Sunday, October 29, 2006

Time Magazine: Why Two Browsers are Better than One

By now you may have heard that the makers of the two leading web browsers launched their latest totally free editions, Microsoft's Internet Explorer 7 and Mozilla's Firefox 2, within a week of each other. Feature-wise, most news reports have already declared a winner: the long-awaited IE7 may be a vast improvement over its predecessors, but the new Firefox leaves it in the dust. While that's mainly true, here's what you need to know about each one, and why you should have them both on your Windows PC. (Firefox 2 is available for Mac users, although Internet Explorer is not.)

read more | digg story

Wednesday, October 25, 2006

Microsoft Ships Windows Defender At Last

Microsoft released the final version of its freeware Windows Defender anti-malware product yesterday. The software was designated beta since Microsoft relaunched it as Windows AntiSpyware nearly two years ago after acquiring it from GIANT Company Software.


Langa Blog: Microsoft Ships Windows Defender At Last

Saturday, October 21, 2006

Free Antivirus Programs Compared

A review on the 3 main free antivirus programs out there. I've tried them all myself and agree that AntiVir is the best of the three. All are better than having no antivirus, and some are better than paid antivirus programs.

AntiVir is easy on system resources, easy to use, and detects a large number of spyware programs as well. It's very good at detecting and removing the zlob trojans, aka SpywareQuake, SpyFalcon, Pest Trap, and all those other programs that have that balloon that that says you are infected.

AVG and Avast are good, too. Avast does annoy me because it talks to you. Yes, it will say things like virus definitions update or virus detected. A warning window and maybe a quick sound would be fine. You can turn it off, but it still silly.

read more | digg story

Thursday, October 19, 2006

Internet Explorer 7 Is Now Available

Internet Explorer 7 is finally out of testing and ready for anyone to use. It's been years since IE 6 came out. I think this is the longest time between new IE versions since it came out. Internet Explorer 7 finally brings tabbed browsing to the world of IE. Every other browser has had this for years, and it's one of the reasons I used Firefox. For those who haven't used tabbed browsing, it may not seem like a big deal, but once you start using tabs, you don't know how you manged before tabs. There's many other new features to IE that have been in other browsers also. RSS, built in search tool, and many other features Internet Explorer has been sorely lacking. It also has many security improvements. Time will tell on whether they help.

Check out IE 7 and download it here.

Wednesday, October 18, 2006

Careful where you download IE7 from

The Register is reporting that hackers are luring unsuspecting users to a fake download site for IE7 by an email that purports to be from support@microsoft.com. Trouble is, when they get there they aren't getting IE7 but a site loaded with trojan downloader codes. Full story here.

Whilst I'm on the subject of IE7, Yahoo have released their own version of IE7 today, even ahead of Microsoft. Great if you like the Yahoo toolbar etc. Personally I think I will wait for the clean version from Microsoft. You can check this site out for more information from Microsoft.

Internet Explorer 7 will be delivered through Automatic Updates - customers should complete preparations by November 1

Monday, October 16, 2006

Free Smileys From Ask.com Not so Free After all

Spyware researcher Ben Edleman takes a look at how Ask.com uses bait and switch tactics to get their toolbar installed. He even compares Ask's tactics to encyclopedia salesman trying to get their foot in your door.

While some may like having the cute smileys, the real reason is to get an Ask toolbar installed on your computer. Ben says that the toolbar moves the address bar (where you type in a web address) and puts their toolbar in the same place. That way,you may use the toolbar thinking you are just typing the url of where you want to go. After using the toolbar by mistake, you end up on an Ask search page full of advertisements.

Ask used to be called Ask Jeeves, but they retired that name and the butler mascot and go by Ask now.

read more | digg story

Saturday, October 14, 2006

Top Five Phish Brands for September

Paul Laudanski of Castle Cops has been very busy just recently, jetting all over the place giving presentations on Phishing Incident and Termination (PIRT). Because of this he hasn't yet had time to publish his top 20 list for September

However I do have a top 5 list so I hope that will do you for now. If you want to have a look at Paul's presentation then you can download it here. As always, the PIRT Squad are working very hard on our behalf, so don't forget to report your phishing emails.

