Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Oops… Tim Callan’s Verisign blog is having issues with EV certificateS…

February 23rd 2008

But, to be fair, his blog is not the only Verisign page that is missing the green address bar when it ought not… Let’s visit Tim’s blog at https://blogs.verisign.com/ssl-blog/.  Check this out. We load the URL – we see an alert about “secure and nonsecure items”.  When we see this error it generally means that […]

Read On 2 Comments

Batten down the hatches – we’ve got a new User Agent String

February 23rd 2008

It always happens – a new version of Internet Explorer is released and some web sites break because they are *not* using best practice when detecting browser versions. Internet Explorer 8 will introduce a new UAS, Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0), and I know that web sites are going to break.  The most […]

Read On 1 Comment

Malicious advertisement on MySpace.com

February 22nd 2008

  Sadly, the criminals behind the malicious Flash banner advertisements have been using “How2Vacation” creatives for a long time – in fact, How2Vacation was listed way back on May 2007 by MikeOnAds as a known malicious advertisement. The challenge that the advertising industry faces is how to share information more effectively.  It is frustrating to […]

Read On 2 Comments

Cleanator advertised on groups.msn.com

February 17th 2008

Cleanator.com has been mentioned on this blog before.  It shares an IP address with the now infamous macsweeper.com (and a I note a new entry according to Robtex.com, kavianltd.net. The advertisement and malicious redirect have been reported to the appropriate parties.  Bear in mind that with only a screenshot it will take a while to […]

Read On Comments Off on Cleanator advertised on groups.msn.com

Two suspicious Flash advertisements

February 17th 2008

An industry contact sent me two malicious SWF advertisements over the weekend.  Here are screen shots.

Read On Comments Off on Two suspicious Flash advertisements

Let’s have a look at who is behind malicious Flash advertisements…

February 14th 2008

Let’s have another look at incidents reported on this blog over time so that we can take a closer look at the inter-relationships we find between each incident.  We will look at just three incidents. INCIDENT 1: Malicious advertisement source – 4cetera.com INCIDENT 2: Press Release by Emusic about unauthorised malicious advertisements featuring Emusic – uniqads.com, adtraff.com and […]

Read On Comments Off on Let’s have a look at who is behind malicious Flash advertisements…

Malicious banner advertisement at 123greetings.com

February 13th 2008

If you get a Valentine’s Day greeting from 123greetings.com DO NOT GO THERE. There is a malicious banner advertisement being displayed with the egreeting card.  The malicious advertisement looks identical to the last one that I found, advertising DriveCleaner. This is the third time in the past month or so that I have seen a […]

Read On Comments Off on Malicious banner advertisement at 123greetings.com

The February security updates are available.

February 13th 2008

The IE Cumulative Security Update for February 2008 is now available via Windows Update. I’ve already rolled out this month’s patches – so far so good [;)] Information about all of this month’s security updates can be found here:http://www.microsoft.com/technet/security/bulletin/ms08-feb.mspx  

Read On Comments Off on The February security updates are available.

Time to get a few things off my chest.

February 12th 2008

I stand by my statement – Adobe Flash is turning into, nay is, the Typhoid Mary of the Internet. Information Week has picked up on my Typhoid Mary statement, and written about it here.  Let’s have a look at the article, and the comments. Those who have commented on the Information Week article have turned the […]

Read On 4 Comments

Alert: wish.com.au has been hacked

February 10th 2008

See… this is what happens when I take four days off.  This incident could have been reported to TPG last week [:(] It is strongly recommended that all web sites hosted on vweb12.tpgi.com.au ( be treated with extreme caution until we understand how and why this incident occurred. Hacked site URLDetected 7 Feb 08Reported 11 Feb […]

Read On Comments Off on Alert: wish.com.au has been hacked