Spyware, Adware News

Sometimes even the most protective phalanx of antivirus, antispyware and antiphishing programs is not enough to shield a computer from online dangers. Check Point Software’s ZoneAlarm ForceField provides an extra defensive layer by cloning your Web browser to catch dangerous software before any damage can be done.

Rather than providing a magic bullet to stop online attacks by itself, ForceField augments traditional security software. While using ForceField, your browser looks and feels normal, but the program creates an encrypted virtual browsing zone that blocks malicious software at the first hint of an online threat. ForceField looks for malware signatures and a range of suspicious activities; it also uses heuristics to identify and block phishing. The software also can block dangerous downloads and spyware while keeping Web sites from recording your computer’s keystrokes or screen images.

ZoneAlarm ForceField Features:

While traditional security, such as firewalls, antivirus, and security suites, protects your PC, ZoneAlarm ForceField protects your browser and everything you do on the web. Anytime you open your browser, ZoneAlarm ForceField goes to work, shielding you from browser exploits, blocking phishing and spyware sites, jamming keyloggers and screen grabbers, and preventing malicious downloads.

Virtual Browsing - Builds a protective shield around your web browser. It creates a temporary clone of your browser so that anything you do on the web runs in a protected shell, sealed off from your PC.

Browser Threat Immunity - Immunizes your browser against security holes in Internet Explorer and Firefox. Prevents web sites from installing spyware and other malicious software onto your computer without your knowledge.

Private Browser - Erases all cache, cookies, history and passwords from the current session when you close the browser. This prevents the next person who uses the computer from seeing where you’ve been.

Keylogger & Screengrabber Jamming - Keeps your keystrokes and click trails private. Discovers and blocks silent spyware from stealing your identity.

Dangerous Download Detection - Detects dangerous downloads and alerts you to problems before they begin. You can download files safely, and free from worry that they might harm your computer.

Anti-Phishing - Click where you want, your personal information remains secure. Dual-engine anti-phishing identifies and stops fraudulent websites that trick you into revealing personal data.

Spy Site Blocking - Prevents spyware from infiltrating your PC by detecting and blocking websites known to distribute spyware.

Website Safety Check - Checks the credentials on every website you visit, so you know if the website is a safe place to enter data and download files.

Spyware Flushing - Auto-cleans your Web browser memory each time you close it, wiping away spyware and other dangers.

On-The-Fly Encryption - Temporary file encryption protects the data you enter online from spyware for an additional measure of security.

Seamless Integration - Compatible with all popular web browsers, including Internet Explorer and Firefox on XP and Vista.

Security Software Compatibility - Run ZoneAlarm ForceField with your current antivirus or security suite, for an essential level of critical web protection you would not have otherwise. It is compatible with all security software currently on the market.

Fast and Easy to Use - Installs in seconds and runs fast so it won’t slow you down. You can surf the web like always, knowing your PC is protected. ZoneAlarm ForceField runs automatically, without any setup or training.

source:www.zonealarm.com

No Comments yet »

A new type of spam focuses on consumers’ frustrations with high gas prices, according to McAfee Avert Labs.

The emails begin by complaining about the rising cost of gas and then direct the reader to a website, with the promise the “product” will save the user 70 cents per gallon. The spam also mentions this gas saver was highlighted on news channels and online videos.

Gasoline-related spam is still relatively new, however. McAfee stated that so far it makes up only 0.2 percent of all spam being circulated.

No Comments yet »

Zango is an adware which monitors the web sites and URLs that you visit, and generates popup adverstiments every few minutes.

Instruction to remove Zango from your pc

1. Go to Start > Settings > Control Panel > Add or Remove Programs
2. Find Zango on the list
4. Click the Change/Remove button
5. Check the component(s) you wish to remove, click Next and follow on-screen instructions
6. Restart your computer

or download uninstaller from Zango

http://corporate.zango.com/support/faqs.aspx#a2

What Next? Like this post? Share and Bookmark

No Comments yet »

Since Vista’s release last year, Microsoft has hailed the operating system’s security features. Some have even claimed the operating systems would make anti-virus software obsolete.

