Cool new snoop tool for HR people

Dutch Valleywag reader Dirk Dijksma has come up with a clever twist on the old metasearch engine: He’s collected all the sites that HR people use to suss out job applicants, and put them into one page called CVGadget with expanding/collapsing widgets that only show the top few of each set of results from Facebook, Google Documents, etc. It popped up an old resume of mine in five seconds. Note to Dirk: Most Americans have no idea what a CV is, but no worries — they didn’t know what a googol was either.

Source:
http://valleywag.com/5040503/cool-new-snoop-tool-for-hr-people

Posted in Internet, Privacy | No Comments

Bogus FedEx Notifications: New Malware Courier of Choice

Remember the UPS spam runs that were popular last month (see previous blog posts here and here)? Spammers have chosen a different courier this time, but the message was basically the same.

Posing as FedEx notifications, these email messages have the same format as their earlier UPS counterparts: tracking number (perhaps to make the message appear authentic), message body informing recipients that there was a problem with the delivery of a package, and a message urging the recipient to print the attached “invoice” to claim the “package”.

Even the attachment is of the same file type as those seen in the previous spam runs. The .ZIP file is an info stealer detected by Trend Micro as TSPY_ZBOT.MCS. ZBOT spyware are infamous keyloggers that are known to steal confidential information, such as those related to online banking credentials.

Our users are already protected by the Trend Micro Smart Protection Network. While our experts are still doing their analysis on this case, everyone should remember that nothing is free these days – even if malicious emails posing as the world’s largest couriers tell you otherwise.

Source:
http://blog.trendmicro.com/bogus-fedex-notifications-new-malware-courier-of-choice/

Posted in Internet, Privacy, Security | No Comments

DNS poisoners hijack typo domains

Websense, the security services provider, has reported a successful case of cache poisoning on name servers of one of the largest Chinese ISPs. Netcom customers are said to have been steered by criminals to manipulated pages on which exploits for RealPlayer, MS Snapshot Viewer, Adobe Flash Player and Microsoft Data Access Components attempted to inject malicious software into their PCs.

The criminals carried out their attacks somewhat subtly: instead of manipulating the addresses of prominent web sites in the cache, they only changed the address of the ISP’s publicity pages. People arrive at these pages when the domain name they request is unavailable, because, for example, they mistyped the URL. ISPs use this redirection method, known as Typosquatting, to advertise free domains or competing products. In the present case, however, clients don’t arrive on the Typosquatter pages, but on pages with a crafted trojan.

Evidently, the cause of the problem is that the random source port patches for queries, introduced to hamper these known attacks, were not applied to the Netcom name servers. Previously, official reports about successful cache-poisoning attacks only concerned AT&T. Dan Kaminsky last reported on the patch status of the Fortune 500 companies at the Black Hat security conference saying that around 70 per cent of them were patched.

Source:
http://www.heise-online.co.uk/news/DNS-poisoners-hijack-typo-domains–/111376

Posted in Internet, Privacy, Security | No Comments

Ten ways improve Vista’s security

Although Windows XP was Microsoft’s preferred desktop operating system for an unprecedented length of time, it became something of a PR nightmare for the software giant. Windows XP is full of security holes and is very easy to compromise. When Microsoft created Windows Vista, its primary goal was to address all of the security problems that have been plaguing Windows XP for so many years.

Although Windows Vista security is far stronger than that of Windows XP, even running an out-of-the-box configuration, you need to know how to use some of the new security features in order to get the most out of the OS. This list of the top Vista security tips can help you run a truly secure Vista installation.

Source:
http://searchsecurity.techtarget.com.au/articles/26483-Ten-ways-improve-Vista-s-security

Posted in Internet, Networking, Security, Windows | No Comments

Microsoft hints at “private browsing” feature in IE

One of the most interesting feature that didn’t quite make it into the final release of Firefox 3 is “Private Browsing”, a.k.a. porn mode. The only other browser with this feature built-in today is Safari (another reason to try it in case you haven’t), however, Microsoft may also be building a similar feature into Internet Explorer 8 if two trademark filings are any indications.

Although “private browsing” can be easily associated with viewing particular genres of media content, the Mozilla foundation argues “while viewing pornography may be a popular use case due to the nature of content on the Web, assuming that this is the only reason that users need private browsing trivializes the overall feature. For instance, users may wish to begin a private browsing session to research a medical condition, or plan a surprise vacation or birthday party for a loved one.”

If indeed Microsoft is rolling out such a feature in Internet Explorer 8, I can imagine it becoming very popular with surprise birthday planners across the world. Oh those birthday people are in for a treat.

Source:
http://www.neowin.net/news/main/08/08/20/microsoft-hints-at-private-browsing-feature-in-ie

Posted in Internet, Privacy, Windows | No Comments