PCWorld.com victim of DNS Cache poisoning?

I sent email to nic contact of pcworld.com today but if anyone has contact with them, please inform them of the issue: DNS resolver: removespyware.ru’s IP address is resolved as 70.42.185.10 70.42.185.10 is pcworld.com http://www.dozleng.com/updates/index.php?showtopic=16134

Latest Firewall Challenge results

1. Outpost Firewall Pro 20092. Online Armor3. Comodo Firewall 4. ProSecurity Outpost Firewall Pro 2009 6.5.2355.316.0597 leads the challenge with 99%, tightly followed by the paid version of Online Armor Personal Firewall 2.1.0.131 with 98% and the best free product – Comodo Firewall Pro 3.0.22.349 with 95%. ProSecurity 1.43, which will be replaced by Real-time Defender in the future, is on the third place with 93%. All these products reached the Excellent protection level. Online Armor Personal Firewall 2.1.0.131 Free and Kaspersky Internet Security 7.0.1.325 are close to the excellent results. Among the newly tested products, Ashampoo FireWall FREE 1.20 … Continue reading Latest Firewall Challenge results

Firefox 3.0.1 with security fixes

They announced the 2 yesterday and announced another one: MFSA 2008-36 Crash with malformed GIF file on Mac OS X Get v3.0.1 now to take advantage of the security fixes and other program fixes.  Release notes here.

Malware and Phished Colonial Bank website

Phishing E-mail: Colonial Vendors and Business Associates Phishing E-mail: Colonial Bank WebBiz Alert – Update Phished website with link to malware (auto-download) Only 9 malware scanner will detect the malicious file: http://www.virustotal.com/analisis/71edda93864f8daa8abbb2b113f3282a

Mozilla Security Advisories

MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running MFSA 2008-34 Remote code execution by overflowing CSS reference counter http://www.mozilla.org/security/announce/ http://www.mozilla.org/projects/security/known-vulnerabilities.html

Rogue Software: Antivirus Master

Antivirus Master – Rogue ProductDate Published: Tuesday, July 15, 2008Category : Rogue Security Software Also known as: FraudTool.Win32.UltimateAntivirus.m [Kaspersky]http://ca.com/au/securityadvisor/pest/pest.aspx?id=453137639 Site to block using hosts file and if you are using Outpost Firewall, add it in IP Blocklist:anvimaster.com – whois result hereanvi-scanner.com – whois result herescanner.anvi-scanner.com Note: today’s update on IP Blocklist includes the above to be block by Outpost Firewall.

Updated: CoU Updates Search engine in browser’s search bar

I have added CoU Calendar search engine for Internet Explorer 7, Firefox and Opera browsers today so I can search using the built-in search bar any posted updates in CoU’s Calendar. For CoU members and visitors (guests) who want this also, please follow the guide at http://www.dozleng.com/updates/index.php?showtopic=16074

CoU Updates Search engine in browser’s search bar

I have added CoU Calendar search engine in IE and Opera browsers today so I can search using the built-in search bar any posted updates in CoU’s Calendar. For CoU members and visitors (guests) who want this also, please follow the guide at http://www.dozleng.com/updates/index.php?showtopic=16074

Sick of Storm Worm news? I’m not

I am not really sick of hearing about Storm Worm news because it’s not like EICAR test file yet.  Why? Because with EICAR test file, all antivirus will detect it as EICAR but for Storm Worm, um.. not: It will offer secret_archive.exe file when user visits or clicks such links: So it is really not like EICAR like yet.  Scanners still need to do more work to be able to detect all variants of Storm Worm: http://www.virustotal.com/analisis/b0d43f3fa36f76695a0e30ee846322df Well, malware scanners have excuse, EICAR test file has no variant.