Microsoft feels pressure of anti-virus issue

With viruses proliferating and many personal computers going unprotected, Microsoft Corp. feels greater pressure to include anti-virus software with Windows — but it’s also wary of the potential antitrust implications, the company’s top lawyer said Friday. “It is something we hear increasingly about,” said Brad Smith, Microsoft general counsel. “I have to say, it is a real cause of concern for us that 70 percent of consumer PCs do not have current anti-virus protection.” http://seattlepi.nwsource.com/business/170475_cybersecurity24.html I have to agree with Mr. Smith – read here why ūüôĀ

GMail security flaw

¬†I just discovered a rather serious security flaw in Google’s GMail service, currently in beta. If I wanted, right now, I could access the mailboxes of at least a dozen people, alter their user information, send e-mail using their address and otherwise generally fuck up their accounts. I won’t, of course. But if someone as essentially tech-clueless as I can do it, I rather imagine more savvy and unscrupulous parties are ready and waiting to exploit this weakness. Further: It’s not a technical flaw with the GMail system. It’s a combination of poor user interaction design and a little social … Continue reading GMail security flaw

Classroom & Bootcamp – HijackThis Logs

I’ve joined Bootcamp and Classroom few weeks ago to learn how to analyze HijackThis logs.¬† It was fun to learn how to use the HijackThis tool.¬† It’s¬†something like ‚Äúhunting for spywares!‚ÄĚ.¬† The HijackThis is available for everyone but there are some stuff¬†that is available only to Bootcamp and Classroom volunteeers.¬† Yes, we’ve seen online tutorials on how to understand and use HijackThis but there are more to know if you will join Bootcamp or Classroom.¬† HijackThis Experts and Teaching Assistants will guide everyone on what are the¬†first and important items to look for while¬†analyzing the Hijack¬†log because not all ‚Äúbad‚ÄĚ … Continue reading Classroom & Bootcamp – HijackThis Logs

Recent Phishing Attacks: “Notification of PayPal Unauthorized Account Access”

Summary Email title: “Notification of PayPal Unauthorized Account Access” Scam target: PayPal customers Email format: A HTML email Sender: service@paypal.comSender spoofed? Yes Scam call to action: “as a preventative measure, we have temporarily limited access to sensitive PayPal account features…To restore your account access, please take the following steps toensure that your account has not been compromised” Scam goal: Getting victim’s PayPal and eBay usernames/passwords; credit card information (number, PIN, bank, etc.), and personal information – address, e-mail, phone, etc. Call to action format: URL link Visible link: https://www.paypal.com/cgi-bin/webscr?cmd=3Daccount-verification-run Called link : http://210.80.157.200/verify.htmlResolved site: http://210.80.157.200/verify.html http://www.antiphishing.org/phishing_archive/04-23-04_PayPal_(Notification_of_PayPal_Unauthorized_Account_Access).html

Google’s E-mail Service Gmail, goes into Beta

Google’s new email service called, “Gmail” has officially went online in to beta mode. Users of Blogger.com will have the opportunity to test out the new service that gives you 1GB of storage, spam filtering, all with no pop-ups or banners. There is even a “search” feature that will allow you to find a specific email, similar to finding one in Outlook or Outlook Express. http://www.overclockersclub.com/?read=8291158

Toolbars Go Beyond Searches, Offer Multiple Functions

Search engine toolbars for the Internet Explorer browser have become nearly essential tools online: They can block pop-up ads, alert you to new e-mail, even protect you from scams. You’d need a half-dozen to combine all the best features, the Internet equivalent of leaving home in the morning with six different wallets. 11 toolbars were tested http://www.theledger.com/apps/pbcs.dll/article?AID=/20040425/NEWS/404250365/1001/BUSINESS

Week ahead: A chain of security happenings

Security will be the focus in the coming week, as industry giant Symantec gears up to report quarterly results and two trade shows delve into the topic. Symantec is expected to post a fourth-quarter profit Wednesday, while trade shows Information Technology Security Conference 2004 and the Risk, Security and Compliance Conference & Technology Showcase get under way back-to-back. http://news.com.com/2100-1084_3-5198965.html

Postini Announces New Educational Webinar Series to Eliminate Spam and Other Email Threats

Preemptive Email Security: How Enterprise Rent-A-Car Reduces Spam Postini, the industry’s leading provider of email security and management solutions, today announcedthey will be holding on-going webinars to educate corporations throughout the world on how to eliminate spam and other malicious threats to their emailsystems.¬† The first webinar, entitled, “How Enterprise Rent-A-Car Reduces Spam,” will be held April 27, 2004 from 12:00 pm to 1:00 pm EDT.¬† Webinar attendees will learn from email experts and a real-world case study on how to reduce spam and viruses, and improve corporate email security and productivity. http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/04-21-2004/0002156701&EDATE=

New Anti-Spam Software Invention Stops Unwanted E-mail at the Source

Starting from the idea that it would be much better to discourage the sending of spam e-mail rather thanhandling it once received, a father-son team working at ImagineNation of Swansea, MA, set out to invent a new system.¬† They reasoned that to be viable such a system would have to have the following attributes: ¬†¬†¬†¬† a) Not require any special action from the everyday user.¬†¬†¬†¬† b) Incorporate a simple method for charging a fee to send e-mail.¬†¬†¬†¬† c) And work within existing e-mail protocols. Making users pay for sending messages is a concept that’s been around since the beginning of … Continue reading New Anti-Spam Software Invention Stops Unwanted E-mail at the Source

Google Defends Scanning E-Mail for Ad Links

http://www.eweek.com/article2/0,1759,1572757,00.asp A Google Inc. executive on Friday told a conference of privacy advocates here that the company’s plan to electronically scan messages sent through its new Gmail service so it can link advertising to message content is a necessary tradeoff. “To have free e-mail, you have to have ads,” Nicole Wong, senior compliance counsel for Mountain View, Calif.-based Google, told attendees at the 2004 Conference on Computers, Freedom and Privacy here. “Ads are a great way to support free e-mail,” she said. Privacy advocates peppered Wong with questions about whether it is right to scan e-mail that comes to Gmail … Continue reading Google Defends Scanning E-Mail for Ad Links