Whom do you mean…?
asyn
Run it on your XP SP3 system and maybe your Comodo will even pemit it.
No need, as
- I don’t need/run it
- Block it anyway with comodo…! ;D
asyn
Hi malware fighters,
A new kind malcoded adware, rather malware, may transform your laptop into a Wifi router to function as a laptop access point, the victim does not see the launched ads on every HTML page and also on YouTube. It is too easy to call this a normal "man in the middle attack, we certainly will hear more about “Typhoid adware”…http://pages.cpsc.ucalgary.ca/~aycock/papers/eicar10.pdf
polonus
Hi malware fighters,
A new trojan does not work under Windows XP, but will infect Vista: http://blog.webroot.com/2010/06/14/spammed-trojan-wont-run-under-windows-xp/
polonus
Hi malware fighters,
Google Analytics harbours new malicious script!
On a number of hacked websites eSoft found Google Analytics abused to harbour malicious scripts. Used JavaScript code normally used the Google domain, bur during decoding of the script a non-functioning ‘sr tag’ is being used, directing to a functioning ‘sr tag’ with a malicious script on another domain. Analyzing these websites critically look at theGoogle Analytics code, please…http://threatcenter.blogspot.com/2010/06/alert-to-web-security-researchers.html
pol
Linux trojan raises malware concerns
A backdoor Trojan discovered in a popular Linux download illustrates that the OS is not impervious.
http://pcworld.co.nz/pcworld/pcw.nsf/feature/1461D73DC2B51F96CC25774100750C6B
Linux trojan raises malware concerns A backdoor Trojan discovered in a popular Linux download illustrates that the OS is not impervious.Welcome to the club. :'(
Hi malware fighters,
The XP hole found up by Google is now actively being abused, so apply the FixIt:
http://www.sophos.com/blogs/sophoslabs/?p=10045
pol
Done just now. Thank for for the update.
Disclose information about vulnerabilities? Yes/No/When?
http://www.norman.com/security_center/security_center_archive/2010/83782/en
dont put your money here
Eastern European banks under attack by next-gen crime app
http://www.theregister.co.uk/2010/06/16/blackenergy2_ddos_attacks/
Researcher shows how to strike back at web assailants
Exploiting the exploiters
http://www.theregister.co.uk/2010/06/17/exploiting_online_attackers/
Hi Pondus,
On the disclosure discussion front, i.m.o. the best remedy is to educate users to be fully protected against possible 0-days. That is to make use of appropriate in-browser protection like NS and RP (so code can not run and malicious requests are not being performed), use a normal user account so an exploit can not be maximized on the OS and in the registry. Use a combination of a fully upgraded resident AV solution together with some additional non-resident malware scanners (MBAM, SAS etc.) and check with Secunia’s PSI for instance whether all third party software has been fully updated and patched.
As long as users are not educated into these precautionary practices the discussion between full, semi or responsible disclosure is a non-issue because the average user will still be a sitting duck for malcreants and cybercriminals alike,
polonus
+1 (100% agree…!!!)
asyn
guys stop dreaming, the average user will never ever use NS or similar, never. The average user wants his box to run like a TV, turn on, zap, turn off…browse the web, check hotmail, and basta. It’s already hard to make them undertsand that they need an anti-virus at all (most of them running nothing, because the Norton trial expired ;D )…there’s no such thing as educating the masses about computer and internet security. The masses are purely and simply rejecting the ideas: that 1st the web is not secure, and second that they need to be educated for their own sake. It’s a dead end. Show user lambda that his system is infected, he’ll still wonder why there’s a need to clean it…not a joke 
Never stop dreaming…!!
asyn
Hi Logos,
Still we have to go on educating, just for the guys and gals and kids that will pick this up, weren’t we a bit like average users when we started out here. How may computers do you need that have been turned into a state of “no better than a door stopper” by malcoded script to finally glimpse at the idea that it is a PEBKAC problem mainly, and you can do something fundamentally about it. If I can get 100 users to further use NS and RP combined I feel a better human being for doing so,
polonus
From Omids`s Blog
A little note to the guys at ESET http://boelectronic.blogspot.com/search/label/Fun
Go Omid! I liked the Windows updates thing in those earlier posts. I’m planning on 2012 ending for XP network followed by upgrade to whatever is best option then. Whenever the security updates cannot be kept up to cover potential or real vunerabilities. I’ve got two years avast! Pro on an XP Pro 32bit so I’ll take my XP that far.