Now this is not the first time Windows UAC has hit the news for being flawed, back in February 2009 it was discovered that Windows 7 UAC Vulnerable â User Mode Program Can Disable User Access Control and after that in November 2009 it was demonstrated that Windows 7 UAC (User Access Control) Ineffective Against Malware. A zero-day for Windows 7 back in July of this year also bypassed Windows UAC. ...
You might want to steer clear of the following fake security program, being promoted as a âWindows Trojan Removal Kitâ but actually hijacking your PC in the form of the ThinkPoint rogue with a mixed (24/43) detection rate. The file is currently being offered up by your typical âfake security scanâ pages, such as microsoftwindowssecurity152(dot)com. Those familiar with this particular rogue will be aware that it tends to stick with domains similar to the one above. ...
Sophos Labs: Two weeks ago, an automatic session-hijacking plugin was released for Firefox. It was named Firesheep, and itâs been downloaded over 600,000 times so far. The decision to release Firesheep publicly is a controversial one. On the good side, itâs reminded people that some of their common web surfing habits are dangerously insecure. Many websites use HTTPS (secure HTTP) for login, which protects your password. But they revert to insecure HTTP for the rest of the session. After you have logged in, security relies on the browser sending a session cookie â a secret authentication token â in every request. ...
There are always peculiar things malware researchers discover while analyzing new samples. VirusTotal 24/43 Letâs remember the filename as HD Porn TV for later Our victim runs it thinking they will see the latest porno in HD quality. Instead they get a new browser âthemeâ with a Turkish flavor: ...
I was reading an article on PCWorldâs website about the upcoming Google Chrome OS: So far so good. Except that I inadvertently clicked on one of their sponsored links: which ironically states âHere is all about spyware removal and even more.â After a few redirects, my browser is hijacked by one of those FakeAV scanners: ...
Posted by Diana Phan, Gmail Support Team October is National Cyber Security Awareness month and a good time for a reminder about why hijackers do what they do and how you can protect your account. Check out the Online Security blog to learn about common hijacking techniques and security practices that will help you stay one step ahead of the bad guys. To help ensure your Gmail account is safe, take a minute to visit the Gmail help center and complete their new security checklist. ...
Accessing Facebook from a public computer or Internet cafe can now be done more securely. Moving to enhance online security, Facebook on Tuesday said that it will soon offer users the ability to receive one-time passwords on their mobile phones and that it has already enabled the ability to sign out of Facebook remotely. âWeâre launching one-time passwords to make it safer to use public computers in places like hotels, cafes or airports,â said Facebook product manager Jake Brill in a blog post. âIf you have any concerns about security of the computer youâre using while accessing Facebook, we can text you a one-time password to use instead of your regular password.â ...
Back in November 2007, Iâve seen this technique used by one of the variant of Worm called W32/Drom. The technique was not to execute the malicious file or component of the worm but to prevent Antivirus Program from running. The Worm queries the following Antivirus registries to get the Installation Path, once acquired, it creates a folder named âws2_32.dllâ with Hidden and System attributes on that location. ...
Sigh⊠The latest âexploitâ that affects hundreds of programs and will be the end of the world as we currently know it is actually a well documented feature of Windows. It has actually been around since the DOS days. In the old days we used to call these Companion viruses. It worked by using a different file extension that will be executed before the real executable. For example if you had a âgwbasic.exeâ you would create a âgwbasic.comâ anywhere in the path and if the user just typed âgwbasicâ he would execute the âgwbasic.comâ and not the âgwbasic.exeâ. If the author of the âgwbasic.comâ was âniceâ he could execute the âgwbasic.exeâ so as to make the existence of the âgwbasic.comâ file harder to detect. ...
Spam emails such as the one below have been doing the rounds on the Internet hoping to lure recipients into downloading a Facebook toolbar. If you download the file by clicking on âDownload Hereâ, youâll see a file with the icon shown below: If you take a closer look at the icon, âdarkSectorâ is shown inside of it. How strange. Is this actually a Facebook toolbar? Letâs take a look at the property of the file since the file looks a bit fishy. In the file properties, youâll see the following in the Details tab. ...