How users are being tracked on P2P networks
Have you ever asked yourself how it is possible that users are tracked over months in P2P networks although their IP address is changing regularly ? We only hear reports about session based user identifications. Session based means that shared files of this session are analyzed and recorded opposed to tracking a user over months.
HijackReader analyse HijackThis results
HiJackThis
is a sophisticated security tool that checks a computer running Windows 2000 or higher for possible signs of hijacked applications. It does check lots of different elements like startup items, Browser Helper Objects, running processes and the like and presents a log of the results at the end. This log is hard to read for beginners because it contains "good" and possible "bad" elements in it and it requires knowledge of those elements to make a distinction between elements that you have to keep and those that are indeed malicious in nature.
Theoretical Cryptography Part I - MD5
Since Martin constantly manages to cover all ongoing news regarding cryptography and security I myself planned on writing about "any time soon", I had to look for other topics on the subject I could cover. So I decided to make good use of all the time I spend studying this kind of stuff and share this knowledge with you. And I would be very grateful, if someone could tell me in return how to defeat shirred fabrics with my sewing machine... but that's a whole different matter.
Private Galleries can be accessed at Smugmug
If you would use an image host, put up some of your images and set them to private, would you expect them to be still accessible by anyone ? This is apparently the case over at Smugmug where a private setting simply means that the pictures and image galleries are not directly linked from the homepage anymore but can still be accessed by simply entering the url directly in the browser address bar or download manager.
Bavarian Skype Trojan
Two, seemingly authentic, documents have been leaked to the German Pirate Party on Wednesday containing information about costs and technical information about a Skype trojan that could be used to eavesdrop on Skype communications. The documents contain indications of at least one operation of the Skype Trojan in Germany.
DOS Vulnerability in uTorrent and Bittorrent
A vulnerability in uTorrent and Bittorrent, which is using uTorrent's core, was discovered today that effects the BitTorrent 6.0 client,
uTorrent 1.7.x, uTorrent 1.6.x and uTorrent 1.8-alpha-7834. The Denial of Service vulnerability is made possible by the way the clients handle user data.
Trend Micro RUBotted
Trend Micro RUBotted is a BETA program that scans your system for bot related activity protecting it effectively from being hijacked and misused for criminal activity. The computer is monitored for activity that is either harmful for the computer it is running on or other computers that are affected by actions from the monitored computer.
Test Avira AntiVir PersonalEdition Premium for 6 months
Giveaways, more giveaways and even more giveaways. Seems we can expect more free software giveaways this year. It's Avira again with a promotion to test the AntiVir PersonalEdition Premium for six months with no obligations whatsoever. All you have to do is fill out a small form and they will send you a working serial number that is valid for the next six months.
When on Digg be careful
Trend Micro have published another excellent article on their malware blog entitled A Tangled Web ... of Malware. It describes how hackers use popular media websites to spread malware and how their […]
Why you should not run an Open Wi-Fi
Security Expert Bruce Schneier wrote a commentary on Wired yesterday where he admitted that he was using an Open Wi-Fi and that he could not see what was wrong with doing so. He refused to accept security reasons because he said that the computer had to be secured as well and that an Open Wi-Fi would essentially be the same as using Wi-Fi on airports or Internet cafes.
What sam.bak can tell you about Users of a system
SAM ? What's that again ? SAM is the Security Account Manager and part of the Windows Registry. Unfortunately though it is not possible to access that part of the Registry directly even if you are logged in as an administrator. It is however possible to analyze the file sam.bak which can be found in the directory system32/config/ of your Windows installation.
Control Javascript Events in Firefox
Firefox Mastery published a nice article about the Firefox add-on Controle de Scripts which lets the user control Javascript events in Firefox. Instead of just disabling Javascript (default Firefox without add-ons), or enabling it on a per-site basis (NoScript) you can configure and control specific Javascripts events.