  1. PayPal => 168

  2. eBay => 112

  3. Wachovia => 32

  4. Nationwide => 16

  5. BOA => 13
Anti phishing volunteers are always welcome, if you want to join the fight then Click Here to become part of PIRT


Wednesday, October 11, 2006

Sunbelt Counterspy Update 427

CounterSpy 1.5 latest update definition is 427

CounterSpy is able to catch more spyware than almost every other utility on the market because the CounterSpy threat database (with the signatures of every spyware and malware utility we can identify) is constantly updated. Our researchers constantly look for ways to improve our spyware searching database so that it catches all spyware that could potentially be on your system. Keyloggers, spyware cookies, remote access trojans (backdoors), and more are all identified.

http://research.sunbelt-software.com/download.cfm

CounterSpy offers a 15 day fully functional trial. So that means you can not only test how it detects spyware, but how well it removes spyware, malware, and other threats.

Ewido Is Now AVG Antispyware

Grisoft bought the Ewido program back in late April, so it's not a surprise to me that the name has now been changed. Grisoft also makes the popular AVG Anti-Virus program as well. For now, the program remains just like Ewido. I'm sure as time goes by, it will change.



AVG Antispyware
Date of Update: October 11th, 2006
Known threats in database: 463,940

AVG Antispyware scans your computer to clean any spyware that may have gotten on your computer. AVG Antispyware also has active protection to prevent spyware from getting on to your computer.

Hijackers and Spyware
-Secure surfing in the Internet without fear of annoying changes of the start page of your browser, tracking cookies and advertising bars.
Worms
-Nobody should receive e-mails in your name with malicious files in the appendix anymore.
Dialers
-Security against all kinds of dialers. No fear when receiving the next phone bill.
Trojans and Keyloggers
-No chance for thieves to steal your bank data and personal sensitive information by tapped Internet connections, remote controlled webcams or secret keyboard recordings.

Product Info & Download: AVG Anti-Spyware

Spy Sweeper Update 780

Spy Sweeper latest update.

Program Version 5.0.7. (Build 1608)
Spyware definition: version 780
Updated October 11th,2006
Protection against 153,022 spyware traces.

Spy Sweeper protects your computer in two ways. First, it uses what is called shields to monitor places on your computer that spyware will likely change. By alerting you, you can prevent spyware from even getting on your computer. The second way is the large threat database. With this update, there are over 150,000 known spyware threats that Spy Sweeper detects and removes, should anything undesirable get onto your computer.


Spy Sweeper available from http://www.webroot.com/consumer/products/spysweeper/

Spyware Doctor 3.0577 0

Spyware Doctor has been updated with new spyware definitions.

Latest Database Version: 3.0577 0
Intelli-Signatures: 87,184

Spyware Doctor protects your computer in 3 ways. First, it has the On guard monitor which watches places spyware will change your computer settings. By alerting you, Spyware Doctor gives you the option to not allow unwanted programs on your computer. Second, Spyware Doctor has a feature called Immunize that completely blocks known spyware from even installing. Third, spyware Doctor has a large detection database that removes spyware that has gotten onto your computer. I have used Spyware Doctor in tests against SpyAxe and SpyFalcon. It completely removed the those two. A restart of the computer and resetting my wallpaper was the hardest part.

