Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Winfixer raises it’s ugly head again, via blog comments and site redirects

February 28th 2007

***WARNING – DO NOT GO TO THE MUNGED URLS IN THIS ARTICLE*** First I see a sudden jump in emails and comments asking for help to get rid of Winfixer popups – three comments asking for help with winfixer in the space of just 12 hours:http://msmvps.com/blogs/spywaresucks/archive/2006/12/20/433987.aspx Then I get this email today asking for help: […]

Read On 2 Comments

The case of the mysterious colour changing, bouncing box

February 26th 2007

The PC on which the mysterious bouncing box appears is a brand new Compaq. The bouncing box, which is translucent, is not clickable.  It seems to have no purpose other than to exasperate and confuse and encourage victims to “look here”. A short video of the mysterious bouncing box is here:http://msmvps.com/files/folders/spywaresucks/entry619001.aspx Here is a PDF copy of […]

Read On 8 Comments

Yuck! Spam via Incredimail….

February 24th 2007

The stuff of nightmares…. of course, y’all know NOT to go out and buy IWRS, yes?

Read On Comments Off on Yuck! Spam via Incredimail….

Critical updates for Firefox released

February 23rd 2007

Firefox has been updated to fix a major security flaw.  Updates have been released for Windows, Mac and Linux (being v.1.50.0.10 and 2.0.0.2). The primary vulnerability addressed by this update is the location.hostname vulnerability.  It is a doozy, potentially allowing hackers to tamper with authentication cookies for third party sites, and control how Web sites […]

Read On 1 Comment

Internet Explorer 7 vulnerability – browser entrapment

February 23rd 2007

Ok, *this* vulnerability demo is good.  Unlike other IE7 vulnerabilities that have been reported that resulted in weird behaviour that made it obvious to all but the most unobservant user that something weird is going on, this one is pretty much impossible to spot. That being said, to take advantage of the vulnerability you’re going […]

Read On 3 Comments

New IE7 KB article – blank Web pages in IE7

February 21st 2007

A Web page is blank in IE7http://support.microsoft.com/default.aspx/kb/933006 No fix just yet; simply a note that they’re aware of the cause and working on it.

Read On 1 Comment

More malware in advertisements on an MSN network

February 21st 2007

Following on from my article about malware spreading via the Windows Live Messenger banner advertisements, there is another report that malware was being advertised via MSN Groups. You can see the report, and screenshots, here:http://apcmag.com/5382/microsoft_apologises_for_serving_malware_to_customers I’m hoping to get in touch with the magazine’s correspondent to gather more information about the incident – times and […]

Read On Comments Off on More malware in advertisements on an MSN network

A sobering thought

February 18th 2007

“You are only as good as the love you have for other people”http://www.gapingvoid.com/Moveable_Type/archives/003737.html Yes, I know, such sentiments don’t pay the bills, but still, it hit true tonight.

Read On Comments Off on A sobering thought

New IE7 knowledge base articles, including an important one about IE7 and printing issues

February 18th 2007

Exchange System Manager crashes in Exchange Server 2003 after you install IE7http://support.microsoft.com/default.aspx/kb/932513 FIX: Error message when you try to run a Web application that uses the window.external property in IE7: “Internet Explorer has encountered a problem and needs to close”http://support.microsoft.com/default.aspx/kb/931324 The email message header does not print when you try to print an email message […]

Read On Comments Off on New IE7 knowledge base articles, including an important one about IE7 and printing issues

FYI: Trend CSM 3.5, Small Business Server 2003 and the .notaccount user account

February 17th 2007

I installed Trend CSM 3.5 on my SBS2003 server at the office a little while ago.  A few days later I noted security alerts in my Server Performance Reports that merited further investigation. The errors are the classic “unknown user name or bad password” which is not unusual in and of itself – all of […]

Read On 6 Comments