Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Security

Browsing malicious websites

by Shanmuga

"Kaspersky Lab announces the publication of the analytical article “Browsing malicious websites” by Costin Raiu, Kaspersky Lab’s leading security expert in the EEMEA region. The article provides an overview of the threats a user may encounter when visiting seemingly safe Internet sites. The author examines what drives the cybercriminals and how they use websites to […]

Read the full article →

Windows 7 may be secure, but are Windows users safe?

by Shanmuga

"Windows 7 users got a nice surprise on Tuesday when Microsoft released its first set of security patches since unveiling the new operating system last month. Of the 15 bugs patched, none affected Windows 7. When Microsoft launched Windows 7, it was billed as the company’s most secure release ever — the culmination of a […]

Read the full article →

Drowning in Passwords: Tips to Stay Safe and Sane

by Shanmuga

"You’re savvy enough to know that identity theft and illegal access to personal and financial data are real-world problems that you want to avoid. But what are you doing about it? Odds are, not much, says Andrew Jaquith, a computer security analyst at Forrester Research. "There are two classes of people; those who seem to […]

Read the full article →

Microsoft unveils shield for critical Windows flaw

by Shanmuga

"With attack code that exploits a critical unpatched bug in Windows likely to go public soon, Microsoft wants users to run an automated tool that disables the vulnerable component. The bug in SMB (Server Message Block) 2, a Microsoft-made network file- and print-sharing protocol that ships with Windows, affects Windows Vista, Windows Server 2008 and […]

Read the full article →

Microsoft patches the Autorun hole

by Shanmuga

Microsoft has released patches to its Windows operating system which restricts the AutoRun entries in the AutoPlay dialog to only CD and DVD drives. Windows includes a feature known as “AutoRun” which lets automatic arbitrary code execution when removable devices are connected to the computer. Inserting a CD, DVD, USB and Firewire device or even […]

Read the full article →

5 Security Flubs Users Make When Browsing the Web

by Shanmuga

"You can install the best firewalls, patch religiously, and make sure your anti-virus software is always up-to-date, but there is one online risk factor you can never control: the user. Whether they are downloading dangerous content or falling prey to phishing scams, the end user continues to be the toughest security risk to mitigate in […]

Read the full article →

Creating a Public Nuisance with Insecure Web Sites

by Shanmuga

"…At issue are sites that harbor so-called cross-site scripting (XSS) vulnerabilities, which occur when Web sites accept input from a user — usually from something like a search box or e-mail form — but do not prevent users from entering malicious code or other instructions.

Read the full article →

Drive-by Downloads. The Web Under Siege

by Shanmuga

"..it is important to note that most modern Web browsers – including Internet Explorer, Firefox, and Opera – have added anti-malware blockers that provide early-warning systems when users attempt to surf to a rigged Web site. These blockers provide good value but, because they are blacklist-based, they do not provide 100 percent protection to Web […]

Read the full article →

Security holes, malware spike in 2008

by Shanmuga

"If you worry that the Internet is a scary place full of digital pickpockets and online identity thieves, your fears will be bolstered by the latest Symantec Internet Security Threat Report released Tuesday. The report finds huge increases in the number of security holes in software and the number of Internet threats, particularly attacks in […]

Read the full article →

Security Software: Protection or Extortion?

by Shanmuga

"…We Don’t Need No Stinking Security Software. Security software is a scam. A rip-off. A waste of money, a pain in the neck, and a surefire way to bring even the speediest PC to a crawl. Half the time it seems to cause more problems than it solves. Oh, and one more thing: It’s unnecessary.

Read the full article →

50 Free Temporary, Disposable and Forwarding Email Services

by Shanmuga

Every time you give out your email address on the web, you risk getting your email address abused by spammers. Instead of giving out your private email address, give out a temporary Disposable email address (DEA) which receives the messages and forwards to your private email address or displays it on the providers Website. The […]

Read the full article →

Microsoft Warns of Attacks on PowerPoint Vulnerability

by Shanmuga

"Hackers are launching attacks against an unpatched vulnerability in Microsoft Office PowerPoint, the company’s popular presentation program.

