Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Mozilla raises Firefox security bar

by Shanmuga

"Firefox 3.0’s new anti-malware blocker, a tool that prevents some malicious pages from loading, is the browser upgrade’s most important new security feature, Mozilla Corp.’s head of engineering said today.

Read the full article →

A Malware Victim’s Story

by Shanmuga

"When you have spinal and liver cancer, computer infections are the least of your worries. But even the least of worries can diminish your quality of life. Tim, a resident of Aberdeen, Wash., just wanted to play some online games, his friend Sharon explained over the phone on Tuesday. Sharon provided her last name and […]

Read the full article →

Ben Edelman: C-NetMedia’s Anti-Spyware Offerings and Advertising Practices

by Shanmuga

"Not every "anti-spyware" program is what it claims to be. Some truly have users’ interests at heart — identifying and removing bona fide risks to privacy, security, stability, or performance. Others resort to a variety of tricks to confuse users about what they’re getting and why they purportedly need it.

Read the full article →

Is it time to consider PDF a threat?

by Shanmuga

"Adobe released patches for its Reader and Acrobat programs last Wednesday, but there’s reason to suspect that the company has closed the barn door long after the cattle fled. According to a blog entry at the SANS Internet Storm Center, this particular vulnerability has been exploited in the wild for several weeks. In this case, […]

Read the full article →

Beware unexpected e-Valentines, FBI says

by Shanmuga

"When the FBI issues a press release about Valentine’s Day, you can guess it’s not good news. The feds are warning Internet users about electronic Valentines that are booby-trapped with a computer virus. Computer security firms confirm that they have seen many variations of the virus, which often arrives in e-mail bearing loving subject lines […]

Read the full article →

Hackers turn to drive-by downloads

by Shanmuga

"Organised criminal hackers are waging a highly sophisticated war by exploiting vulnerabilities in end users’ web browsers using drive-by downloads, security experts warn.

Read the full article →

Microsoft Issues Biggest Patch Update in a Year

by Shanmuga

"Microsoft on Tuesday rolled out 11 security updates that patch 17 vulnerabilities in Windows, Office, Internet Explorer, Internet Information Server (IIS) and several other components and technologies. It was the most patch bulletins Microsoft’s has issued since February 2007, even though it yanked one expected update — scheduled last week to fix problems in VBScript […]

Read the full article →

Firefox 3 beta 3 polishes rough edges

by Shanmuga

"Mozilla has announced the official release of the third Firefox 3 beta, which includes many user interface improvements and a handful of new features. Firefox 3 is rapidly approaching completion, and much of the work that remains to be done is primarily in the category of fit and finish. There will likely only be one […]

Read the full article →

Top 11 Malware Threats To Watch Out For

by Shanmuga

"By the end of 2008, McAfee Avert Labs predicts it will have identified some 550,000 malicious programs, a 54% increase from 2007. With all the new malware emerging, we can expect new terminology to describe these constantly morphing threats. Here, then, is our only slightly tongue-in-check attempt to predict some of the rising threats in […]

Read the full article →

Mozilla Dismisses New Firefox Flaw Warning

by Shanmuga

"Published reports of an information leakage vulnerability affecting fully patched versions of the open-source Firefox browser have been greatly exaggerated, according to Mozilla chief evangelist Mike Shaver.

Read the full article →

Widespread encryption heralds new attacks

by Shanmuga

"Hackers will become more skilled at using encryption as the technology becomes more widespread, and could use it to launch new forms of attacks, according to security experts..

