Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

ALERT: Please treat the following domains with extreme caution

December 31st 2009

advertisingcommunity-s.com ICANN Registrar: DIRECTI Created 2 November 2009 IP: 217.23.10.16 – Worldstream, Netherlands. Registrant hidden behind Privacy Protect, dedicated hosting. Implicated in malvertizing incidents before: http://www.mywot.com/en/scorecard/advertisingcommunity-s.com ***** adrime.net ICANN Registrar: ENOM, INC Created 18 November 2009 IP: 64.27.26.81 – Calpop.com Inc, Los Angeles Registration Service: director@climbing-games.com (www.ruler-domains.com) – a familiar name and email address; see […]

Read On Comments Off

Quote of the day…

December 30th 2009

“The point is that I was dumb enough to think that Ubuntu was secure enough out here in the Linux wonderland that I love so much that I ended up on gnome-look downloading everything that looked cool without examining everything first.”   The quote is taken from a thread about a “screensaver” for Ubuntu, sourced […]

Read On Comments Off

So, do you think that there is yet another World of Warcraft account theft operation planned?

December 29th 2009

    All of the following domains list XINNET as the Registrar: worldofwaracrft.com (created 15 November 2009) IP: 98.126.210.19 – Krypt Technologies worldofwaruraft.com (created 24 December 2009) IP: 174.139.248.82 – Krypt Technologies Sharing IP with worldofwancraft.com (created 17 December 2009) worldofwrracraft.com (created 27 December 2009) IP: 98.126.122.67 – Krypt Technologies worldofwarcraft-account-instructions.com (created 27 December 2009) […]

Read On 1 Comment

Badly implemented password security

December 28th 2009

Go to https://twitter.com/signup, right click the page, and then select “View Page Source” (FF/Google Chrome) or “View Source” (IE).  There, in all its glory, you will find Twitter’s list of forbidden passwords (all credit to Sophos who pointed out that the list was available for all to see). For what its worth, I have long […]

Read On 3 Comments

Malvertizing at tweetmeme.com?

December 28th 2009

  Wayne Small, the owner of sbsfaq.com called me today and asked me to look into a malvertizing incident that he experienced while at tweetmeme.com.  You can see his report here. I have not been able to reproduce the behavior that Wayne saw thus far, but do note that tweetmeme seems to be using openx.  […]

Read On Comments Off

Silent Noise was hacked?

December 23rd 2009

See here: http://matchent.com/wpress/?q=node/500   What is interesting is the IP address that the author of the blog post cites as the source of the trouble – 72.167.232.86. 72.167.232.86 belongs to GoDaddy (p3nlh036.shr.prod.phx3.secureserver.net).  The server at that IP is host to over 4,000 web sites.   As for how Silent Noise was hacked – that I […]

Read On Comments Off

ALERT: Please treat content from these domains with caution…

December 17th 2009

cdn-adrotation.com cdn-businessweek.com cdn-gamingahead.com cdn-justin.tv cdn-ovguide.com cdn-thestreet.com cdn-transworld.net cdn-veoh.com pdnads.com The Registrants are all hidden behind Domains By Proxy, Inc, all domains are hosted at IP 74.81.169.61 (carohosting.net), all were registered using Godaddy, and all were created on 14 July 2009. All are using name servers at softdreams.eu softdreams.eu was registered on 6 February 2009 to […]

Read On Comments Off

ALERT: Adobe Flash and Air have been updated

December 8th 2009

Security updates have been released – details here: http://www.adobe.com/support/security/bulletins/apsb09-19.html After updating your Flash version should be 10.0.42.34 and your Air version should be 1.5.3

Read On Comments Off

Fraudware that looks like Windows 7…

December 8th 2009

I saw this screenshot at the Panda Software blog.  The author of the blog post wrote that the replica of the Windows 7 explorer shell displayed by the fraudware site was “devilishly deceiving and might even fool an expertly trained eye”. I would hope that an “expertly trained eye” would spot the fact that the […]

Read On 2 Comments

Caught installing a skimming device….

December 3rd 2009

If you have ever wondered how long it takes to install an ATM skimmer, check this movie out (yes the crook was caught red handed) http://www.liveleak.com/view?i=074_1252777692

Read On Comments Off