How to defeat Phishing
Kurt mentioned in Daniel's PayPal phishing article how he dealt with phishing and that got me thinking about the easiest way to defeat phishing for certain accounts. The answer is virtual mail accounts. I always thought about virtual mail accounts as a way to stop spam and find out which website or service sells your email but it can also be used to defeat phishing.
Ingenious PayPal mimicing spam
About 2 days ago, I received a quite clever spam email in my Gmail account. It's still pretty new, so I do take a look when I occasionally get spam to filter […]
Why Hackers take advantage of global events
Hundreds of websites have been prepared or compromised to take advantage of the Benazir Bhutto Assassination in Pakistan. Users searching for news on the assassination using search engines like Google or Yahoo might land on a website that has been specially prepared to download Javascript code that in turn downloads additional malicious software to the host PC.
Why you should always log out off Gmail
Let me narrate a story to you. A story of someone who has an Gmail account and a domain registered to his name. This someone checks his Gmail account regularly and visits other sites afterwards. It is so convenient to stay logged in at Gmail in case you want to check again. Maybe Gmail is open all the time in another tab for even further comfort.
Security and Privacy Complete
My last review of Security and Privacy Complete dates back to December 2006 and I thought it would be a good idea to take a look at this application again. The software is a security solution for Windows and lets you disable privacy and security related features of Windows.
Internet Explorer 6 crashes when loading websites after update
A lot of users are still working with Internet Explorer 6 either because their company did not make the switch to Internet Explorer 7 yet or because they don't know that a new version is already out. They might be perfectly happy with it but some will probably consider switching to IE7 or another browser when they experience the following odd behavior.
Blowfish Advanced File Encryption and Security Tool
Blowfish Advanced manages to provide the user with several security and encryption features that I have not seen before in one utility. The first purpose of Blowfish Advanced is to encrypt - and decrypt - files offering eight different encryption algorithms, three data compression algorithms and keys with a length of up to 1024 bit.
Distributed Password Recovery using Geforce 8 Video Cards
The software Elcomsoft Distributed Password Recovery
was designed for distributed recovery of lost passwords providing hardware acceleration for NTLM password recovery using GeForce 8 video cards which speeds up the process by a factor of up to 25).
Infected or Not: Is your PC Infected ?
I'm not that fond of online virus scanners because they always need special file access privileges and scan your files which could be a privacy issue as well. Infected or Not from Panda Antivirus however catched my attention by providing interesting statistics about infected computers on a worldwide and country wide scale.
Melissa Strip Captcha Breaker Trojan
I bet you have never seen such a tempting Trojan before. The Trojan named Melissa Strip, identified as TROJ_CAPTCHAR.A by TrendMicro and Trj/RompeCaptchas.A by Panda, starts by asking the user if he wants to play a game where she (Melissa) will strip for the user if the enters the correct code.
Use one password on all websites
Many Internet users tend to have a handful of passwords at the most that they use for every website that they signup for. Those passwords are normally weak passwords that can be easily remembered. The danger of this approach is that those users will most likely see a chain reaction of hacked accounts once one account gets hacked.
Is Orbitnet.exe spyware ?
A reader send me an email last night asking if I had any information about the orbitnet.exe process that was started when Orbit Downloader was active. Zonealarm would describe the process as "P2P service of Orbit Downloader" and that seemed to have rang some alarm bells because P2P services are often used as spyware.
I dnt hate Mozilla but use IE or else…. Worm
I dnt hate Mozilla but use IE or else... is what I got when I tried to start Firefox sometime back. Just as the window opened, a box with this message popped […]
Type Text with your Mouse to increase security
Keyloggers record anything that you type and where you type it on your PC in a log and transfer those logs to the person - better thief - who did install the keylogger on your computer. He can then find out all the urls you visited, the passwords that you entered on those websites and what you did there as well.
Why I decided to uninstall my Antivirus software
I have been using Antivirus software for a very long time and even though I kept it up to date it never catched a single virus, worm or Trojan. It did however slow down system startup and the scan of new files also used system resources. This let to my conclusion that I did not need a Antivirus software, because frankly, Antivirus software is basically preventing the user from doing something stupid.
