Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Ok, so let’s have a closer look at the MalwareAlarm redirect

November 13th 2007

When you first hit the redirect, this is what you will see.  Please forgive the greyed out sections in the IE history (internal URLs).  Open Practice is our accounting program and unrelated to the hijack. Now, the History you see in the screenshot is in order of sites visited – the first quick check to make […]

Read On Comments Off on Ok, so let’s have a closer look at the MalwareAlarm redirect

Malwarealarm hits www.whitepages.com.au

November 13th 2007

And, yes, the infamous mysurvey4you, blessedads.com and prevedmarketing.com are all involved. The fact that the redirect is happening at www.whitepages.com.au means that in all likelihood www.yellowpages.com.au and www.whereis.com.au (and any other Sensis site, for that matter) are a risk This is a SWF causing a redirect: medrx.sensis.com.au/content/SkyAuction/106804/skyauction_300x250.swf Screenshot: When the SWF loads the victim is […]

Read On 1 Comment

whitepages.com.au hit by malwarealarm outbreak

November 13th 2007

Yep, visitors to whitepages.com.au, owned by none other than Telstra/Sensis, is yet another victim of the MalwareAlarm Flash advertisements hijackings. More to come shortly; I have the screenshots, I have the network captures, and I will blog the details shortly. In the interim, I’m trying to get in touch with somebody at whitepages.com/Telstra to get […]

Read On Comments Off on whitepages.com.au hit by malwarealarm outbreak

The Dunce of the Week award goes to…..

November 12th 2007

…the employee of Seagate who said that “Yes, the drive is formatted, but I have never heard of a virus that lives in the master boot record.“ Ok, so the employee had never heard about a virus that infects the MBR, therefore Seagate didn’t have a problem?  Putting aside the fact that the infection had […]

Read On Comments Off on The Dunce of the Week award goes to…..

PASSPORT.COM v GMAIL scandal

November 11th 2007

Yes, I can confirm it is true.  Microsoft’s passport.com will not accept an @gmail.com address when registering, despite their declaration that “you can use any existing e-mail address from any e-mail provider when you create your credentials for Windows Live ID” So, I enter my gmail address and I see…. AND, The site will not […]

Read On 4 Comments

Haute Secure – this does NOT make sense…

November 10th 2007

We’ve tracked down the problem.  It was apparently a specific custom rule in ISA, *but*, the rule is a “the kids are not allowed to visit these web sites” rule, and: 1) Haute Secure obviously isn’t in that rule 2) None of the sites in the rule share an IP with Haute Secure’s server 3) […]

Read On Comments Off on Haute Secure – this does NOT make sense…

An update re smh.com.au and Haute Secure

November 9th 2007

Updated. Well, Haute Secure is nothing if not responsive.  I’ve been offline for a few hours, and came back to no less than three emails from HS. According to Iain at Haute Secure, HS should not be blocking smh.com.au.  It turns out that my copy of HS has not synchronized with the HS servers since 15 […]

Read On Comments Off on An update re smh.com.au and Haute Secure

Haute Secure is blocking smh.com.au!

November 9th 2007

Oh, this is not good… I go to www.news.com.au and I see this: I go to www.smh.com.au and I see this: Access to smh.com.au is completely blocked. Clicking on the More Info link reveals: I’m going to get in touch with the guys at Haute Secure and see if I can find out *why* this […]

Read On 3 Comments

Me.dium is acting a little weird lately

November 9th 2007

This is what I am seeing on my blog – the widget should be noting my presence, but doesn’t.    and this is what I am seeing at IE-VISTA – this time the widget can see me, but nobody else. A week or so ago the widget on my blog was acting like the widget […]

Read On 1 Comment

MySpace Hacked, Exploits Target Alicia Keys’ Page And Others

November 8th 2007

“Avoid Alicia Keys’ Web page on MySpace. It’s been hacked. Roger Thompson, CTO at Exploit Prevention Labs, has found multiple hacked MySpace pages, including the page for Alicia Keys, the social networking site’s fourth most popular music artist.“ Full story here. I have blocked all access to MySpace and myriad other social networking sites for […]

Read On Comments Off on MySpace Hacked, Exploits Target Alicia Keys’ Page And Others


Archives