Secunia PSI – Personal Software Inspector

May 24, 2008 – 7:39 AM

The Secunia PSI is the FREE security tool that is designed with the sole purpose of helping you secure your computer from software vulnerabilities. Software vulnerabilities affect all applications installed on your computer, from the Operating System down to your email client, office application, instant messaging, and so on.

A software vulnerability is basically a programming error/flaw in a software application, that can be used by a hacker to perform actions, which have a security impact on your computer. These actions range from disclosure of sensitive information stored on your computer (like credit card numbers and account information) to automatic installation of viruses, trojans, keyloggers, or other code.

Why is this a risk to you? An example: When you browse the Internet, you use an “Internet browser” this may be: Internet Explorer, Firefox, or Opera. All of these browsers have been affected by software vulnerabilities that have allowed hackers to do practically anything on your computer – all you had to do was to visit a website and the website could take control of your computer. The same goes for each and every other application on your computer – unless you keep them updated and patched.

Programs such as anti-virus, personal firewall, and anti-spyware are good measures of protection, but they will NOT protect you from the threat of software vulnerabilities – despite what many of them promise!

Secunia is the world-leading provider of vulnerability intelligence. Secunia collects, evaluates, verifies, and analyses security information from public mailing lists, security and vendor websites, coordinated vulnerability reports, and internal research. We have served customers, partners, and users since 2002.

To help you secure your computer from software vulnerabilities, we kindly offer you to download the FREE Secunia PSI today, it will scan your computer for installed software and determine if any applications lack security updates.

Vista’s UAC spots rootkits

May 24, 2008 – 6:59 AM

Love or hate its nagging prompts, Vista’s Account Control feature (UAC) has a security feature that marks it out from any other type of Windows security programme — it can spot rootkits before they install.

This is one finding buried in a report published in two German computer magazines some months ago after testing by the respected AV-Test.org, which set out to find out how well anti-virus programmes fared against known rootkits.

The answer was not particularly well at all, either for Windows XP, or Vista-orientated products. Of 30 rootkits thrown at XP anti-malware scanners, none of the seven AV suites found all 30, a similar story to the six web-based scanners assessed. Only four of the 14 specialised anti-rootkit tools managed a perfect score.

The best of the all-purpose suites was Avira AntiVir Premium Security Suite, which found 29 active rootkits, with Norton finding as few as 18. The anti-rootkit tools fared better, with AVG Anti-Rootkit Free, GMER, Rootkit Unhooker LE, and Trend Micro Rootkit Buster achieving perfect scores. The scores for removal were patchy, however, with all failing to remove any of the rootkits they had found.

The results for Vista products were harder to assess because only six rootkits could run on the OS, but the testers had to turn off UAC to get even this far. Vista’s UAC itself spotted everything thrown in front of it.

Only three of the 17 AV tools for Vista managed to both detect and successfully remove them, F-Secure Anti-Virus 2008, Panda Security Antivirus 2008, and Norton Antivirus 2008.

Once on a PC, rootkits can bury themselves quietly, but they have to get to that point first. As long as users interpret prompts from the UAC system attentively, or those messages haven’t in some way been spoofed, rootkits struggle to jump to the PC without drawing attention to themselves.

Read the rest of this story…

Facebook security snafu could compromise accounts

May 23, 2008 – 11:34 AM

A researcher has spotted a security problem in Facebook that could lead to hackers taking control of user accounts.

The flaw allows a hacker to execute scripts on Facebook that could potentially be used to create a fake log-in page and capture people’s passwords, according to the XSSED security blog. The discovery is credited to “Mox.”

“Malicious people can exploit this issue to execute script code in the context of Facebook or obtain sensitive information from its users, such [as] clear text authentication credentials with a fake login form,” according to the blog post, written by Dimitris Pagkalos.

A cross-site scripting vulnerability can let an attacker display data from another Web site or run malicious code, which can compromise user data on the targeted Web site.

Cross-site scripting flaws are increasingly becoming one of the favored vectors for hackers, and security experts have warned that a vast number of Web sites potentially contain the vulnerability. In 2006, the Web Application Security Consortium surveyed 31,373 sites and found that more than 85% were vulnerable to cross-site scripting attacks.

Source: Computer World

New Google Service Helps Infected Websites Clean Up

May 22, 2008 – 6:14 PM

Google is now sharing details on why its automatic search deems certain Websites risky.

The search giant this month quietly added a new, free service called the Safe Browsing Diagnostic Page that tells whether a site flagged by Google as potentially dangerous is hosting malware, or helps distribute malware, for instance.

Google’s new diagnostics service provides information about any bad behavior by the site within the past 90 days. The idea is to give owners of the compromised Websites more information to assist in their remediation and cleanup of the site, and to provide users more information on why the site has been flagged.

The search giant’s automatic flagging of potentially risky Websites has been “highly accurate,” according to Niels Provos, senior staff engineer for Google, but it wasn’t easy for Webmasters and users to verify the results. “Attackers often use sophisticated obfuscation techniques or inject malicious payloads only under certain conditions,” Provos wrote in the Google security blog. “With that in mind, we’ve developed a Safe Browsing diagnostic page that will provide detailed information about our automatic investigations and findings.”

“For users, this increases confidence in our findings. For Webmasters, this information may assist them in cleaning up their servers,” Provos told Dark Reading.

Google’s new service got a nod of approval from security watchdog Stopbadware.org for pulling back the covers on Google’s site-flagging process. “We’d like to applaud Google for taking this step in greater transparency. This new resource should help website owners in cleaning and securing their sites faster, which will help protect even more internet users,” Stopbadware.org’s Erica George wrote in the organization’s blog yesterday.

Read the rest of this story…

The URL Is Dead, Long Live Search

May 22, 2008 – 5:17 PM

Last week I was watching TV and saw something that really caught my eye. It was a commercial for Special K, the breakfast cereal from Kellogg, and rather than end with a plug for the product’s web site — SpecialK.com — it advised people to search Yahoo! for “Special K” instead. I started to wonder two things: 1. is Yahoo! paying Special K for tack-on advertising? and 2. has searching really become so natural that it is more effective to tell people to search for your site than it is to tell them to visit directly?

To the latter question, the answer appears to be a somewhat surprising “yes.” Of the 10 fastest rising search terms on Google last year, 7 were for searches where adding a “.com” would have brought the user to the correct site. These are called “navigational” searches — searches done when the user already knows exactly where he or she wants to end up — and they make up a surprising large number of total seaches.

Read the rest of the story…