A free scan is available from the Spyware Doctor Homepage:
http://www.pctools.com/spyware-doctor/

New Intelli-Signatures:

3.0577 0 - VSToolbar

3.0576 0 - Trojan.PWSteal.Lineage.HC

Extended Intelli-Signatures:

3.0577 0 - Backdoor.Rbot.AYL, Backdoor.Rbot.Gen, Backdoor.Wootbot.Gen, CWS, Deskwizz, PurityScan, SpywareNo, SpywareQuake, Trojan.Banker, Trojan.Popuper, Trojan.Proxy.Ranky, Trojan.StartPage.GEN, Webhancer, WinFixer, Yazzle Cowabanga, YourEnhancement

3.0576 0 - Ultimate Defender, YourEnhancement

General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

IE Spyad List Updated

IE Spyad has been updated. You can download all of these new versions at:

http://www.spywarewarrior.com/uiuc/resource.htm

What is IE Spyad? It is a free list of bad sites that are added to Internet Explorer's restricted zone. By putting those sites in the restricted zone, it limits the harm they can do your computer. Here is an excerpt from the author describing it:

IE-SPYAD adds a long list of sites and domains associated with known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer. Once you merge this list of sites and domains into the Registry, the web sites for these companies will not be able to use cookies, ActiveX controls, Java applets, or scripting to compromise your privacy or your PC while you surf the Net. Nor will they be able to use your browser to push unwanted pop-ups, cookies, or auto-installing programs on your PC.IE-SPYAD adds a long list of sites and domains associated with known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer. Once you merge this list of sites and domains into the Registry, the web sites for these companies will not be able to use cookies, ActiveX controls, Java applets, or scripting to compromise your privacy or your PC while you surf the Net. Nor will they be able to use your browser to push unwanted pop-ups, cookies, or auto-installing programs on your PC.

Here is an explanation on how to use it, including screen shots.
Many rogue Internet sites have been added to IE Spyad's protection list. A few that are of note include some of the fake Windows security sites that are from SmitFraud, better known as SpyAxe, SpyFalcon, and SpywareQuake.

Tuesday, October 10, 2006

It's Patch Tuesday For Windows.

It's the second Tuesday of October and that means it's time to update Windows. There are 6 critical updates this time, along with several other ones to protect your computer. Details of what's in this month's updates can be read at the Microsoft Security Bulletin for October.

Go to Windowsupdate.com to get them and protect your computer.

Monday, October 09, 2006

Google to buy YouTube in $1.65 billion stock deal

Google has laid speculation to rest — it is buying YouTube for US$1.65 billion in a stock transaction. YouTube operates a wildly popular Web site showing original videos in a range from amateurish to professional. It will continue to operate independently after the Google acquisition “to preserve its successful brand and passionate community,”

From Macworld.

Sunday, October 08, 2006

Unlocking the Mysteries of 'Svchost.exe'

Svchost.exe can, and usually does, run several instances of itself at any given time, each instance running several associated services. How do you find out what these "services" are?

Posted on the Langa Blog. I've been so busy, I didn't notice Fred Langa has a blog now. Anyways, a good and brief explanation on why you see svchost.exe more than once in your process list on XP and Windows 2000.

read more | digg story

Friday, October 06, 2006

MS Security Bulletin Advance Notification for October

Microsoft have released an advance notification for the updates that are due to be released next Tuesday.

Don't forget to prepare for the updates as I've outlined in an earlier entry - How To Prepare for Patch Tuesday.

On 10 October 2006 Microsoft is planning to release:

Security Updates

  • Six Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. Some of these updates will require a restart.
  • Four Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.
  • One Microsoft Security Bulletin affecting Microsoft .NET Framework. The highest Maximum Severity rating for this is Moderate. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.
Microsoft Windows Malicious Software Removal Tool
  • Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.
    Note that this tool will NOT be distributed using Software Update Services (SUS).
Non-security High Priority updates on MU, WU, WSUS and SUS
  • Microsoft will release No NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).
  • Microsoft will release two NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).
Microsoft Security Bulletin Advance Notification

Thursday, October 05, 2006

Microsoft give MVP Award to Adware Pusher

Microsoft's MVP program supposedly rewards "outstanding members of Microsoft's peer-to-peer communities, and is based on the past year's contributions those members make in those communities online and offline." So why have they given the creator of Messenger Plus an MVP Award, when he bundles the notorious LOP Adware in with his creation?

read more | digg story

Sitemeter