Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Jellycloud aka Claria aka Gator has shut down?

October 11th 2008

Yes, I know this report has been around for quite a few days, but I prefer to let things shake out and wait to see what comes to light before writing, especially when the original information is from a “tipster”. At first, the report was kind of surprising, considering Jellycloud had apparently raised many millions […]

Read On Comments Off on Jellycloud aka Claria aka Gator has shut down?

Get ready for a BIG patch week

October 11th 2008

There will be 11 security bulletins – 4 critical, 6 important and 1 moderate.  Further details will be released when the patches are released. Critical Security Bulletins============================ AD Bulletin   – Affected Software:     – Active Directory on Microsoft Windows 2000 Server       Service Pack 4     – Impact: Remote Code Execution IE Bulletin   […]

Read On Comments Off on Get ready for a BIG patch week

Castlecops DDOS attacker sentenced to federal prison and ordered to pay restitution

October 11th 2008

Cool!  I have no connection with and have never looked at Killanet, but Castlecops is a forum dedicated to fighting malware, spyware, phishing and spamming (very effectively, I may add) and there are quite a few “Consumer Security” MVPs who have made their home there over the years (including me, although I have not been […]

Read On Comments Off on Castlecops DDOS attacker sentenced to federal prison and ordered to pay restitution

Hmm, ok, so clickjacking via Flash is actually the web browsers and the web sites’ fault?

October 11th 2008

Well, that’s according to an Adobe employee Cite: http://weblogs.macromedia.com/jd/archives/2008/10/on_clickjacking.html JD’s rationalizations bring to mind the disagreements that occurred back in July 2007 when there was a sometimes heated debate going on about whether IE and Firefox were at fault for “passing bad data” to third party applications, or if the third party applications were at […]

Read On 2 Comments

ALERT: Treat all content from the ad agency called Adshaven with extreme caution

October 10th 2008

Yesterday I blogged about “New malvertizement trickery affecting surfline.com and careerbuilder.com“. A representative of surfline.com has posted a comment to that blog entry as follows: “Regarding the Surfline incident – we quickly realized there was an issue with the ads being served via external tags from AdShaven ad agency (which has not returned our phone […]

Read On Comments Off on ALERT: Treat all content from the ad agency called Adshaven with extreme caution

New malvertizement trickery affecting surfline.com and careerbuilder.com

October 10th 2008

For a long time now, we have been focusing on SWF (Flash) based malvertizements where the SWF itself contains malicious code.  Over time, our detection abilities have improved (thanks in no small part to adopstools) and it is getting harder and harder for malvertizers to get their wares on to web pages. Then the malvertizers […]

Read On 3 Comments

Adobe has posted a security advisory regarding the "clickjacking" problem

October 7th 2008

The Advisory is here:http://www.adobe.com/support/security/advisories/apsa08-08.html I quote: “Customers: To prevent this potential issue, customers can change their Flash Player settings as follows:    1. Access the Global Privacy Settings panel of the Adobe Flash Player Settings Manager at the following URL: http://www.adobe.com/support/documentation/en/flashplayer/help/settings_manager02.html   2. Select the “Always deny” button.   3. Select ‘Confirm’ in the resulting dialog.   4. […]

Read On 2 Comments

Time for another quick look at InPrivate blocking

October 5th 2008

  I thought I would take another look at what InPrivate is blocking on my primary work computer, now that I have been running IE8 Beta 2 for a while.  My decision to take a look was actually prompted by a correspondent who told me about this newspaper article at businessweek.com, an article which includes […]

Read On Comments Off on Time for another quick look at InPrivate blocking

Yet more hiding by Serg Moon

October 4th 2008

matchservice.com – the “last owner” has been changed from “matchservice.com” (email moon.serg@gmail.com) to “Whois Anonymizer”.

Read On Comments Off on Yet more hiding by Serg Moon

Is Serg Moon trying to hide?

October 2nd 2008

My regular readers know that “Serg Moon” (aka Serj Moondy), email address moon.serg@gmail.com, is a name that appears regularly in association with malware domains.  There has been a bit of WHOIS activity in recent times involving Serg/Serj.  Some examples are: sexbuddies.com – created 27 November 2003 – modified 14 September 2008 – WHOIS changed – […]

Read On 1 Comment


Archives