PC Tools took that opportunity to examine Microsoft’s claims, and conducted research over six months with 1.5 million of its customers using its ThreatFire Anti-Virus Software.

If a threat occurred on the machines, it was sent to a back-end service of PC Tools, which was then ran through a third party anti-virus company to check the validity of the threat.

The research found that while Vista had improved upon XP’s ratio of 1,021 per 1,000 machines, there were still 639 threats per 1,000 machines running Vista.

Strangely enough, some of Vista’s biggest security problems may actually stem from features that were supposed to increase security.

“Macs and Vista have similar security prompts that pop up when you install software,” said PC Tools CEO Simon Clausen.

“On Macs, those prompts come up a lot less often, usually for really big procedures, but on Vista, they come up a lot more frequently.”

“I think after a while, Vista users just get tired and become blasé about their security, and either ignore the prompts or turn them off- people don’t want to have to be a security guard for their PC.”

Clausen stressed that although Vista boasted somewhat of a security improvement over XP, there were less threats to Vista as it has a smaller distribution base.

source:http://www.itnews.com.au/News/75846,research-suggests-microsoft-overestimated-vista-security.aspx

No Comments yet »

A new contest running at the DefCon hacker conference this year (held in Las Vegas in August) is already stirring up controversy. It will challenge hackers to design malware that can’t be detected by anti-virus programs such as ones offered by Symantec and McAfee.

The contest is dubbed Race to Zero, which refers to zero-day exploits — malware that is so new that protection against it doesn’t exist yet.

Contestants aren’t being asked to create new viruses but to modify existing ones to see if the anti-virus programs can catch them.

The contest has been criticized by anti-virus vendors for encouraging hackers to thwart their products and teach virus writers new tricks. But the contest organizers say it’s actually a test to show how poorly anti-virus products work and to demonstrate that not all anti-virus shields are equal.

“Poorly performing antivirus vendors should be called out,” say the contest organizers on their web site.

“The majority of the signature-based antivirus products can be easily circumvented with a minimal amount of effort,” they write.

Race to Zero

source:blog.wired.com/27bstroke6/2008/04/hacker-challeng.html

No Comments yet »

Web surfing offers many different kinds of experience – the useful and the redundant, the profitable and the idle, the regular and the bizarre. And certainly one of the strangest experiences is when you try to visit a familiar page and suddenly find yourself on a completely different one, related or unrelated to the page you were trying to reach. What happened? Has the website changed its business?

Actually, the page got jacked. Perhaps you were searching for the page in a search engine, and got a link which you thought should be what you were looking for. But when you clicked on the link, you found that you were in the wrong place. Even wrong enough to get you embarrassed when there are other people nearby. Search engines do not make that kind of mistake, so what happened was the page go jacked, which fooled the search engine into thinking that it was relevant for your search.
You know how the internet works. There are banner ads and other kinds of ads which earn revenue for that site, and that is how they make a profit. Websites and businesses for alliances among themselves, and carry each other’s ads on their sites. When you got to a particular site and click on an ad that you find interesting, the original website gains some amount of money from the site to which your click takes you. So it’s possible for websites to make a profit from your visit. Naturally, they want you to visit their page.

That all fine and acceptable, as long as they use legitimate means of bringing you to their site. Like optimize their site for search engines, or promote their site in some other way. But when they become too eager, they sometimes cross the line between what’s acceptable what what isn’t. And sometimes they use pagejacking.
Sometimes in order to increase the rating of some visitor-starved website, the whole content of a popular site is copied by an unscrupulous webmaster and duplicated on his own site. This is done merely in order to fool the search engines into thinking that it was the original item. And when this ploy works, the duplicate site appears among the top results returned by a search engine on a search made using the relevant key words or phrases.