Read the full article →

Do I own my machine?

by Shanmuga

"The built-in Webcam light is on. It shouldn’t be on. I’m not using any recording, video-conferencing or photo applications. Why is it on? Is someone watching me? It’s at times like this I get the eerie feeling that I don’t actually, fully and completely own my machine. Turns out it was a driver problem, all […]

Read the full article →

Google plays down security concerns over Docs

by Shanmuga

"Google Docs users shouldn’t lose sleep over the security concerns a security analyst has raised about the hosted suite of office productivity applications, Google said late Friday. In an official blog posting, Jonathan Rochelle, Google Docs’ product manager, details why the company has determined that the issues included in the analyst’s report are far from […]

Read the full article →

Malware Is Getting Formidable, but So Are Your Defenses

by Shanmuga

"…You can think of Conficker as being the state of the art in conventional malware. It not only uses an important vulnerability, but it’s a sophisticated blended attack, using a wide variety of mechanisms to spread: pseudo-random domains, dictionary attacks on weakly-protected network shares, USB drives and more. You can admire the work that went […]

Read the full article →

Questions for Pwn2Own hacker Charlie Miller

by Shanmuga

Interesting interview with Charlie Miller, the researcher who broke into a fully patched MacBook machine using a Safari code execution vulnerability, posted by Ryan Naraine at ZDNet. Some tidbits from the interview: Why Safari? Why didn’t you go after IE or Safari? It’s really simple. Safari on the Mac is easier to exploit. The things […]

Read the full article →

Intel Chip Vulnerability Could Lead to Stealthy Rootkits

by Shanmuga

"Security researchers have released proof of concept exploit code for an Intel chip flaw that could be abused to compromise computer systems with stealthy rootkits. The attack takes advantage of an Intel CPU caching vulnerability that can be used to get unauthorized access to SMRAM, a protected region of system memory where the system management […]

Read the full article →

Microsoft Announces Availability of Internet Explorer 8

by Shanmuga

"Microsoft Corp. announced the availability of Windows Internet Explorer 8, the new Web browser that offers the best solution for how people use the Web. Internet Explorer 8 is easier to use, faster and offers leading-edge security features in direct response to people’s increasing concerns about online safety. A new study commissioned by Microsoft and […]

Read the full article →

Is Your PC Part of a Botnet?

by Shanmuga

"So how can you tell if you’re machine is part of a botnet and what can you do about it? Statistically, Macs are safe from botnets, although not completely immune to all threats as we noted here. But if you have a Windows based machine, Prevx suggests you stay on the lookout for an Internet […]

Read the full article →

25 Most Dangerous Programming errors revealed

by Shanmuga

"The US National Security Agency has helped put together a list of the world’s most dangerous coding mistakes. The 25 entry list contains errors that can lead to security holes or vulnerable areas that can be targeted by cyber criminals.

Read the full article →

Serious bug opens major browsers to phishing attack

by Shanmuga

"Here’s how an attack would work: The bad guys would hack a legitimate website and plant HTML code that looks like a pop-up security alert window. The pop-up would then ask the victim to enter password and login information, and possibly answer other security questions used by the banks to verify the identity of their […]

Read the full article →

UK ISPs to log all emails for 12 months

by Shanmuga

"New rules set to come into force in March will require all Internet Service Providers (ISPs) to keep information about every e-mail sent or received in the UK for a year. As the day grows closer so the opposition becomes more vocal.

Read the full article →

Firefox 3.0.4 fixes several security issues

by Shanmuga

Mozilla today released Firefox 3.04 which addresses many several security issues among other bug fixes and exhancements. The update fixes the following critical issues:

Read the full article →