Check a File using multiple antivirus engines
If you need to quickly check a file for malicious code that you downloaded then Virus Total might be something you might want to take a closer look at.This service stands out because it uses multiple antivirus engines instead of just one or two. The antivirus engines list looks pretty impressive because it contains 32 engines.
Port Forwarding Tester
You might have encountered the term Port Forwarding when configuring bittorrent on your computer or analyzing slow or none existing traffic with bittorrent. One of the first answers of those helpful support guys in all forums is always check Port Forwarding, but what the heck is it ?
Critical Account Information from JPMorgan Chase Bank phishing email
I received two of those fake emails today and thought that it would be a good opportunity to dissect it to show how phishing emails try to lure customers into a trap. The first and most obvious hint that something is wrong with this email is if you think about the subject of the email.
Optimize and Secure Windows with PC Pal
PC Pal is a software that is currently in Beta that checks your Windows installation for weaknesses and possibilities to optimize it. The process is very user friendly and requires minimal user interaction. Basically the user pushes one button and PC Pal checks the computer for problems related to security, networking, printing and performance.
Check if a website is revealing email addresses
You need to use the tools of the trade to check if your website is revealing emails from visitors or yourself. Most webmasters have a contact form somewhere on the page which is sometimes revealing the real email address of the webmaster. But even tricks like adding spaces to the email address, a REMOVEME part, writing (at) instead of @ and other means are recognizable by some email harvesters that do nothing else but to harvest websites and the websites that they link to for new email addresses.
Block 'wrote an interesting post today' spam
I'm sick and tired of a new kind of blog spam that is appearing on the Internet in general and on my site in particular. So called auto-blogs, that is blogs that are running an automated script adding content to their website without user interaction, are pinging the blogs that they rip off like crazy for a reason.
A look at the XeroBank Browser
XeroBank Browser, or xB Browser which was previously called Torpark, is a portable browser based on Firefox with security and privacy add-ons that can be run out of the box. The burden of installing all those extensions and softwares and making sure that they work correctly is taken of the users hand which should appeal to many users who do not have the time or knowledge to take care of that by themselves.
Protect your data from physical access
Experts are able to gather sensitive data from your computer if they gain physical access to it. This can be achieved by various means like Live CDs, accessing unprotected accounts or administrators that take a look in your profile folders. They can search the files on your hard drives, read documents, look at your Internet cache, the mailboxes which contain all of your mails - even the deleted ones - and histories of downloaded files.
Quick Way to Remove the Skype Worm
If you do not know yet there is a Skype worm spreading around that is affecting Skype Windows clients. The virus automatically sends a chat message to other Skype users containing a link to an image on a website where he is prompted to download a file with the .scr extension using a simple redirection
FDF File Spam is on the rise
If there is one thing for sure it is that spammers are creative in finding new ways to bypass anti spam filters. They send distorted pictures, add random text to their messages, zip their spam, use excel files, pdf files and nowadays fdf files. Fdf files ? What's that again ?
Rootkits: Sony does it again
I would have never thought that a company like Sony would not learn from its mistakes especially after the first rootkit debacle which was a major public relations fiasco for Sony. The first rootkit was placed on several audio CDs that were distributed in 2005 and led to a $6 million settle case in the United States. While the rootkit was intended to make it impossible (albeit ineffectively) to copy music from the CDs it was effectively used by producers of malware, trojans and spyware to hide their code from antivirus software.
How to filter fake membership and e-card spam mails
The Internet community has been pestered with yet another wave of spam mails containing fake membership information and e-cards. The spammers use two attack vectors if you click on the ip that is listed in those emails. They try to convince you to download a so called Secure Login Applet which is nothing more than an infected executable named applet.exe and also try to use several known exploits.
Secure USB Device called Flash Padlock
I barely finished the article about the first USB devices with an build in Iris scanner when the next developer announced a system to secure data on USB devices called Flash Padlock. It is basically a a USB stick with one or two Gigabytes of space that is protected by a pin that has to be entered on the device itself to be able to access the data on the stick.
