SiteAdvisor vs Trend Protect… and SiteHound

MVP Sandi Hardmeier shared her thoughts about McAfee SiteAdvisor’s rating system that should be flagging unwanted domains as red. Read about it at http://msmvps.com/blogs/spywaresucks/archive/2007/04/29/882740.aspx


I added SiteHound by Firetrust here because I’d like to share too that SiteHound does flag what Trend Protect can flag and in Calendar of Updates of forum, I posted some screenshots and some other info why SiteAdvisor misses what Trend Protect and SiteHound don’t. Read it at http://www.dozleng.com/updates/topic14149

Many Defenses To Fight Zero-Day Hacks

To fend off zero-day vulnerabilities, companies should consider implementing a “default deny” capability at the perimeter of their networks, said Russ Cooper, senior information security analyst at Cybertrust. The idea behind that approach is to allow only specific traffic in and out of a network gateway while blocking everything else by default.


http://www.sci-tech-today.com/news/Many-Defenses-To-Fight-Zero-Day-Hacks/story.xhtml

GFI launched EndPointScan (free web-based portable storage device scanner)

Location:  http://www.endpointscan.com/


GFI Software, an international developer of network security, content security and messaging software, announced today the release of EndPointScan, an industry-first, free online service that allows you to check what devices are or have been connected to computers on your network and by whom. Using this diagnostic tool, you can identify those areas where the use of portable storage devices could pose a risk to the integrity of the company’s systems and data.


The uncontrolled use of portable mass storage devices – USB sticks, CDs, floppies, smartphones, MP3 players, handhelds, iPods, digital cameras – coupled with data theft techniques such as ‘pod slurping’, are a major threat to network security and could lead to security breaches, data theft, viruses and other malware being uploaded to a company’s network. Earlier this year, for example, a scientist who worked with DuPont was arrested after he had copied $400 million worth of commercially-sensitive information from the network. This is why it is vital for you to know what devices have been or are currently in use on your company’s network and to be in a position to take action where the risk of a breach is high.


http://www.gfi.com/news/en/endpointscan.htm

Google pulls malicious sponsored links

Google has removed paid links that advertised seemingly legitimate Web sites but actually tried to install nefarious programs on PCs.


The links were displayed as “sponsored links” after visitors entered specific queries into Google’s search service. Clicking the links would ultimately go to a legitimate site, but by way of another site that attempted a “drive-by installation” of password-stealing software. Miscreants placed the links using Google’s AdWords service for advertisers.


“Google identified and canceled AdWords accounts displaying ads that re-directed users to malicious sites,” a company representative wrote on a corporate blog on Thursday.


http://news.zdnet.com/2100-1009_22-6180022.html

$10K hack challenge winner says Vista’s code more secure than Mac’s

Dino Dai Zovi, the New York-based security researcher who took home $10,000 in a highly-publicized MacBook Pro hijack on April 20, has been at the center of a week’s worth of controversy about the security of Apple Inc.’s operating system. In an e-mail interview with ComputerWorld, Dai Zovi talked about how finding vulnerabilities is like fishing, the chances that someone else will stumble on the still-unpatched bug, and what operating system — Windows Vista or Mac OS X — is the sturdiest when it comes to security.


There’s 9 question to Dino Dai Zovi at ComputerWorld


 

Google AdWords Attack Documented in New Video From Exploit Prevention Labs

Security software developer Exploit Prevention Labs (http://www.explabs.com) today released a video at http://explabs.blogspot.com/2007/04/video.html documenting how cyber criminals are using Google’s popular AdWords advertising system to infect unsuspecting users with malware. The video is also posted to YouTube at http://www.youtube.com/watch?v=iD0wdzQb8XY


PRNewswire