This increases the chance that users will click on that link on the results page, without looking to carefully at the address to which it leads. And when they do, they will be taken to the duplicate site briefly, before being automatically redirected to another site – the one that could use some visitors to generate revenue. This is known as pagejacking.
As a user, there is little you can do in order to prevent this kind of nuisance, except be more careful about the actual URL of the link you’re clicking on the search engine results page. If you are opening asite from your bookmarks, or typing in the URL directly, there’s no chance of your being duped by a pagejacker.

If you’re the owner or the maintainer of the website that got jacked, however, it’s a different story. The main way you can hit back against the offenders is by suing them or threatening to sue under the copyright law. The content and design of your website is copyright material, and they’re violating you copyright by reproducing it without your permission. So send them a formal letter asking them to cease and desist, and follow it up with a letter from your lawyer. Pagejackers are normally sniveling cowards, and this should suffice to solve the problem. If it doesn’t, however, do not hesitate to go to court – you’re sure to win this one, and also get compensation for the business you lost because of this obstruction.

No Comments yet »

Identity theft is the fastest growing crime in cyberspace. In real life social situations, your identity cannot easily be stolen because you are identified by your appearance, your voice, your manner of speech, your habits and so on. Anyone who knows you should be able to tell at once whether it is you or some other person.

But on the internet, your name, looks, voice, habits etc. are not revealed. You are identified only by your electronic signatures, which can easily be forged by those who know how to do such things. And this may lead to financial loss and other trouble.

Imagine that in real life someone goes to a friend of yours, claims to be none other than you, and asks to borrow money. He will be instantly rejected because your friend knows that it isn’t you but some other person posing as yourself. But on the internet this is not so easy to find out. Anyone who is able to steal and use your electronic signature virtually becomes you, for all practical purposes. If that person has your credit card number or social security number, for instance, he or she can easily use that to make financial gains, to your detriment.

How to Prevent Identity Theft
How do you prevent against identity theft? There are a number of procedures that experts recommend. You cannot totally control whether your identity will be stolen or not, but following these shall at least minimize the risks.

First, use passwords to lock down all aspects of your online presence. You need to be specially careful about your social security number and your credit card number. Your telephone accounts can also some time be under threat, so it is best not to ignore those either.

What is a good password? If you use one that is easy to remember, then it will be easy to break, too. Do not use your mother’s maiden name or the name of your first school, or any such real information that can be fairly easily retrieved by a diligent cracker. Rather, use combinations of letters, numbers, spaces and punctuation marks to make it nearly impossible to break. And make it as long as possible – the longer the better. Remember, you shouldn’t write down your passwords anywhere, specially not on your desktop pad or on a file on your hard drive. These can be easily accessed by a determined person.

Secondly, use software like GPG (GNU Privacy Guard) to protect your privacy through strong encryption. This type of program can encrypt all your files and folders in a way that only one who knows the password should be able to access them. They can also encrypt your e-mail too, so that only the authorized recipient would be able to read them and anyone trying to intercept them midway shall only find a handful of jumbles.

Identity theft can also occur through insecurely handled real-life hard copies of important documents. Use a high quality paper shredder or incinerator to dispose of all your trash – you never know what little sliver of paper contains enough info to let your personality be hijacked. If you use traditional mail, drop your letters only at securely located mailboxes, and collect them personally from the post office.

1 Comment »

Are you afraid of ghosts? If yes, then chances are that you’ll be afraid of Linux viruses too, because there is an inherent similarity between them. Neither of them exists. In that sense, this article is rather similar to a ghost story – it is about something that sounds sinister enough to make you afraid, yet does not really exist.

Well, that isn’t completely and absolutely true. There is a famous Linux virus called Bliss, which was discovered in 1997. you want to know why it is so famous? Is it because it’s a particularly damaging, destructive, hairy sort of virus? Not really. In fact, it was rather lame, and couldn’t survive in the wild unless someone took special care of it and kindly provided it with what it needed to live. So what was the reason behind Bliss’s seemingly undeserved glory?

