online Scanner

Scan and disinfect viruses with ESET online scanner

This new online scanning service allows users to scan and disinfect systems and emails without uninstalling existing antivirus solution.

ESET has announced the availability of a new online scanning service that allows users to scan and disinfect systems, hard disks, compressed files and email - without uninstalling their existing antivirus solution.

Powered by ESET NOD32 Antivirus software, the ESET Online Scanner is a free Web-based service that allows non-ESET users to identify hidden threats, get a "second opinion" on the health status of their computers and determine the strength of their current malware solution.

Based on ESET's heuristic detection technology, ThreatSense, the ESET Online Scanner provides a comprehensive analysis of a computer's malware infection status. It not only detects both known and unknown forms of malware, including viruses, worms, Trojans, phishing and spyware, residing on a computer, but it also cleans the system and allows the end-user to troubleshoot and repair many malware-related problems.

Additional ESET Online Scanner Benefits:
  • Fast and Easy-to-Use: The scanner is installed and activated by a single button
  • Always Up-to-Date: Uses the most current threat signatures and heuristic detection algorithms available from the ESET Threat Lab
  • Deep Scans: Scans inside archive files, runtime packed executables and email messages
  • Anonymity: The Online Scanner can be used anonymously as contact information is not required to use the service.
"Not all antivirus and anti-malware products are as effective as they should be and users are starting to understand that the AV solutions that come with their computers may not catch existing malware or protect them from emerging threats," said Paul Brook, Managing Director of ESET UK.

"Despite this realisation, users still rely on these limited solutions for protection, which may lead to potential disaster for them if they become infected and misery for others if their machine is used to distribute malware. Our new online scanner allows any computer user to see very quickly if they have a problem and in many cases help them rectify it too," added Paul Brook.

The ESET Online Scanner is available now.

New Norton Antivirus and Norton Internet Security

Norton Internet Security - Norton Antivirus 2008 Launches:

Symantec has added new shields against malware and Web vulnerabilities in the latest versions of Norton Internet Security and Norton AntiVirus software.
The 2008 versions of the products include a feature called Browser Defender, a behavioral-based technology that defends against drive-by downloads and other threats targeting vulnerabilities in Internet Explorer.
"The notion behind the technology was there's thousands of exploits and the exploits change on a daily basis, but there's only a handful of vulnerabilities—for IE there's 39 vulnerabilities," said Rowan Trollope, senior vice president of consumer products at Symantec.
Other enhancements include Norton Identity Safe, which is aimed at protecting personal information when a user is buying, banking or browsing online. It enables users to control which information is shared with Web sites, and it fills in passwords automatically to thwart keylogging software, company officials said.

Read more here

Saturday, August 25

Firefox Security and Privacy Extensions

Extend Firefox for better security & privacy:

In the last few years Firefox gained a massive support from surfers worldwide. This is mainly because Internet Explorer, still the biggest player on the market, has proved to be hopelessly insecure.

Besides offering more security than IE by default, what users appreciate is the fact that Firefox can be expanded with add-ons that offer a variety of functions not integrated in the browser upon install. This article will explore useful security and privacy extensions that will add to your browsing experience. These are:-

Spamavert
ShowIP
Greasemonkey

Go get your firefox tightened up for better security and more privacy.

New Crimeware targeting companies

New crimeware targeting companies


The new variant, “Prg”, researched by Finjan’s Malicious Code Research Center (MCRC) and also noted by Don Jackson of managed security specialist SecureWorks, relays sensitive data collected during employees’ online activity to hacker websites, using SSL-encrypted format. Finjan’s MCRC found criminals’ servers in Panama.

Jackson's research suggests that the crimeware has been modified using a Trojan development kit to listen for hacker commands on a special TCP/IP port. These commands allow the hacker to gain remote control of the compromised system. Jackson’s analysis of log files on the servers storing the stolen data found that information was coming from corporate PCs, as noted in his report.

"This trend highlights the alarming growth of crimeware toolkits being sold to criminals by hackers. Such crimeware is focusing on stealing sensitive business data and sending it back to criminals’ servers over encrypted communication channels like SSL, in order to go undetected", said Yuval Ben-Itzhak, the CTO of Finjan.

Elcomsoft System Recovery for Windows

Elcomsoft System Recovery helps when you get locked out of Windows:

Elcomsoft has released the Basic version of Elcomsoft System Recovery, an easy-to-use boot-disk application that makes it simple to access your Windows computer if you've been locked out because of password problems. Unlike the Standard and Professional versions of Elcomsoft System Recovery, which are designed for network administrators and power-users, the Basic version give business owners and home users a foolproof solution to system recovery. Purchase the program online, download the software, burn it to a CD-ROM, boot your computer, and reset the Administrator's password.

Under a special agreement with Microsoft, Elcomsoft System Recovery is based upon Microsoft Windows Preinstallation Environment (Windows PE), a hardware-independent minimal Windows system that replaces the antique DOS boot disk that was used to set up new computer systems.

Elcomsoft System Recovery is completely self-contained, allowing you to access each of your desktops and workstations (but not servers), without the need for third-party or proprietary software. Simply insert the CD, and boot your computer.

Why PCI isn’t enough to ensure data security today?

Ounce Labs thinks it’s critical for consumers to know that, in many instances, their credit card data is still not secure:
  • Compliance statistics are miserable with less than 50% of merchants able to meet the minimum standards of PCI DSS.
  • Even when merchants do comply, some portions of the standard are worded in ways that are open to interpretation.
  • Published reports have appeared that some unscrupulous auditors are taking advantage of non-compliant merchants by forcing them to utilize the auditors compliance services in order to pass – a blatant conflict of interest that compromises the integrity of the PCI audit process.
Read more here