It seems that adware pushers have found a new way to trick you into downloading their annoying products: fake MP3 files. more at pcadvisor.co.ukcomments?
As we recently saw, automatic subscription renewals seem to have become de rigueur for antivirus software vendors. But one reader recently discovered that the practice is creeping into the anti-spyware category as well.  story continues..comments?
Posted by Carl Weinschenk on March 24, 2008 at 2:50 pm
Microsoft’s acquisition of Komoku both gives it new tools against rootkits and another entry point into the government market.
Komoku, according to this eWeek story on the acquisition, deals with the pernicious form of malware that burrows deep into target systems and, unlike traditional viruses, does a good job of hiding itself from detection. story continues..comments?
Joseph Bochner didn't know much about Internet crime when his then-girlfriend called him in 2004, frustrated that her computer had become unacceptably slow, almost unusable.
The desktop's CD/DVD drive had popped open, and the monitor displayed a flashing red window screaming "Virus Warning!!!" urging her to click a link and purchase a program to disinfect the machine. story continues..comments?
By Brian Krebs
Online tech support forums are starting to light up over an increasing number of PCs sickened by something called the "MonaRonaDona virus," a piece of malware that threatens to trash host computers. As it happens, MonaRonaDona appears to be a relatively innocuous invader that was created to scare people into purchasing a fake new anti-virus product. story continues..comments?
For a time, online advertisements have been a constant source of, not only nuisance, but of malware as well. Earlier this month, we’ve seen malicious banner ads being served on popular Web sites, such as Myspace, Excite, and Blick. more at blog.trendmicro.comcomments?
Looks can be deceiving, and malware authors are relying on that old adage to lure potential victims into their most recent scheme. The plan? Dress up as a spyware removal tool, use a great-looking site, complete with blogs, news and product lineup, dazzle the user with plausible reviews, and encourage them to click through. more at blog.trendmicro.comcomments?
Security software makers, as well as independent and media-sponsored testing labs, have agreed to create an industry group to establish best practices and standards in the testing and rating of antivirus software, members of the nascent group told SecurityFocus on Thursday. more at securityfocus.comcomments?
Cyber criminals who took advantage of Hollywood actor Heath Ledger’s death are at it again, this time attempting to lure unsuspecting Super Bowl fans. When users search for “Superbowl,” Google search results turn up the following: more at blog.trendmicro.comcomments?
MySpace users are at risk from hacked profile pages that attempt to install malware disguised as legitimate Windows updates, warns McAfee. "In this latest social engineering scenario an attacker sends a new 'friend request' to MySpace users. When the user clicks on the picture or name of their new potential friend, an overlaid image of what looks like a legitimate Windows 'Automatic Update' pop-up box is displayed," claims a McAfee security alert on the Avert Labs blog. If the user clicks on this fake update request then the browser will attempt to download a "malware cocktail" that McAfee believes to consist of additional downloaders, several trojans and a remote administration tool that could provide hackers with access to a user's PC. Spotted herecomments?
Random JS Toolkit allows attackers to create threats that only attempt to victimize an individual computer in the same manner a single time to protect against discovery by anti-virus systems By Matt Hines - January 14, 2008 Web gateway filtering specialist Finjan is reporting a new toolkit that uses randomized JavaScript to stay hidden from virus crawlers and deliver its payload via compromised Web sites. Dubbed by Finjan's Malicious Code Research Center (MCRC) as the "Random JS Toolkit," the malware development package is allowing attackers to create threats that only attempt to victimize an individual computer in the same manner a single time to protect against discovery by anti-virus systems and researchers' automated "crawlers." By dynamically changing the JavaScript employed to deliver each variant of attack being created, and by using random file names that are only delivered to the same machine or IP address once, Finjan researchers said the malware authoring package is meant to avoid the programs used by AV researchers to find new threats emerging on the Web. Spotted herecomments?
Predicts 2008 Threat Landscape Expanding to Social Networking Sites, Total Number of Greynets to reach 1,000 more at facetime.comcomments?
The infamous Storm worm may be perceived as the world's most dangerous botnet, but security experts say a worm called Nugache could be more of a threat. more at pcadvisor.co.ukcomments?
Part of security software vendor CA's Web site was cracked earlier this week and was redirecting visitors to a malicious Web site hosted in China. more at computerworld.comcomments?
comments?
John Leydon
Russian authorities have identified the authors of the notorious Pinch malware creation toolkit. Arrests are expected to follow. story continues..comments?
With year end nearing, festive e-greetings have become the next source of malware attacks.
According to an F-Secure report, a number of Christmas and New Year cards (malwares) are hitting mail in-boxes globally. story continues..comments?
By Andy Patrizio
A security researcher has discovered a rather sneaky new exploit involving the Google Toolbar, where hackers can pretend to be installing a legitimate Toolbar button item but they're really installing malicious code.
Aviv Raff noted that the spoof presents legitimate-looking dialog boxes and windows to convince users that the button comes from a trusted domain. story continues..comments?
Ask.com is betting it will. The fourth-largest search engine company will begin a service today called AskEraser, which allows users to make their searches more private. more at www.nytimes.comcomments?
The FBI today announced the results of the second phase of its continuing investigation into a growing and serious problem involving criminal use of botnets. Since Operation 'Bot Roast' was announced last June, eight individuals have been indicted, pled guilty, or been sentenced for crimes related to botnet activity. story continues..1 comment
| 
