Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

ALERT: malvertizements currently in circulation

September 10th 2008

There are several malvertizements in circulation – some of which are “new”.  I have not seen malvertizements featuring Dish Network or Lumosity before today.   Cardstore.com – created using Fuse   Dish Network – created using Fuse   Fast free new car quotes – an older style malvertizement that was NOT created using Fuse   […]

Read On Comments Off on ALERT: malvertizements currently in circulation

Update QuickTime please…

September 10th 2008

A new version has been released that addresses several security issues. Quoting from the Apple security announcement: “QuickTimeCVE-ID:  CVE-2008-3615Available for:  Windows Vista, XP SP2 and SP3Impact:  Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code executionDescription:  An uninitialized memory access issue exists in the third-party Indeo v5 codec […]

Read On 2 Comments

ALERT: malvertizements featuring Travelwise are being distributed …

September 10th 2008

The sample I saw hit aboutstat.com (aboutstat.com/crossdomain.xml, and aboutstat.com/c/index.php?id=<<removed>>) Registrar: Communigal Communications LtdCreated 1 February 2008Updated 8 September 2008 NS: ns1.aboutstat.com; ns2.aboutstat.com IP: (Estonia, Starline Web Services) Registrant:  Serg Moon (moon.serg@gmail.com)  <— a well known “bad actor” Websites in IP range 92.61.100.% <– many “bad actors” 1.  Createyourlove.net 2.  Findyourlovesite.com 3.  Finebeautifulwomen.net 4.  Girlslovefamily.net […]

Read On 1 Comment

ALERT: treat any content from dentsu-inc.com with extreme caution

September 8th 2008

Reports have been received that there have been attempts to sell malvertizements, with contact being made by email, with the correspondent using the email address @dentsu-inc.com. Dentsu is a large Japanese agency, but their real domain is @dentsu.com (no inc). dentsu-inc.com was registered, not surprisingly, by the infamous Estdomains Inc.  The domain was created on […]

Read On 1 Comment
Read On Comments Off on Uh oh… IE8 Beta 2, plus SBS RWW, plus a password that requires a working shift key = FAIL

Let’s take a closer look at some IE8 features and option changes…

September 5th 2008

  InPrivate browsing One of the new IE8 features that is garnering a lot of interest is InPrivate.  Even before IE8 Beta 2 was released to the public, there was much speculation about the possibility of a new “porn mode” making its debut (thanks, in some part, to some sharp eyed people spotting that Microsoft […]

Read On 1 Comment

ALERT: Malvertizement featuring car.com

September 1st 2008

This one uses some pretty old protocols, but is still in cirulation: getfreecar.com/statsa.php?u=<<removed>> getfreecar.com/statsg.php?u=<<removed>> (loads the long since discarded gnida.swf) getfreecar.com/statss.php?campaign=<<removed>> blessedads.com/?cmpid=<<removed>> adnetserver.com/?tmn=<<removed>> antispywaremaster.com/<<removed>>

Read On Comments Off on ALERT: Malvertizement featuring car.com

Updated VPC images have been released…

September 1st 2008

Download here – the images will expire in January 2009 http://www.microsoft.com/downloads/details.aspx?FamilyId=21EABB90-958F-4B64-B5F1-73D0A413C8EF&displaylang=en Images available: Windows XP SP3 with IE6Windows XP SP2 with IE7Windows XP SP3 with IE8 Beta 2Vista with IE7

Read On Comments Off on Updated VPC images have been released…