The reason is that Bliss is the only one of its kind – it is the only virus ever created for Linux. In fact, the programmer who created it posted it on a well known mailing list for programmers, admitting that it was only released as a proof of the concept that a virus could be written for any platform, but it wasn’t expected to survive in the actual environment of real computers running Linux for serious purposes.

And that was all, since that day in 1997, not a single virus has been seen for Linux. The anti-virus company McAfee tried to make much of Bliss, and released an anti-virus product for Linux, claiming that they were the ones who had found out all about it, and how it was one of the deadliest viruses known to civilization.

Which was totally untrue, because a programmer from that mailing list posted the virus to McAfee for inspection. What the company was trying to do was basically tap into the Linux computing sector with their AV business. Linux has traditionally been a sector of the market where AV companies have never made any progress, except in a special situation. McAfee were trying to remedy that by highlighting Bliss. It didn’t work, however. The Linux AV didn’t sell at all, and till date no computer in the world has been destroyed by this ‘deadliest of infections’.

What makes Linux so good? Apart from its inherent security model that is built into its kernel (which is the heart of the operating system), Linux is created as a multi-user system from the ground up. There is one administrator called root, who has the permission to do anything with the system. All normal users have write permission only in their respective ‘home directories’, which do not contain any system files. So any Linux virus, even if it existed, would only be able to work within the user’s home directory. Linux users are trained from the very beginning not to log in as root unless there’s some serious system-level work to be done. So the virus never has a chance of infecting the system.

The same could work for Windows if users could be trained enough to create unprivileged accounts for themselves and work with those when doing normal work. But Windows does not encourage this, because there are several everyday tasks like installing new programs or running defrag, which need administrative rights.

So if you have been made miserable by viruses, you can either burn a pocketful of bucks on the latest AV solution, or you could switch over to Linux and forget the whole sorry business for the rest of your life.

No Comments yet »

How many e-mails do you get every day that offers to sell you medicine without prescription, and at a fraction of their real cost? How many offers do you get to buy pirate software at one-tenth of their catalog prices? Do you find your inbox so full of unwanted, unsolicited e-mail that you can’t find the useful mail? Do you spend several minutes or hours everyday downloading mail that ultimately turns out to be useless? If you answer ‘yes’ to any of the above, then you are the victim of e-mail abuse, commonly known as ’spam’.

Spam mail is a booming business on the internet, and it is growing every day. Thousand of millions of unwanted e-mail are released every day, though only a fraction of that ever reaches actual addresses. Who does it, and why? And what can you do about it?

Spammers are clever technicians who have found out a way of sending mail in great bulks to thousand of addresses at once. They sometimes set up their own mail servers, but they can also use the service of other people’s servers without their knowledge. The dominant method of sending e-mail is known as SMTP (Simple Mail Transfer Protocol), and by default this service doesn’t have a way to authenticate the sender of an e-mail. So free mail servers on the internet often accept mail from anyone, and relay it to other servers. This type of freely accessible SMTP server is known as an ‘open relay’ an is one of the greatest nuisances on the internet. They are a free ball for spammers.

Continue Reading »

No Comments yet »

Beware of worms in your computer. When I say worms, in case you are a complete newbie in the field, you should know that they are not real worms. Worms are, in fact, a kind of program which enter your pc. You will never know, but in your computer will reside a program foreign to your needs. And in probability it, or more likely they will steal your delicate information for somebody with doubtful motives.

Does that sound like a thriller in the making? Well, it should, but also, it is the truth. Last year, bank frauds cost decent people around the world billions of dollars. And most of the money that got siphoned was lost due to faulty security. Your computer might be the next target.

Unaware, you might invite that Trojan Horse which will ruin your finances for good for the rest of your life. Therefore, be careful. Do not let worms into your computer as you would never let worms in your food.

Continue Reading »

No Comments yet »