Read the full article →

ComScore Says ‘Researchware’ Isn’t ‘Spyware’

by Shanmuga

"ComScore chairman and co-founder Gian Fulgoni believes there’s a distinction between overt and covert data gathering. Market researchers, he suggests, rely on "researchware," in contrast to criminal researchers who employ "spyware." "Market research tracking software (we have dubbed it ‘researchware’) needs to be differentiated from ‘adware,’ ‘spyware,’ and ‘malware’ and should not be treated in […]

Read the full article →

Mozilla patches 11 Firefox bugs

by Shanmuga

"Mozilla Corp. late yesterday patched Firefox to quash 11 bugs, including one from three weeks ago that posed a threat to users who had installed any of the more than 600 add-ons for the open-source browser. Firefox 2.0.0.12 fixed four vulnerabilities that Mozilla ranked "critical," one it pegged "high" and three each rated as "moderate" […]

Read the full article →

Least privilege won’t solve every security problem, but it’s a significant step

by Shanmuga

"First and foremost, least privilege models prevent 90 percent or more of today’s malware. You can’t ignore that statistic. Malware writers may easily code around least privilege when they need to, but it does significantly cut down on software that can cause harm today. Second, least privilege mechanisms make it harder for malware to modify […]

Read the full article →

Malicious programs hit new high

by Shanmuga

"The number of malicious programs found online has reached an unprecedented high, say security firms. Reports vary but some estimates suggest there were five times as many variants of malicious programs in circulation in 2007 compared to 2006. Security company Panda Software said it was getting more than 3,000 novel samples of so called malware […]

Read the full article →

Microsoft slates 12 patches for next week

by Shanmuga

"Microsoft Corp. announced today that it will release a dozen security updates next week, matching the patch record set a year ago. Seven of the 12 will be tagged with the company’s highest threat ranking. "There’s not a Windows shop anywhere in the world that won’t need to deploy at least one of these patches," […]

Read the full article →

anti-CAPTCHA operations by spammers on Microsoft Windows Live Mail

by Shanmuga

"Websense Security Labs has discovered that Windows Live Mail accounts have been targeted in recent spammer tactics. In these recent attacks, spammers have managed to create bots that are capable of signing up and creating random Live Mail accounts that could be used for a wide range of subsequent attacks.

Read the full article →

Free tool blocks Facebook, MySpace, and Yahoo ActiveX vulnerabilities

by Shanmuga

"A researcher over at the Internet Storm Center has created a powerful GUI that will set the kill-bits on vulnerable ActiveX controls used in Facebook, Myspace, and Yahoo apps. These popular apps came under attack on Monday after researchers Elazar Broad and Krystian Kloskowski disclosed their findings to a online security newsgroup.

Read the full article →

Adobe, Apple Issue Security Updates

by Shanmuga

"Adobe has released an update to its free Adobe Reader application that corrects more than two dozen bugs, including several security holes. Separately, Apple this week pushed out a patch to plug a single security vulnerability in its iPhoto application.

Read the full article →

TrueCrypt 5 released

by Shanmuga

"TrueCrypt, an encryption program designed to hide your data from prying eyes, has released a new update that adds the ability to encrypt an entire disk. Seems like just about everyday we read about yet another exposure of sensitive data because someone’s laptop was stolen, but if those careless employees had used TrueCrypt it wouldn’t […]

Read the full article →

Antivirus Inventor: Security Departments Are Wasting Their Time

by Shanmuga

"Peter Tippett thinks it’s time for security professionals to wake up and stop wasting their energy. In a presentation here yesterday, Tippett — who is vice president of risk intelligence for Verizon Business, chief scientist at ICSA Labs, and the inventor of the program that became Norton AntiVirus — said that about one third of […]

Read the full article →

The top eight events that changed the course of computer security history

by Shanmuga

"Given the headlines lately, you could be forgiven for thinking that the biggest, baddest events in the history of computer security have all happened within the last few years. After all, there have been so many hacks disclosed that Stephen Northcutt of SANS recently observed, “The way we are going, there are only going to […]

Read the full article →

Kill ActiveX

by Shanmuga

"A wave of bugs in the plug-in technology used by Microsoft Corp.’s Internet Explorer browser has some security experts, including those at US-CERT, recommending that users disable all ActiveX controls.

Read the full article →