Tag Archives: Security

SpywareBlaster – Low Impact Malware Protection

[Windows – all versions]

spyware-blaster-icon

Way back in the late 1990’s and early 2000’s, one of the first security apps I’d install on a PC was SpywareBlaster. These days, I don’t use it as often, however, it’s still excellent PC protection, especially if you are using Internet Explorer as your default web browser. Here’s what the website says about this application:

Multi-Angle Protection

Prevent the installation of ActiveX-based spyware and other potentially unwanted programs.
Block spying / tracking via cookies.
Restrict the actions of potentially unwanted or dangerous web sites.

No-Nonsense Security

SpywareBlaster can help keep your system secure, without interfering with the “good side” of the web. And unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

spyware-blaster-main

Here’s a list of web browsers that can benefit from SpywareBlaster’s protection:

Internet Explorer
Mozilla Firefox
Netscape
Seamonkey
Flock
K-Meleon
and browsers that use the IE engine, including:
AOL web browser
Avant Browser
Slim Browser
Maxthon (formerly MyIE2)
Crazy Browser
GreenBrowser

SpywareBlaster does not have to run continuously in order to do it’s job. It simply applies a few registry settings to your PC and your browser that will help prevent drive-by downloads and bad ActiveX scripts. After you’ve installed SpywareBlaster, all you have to do is to enable the protection on the main screen.

spyware-blaster-all-protections

The free version of SpywareBlaster requires that you update it manually, however, there is a pro version that can update itself automatically. If you can remember to update it, the free version is fine for all users. The manual update process is very simple.

spyware-blaster-updates

There are a few other tools bundled in with SpywareBlaster, one of them is the System Snapshot. If you ever find yourself having a few problems with your web browser, restoring one of these snapshots may be an easy fix.

spyware-blaster-sys-snapshot

Another tool is Hosts Safe. Windows uses the HOSTS file to provide system shortcuts to various websites and some malware programs take control of this file to force your PC to places you’d never go on your own. You can create backup copies of your HOSTS file easily with this tool in SpywareBlaster and restore them later if needed.

spyware-blaster-hosts-safe

The last tool I’ll mention is a IE Settings section. As you can see, it offers two or three settings that can help you protect Internet Explorer.

spyware-blaster-ie-settings

Please note that SpywareBlaster is not a replacement for Firewall, Anti-Virus or Anti-Spyware tools. However, it’s normally quite safe to use it in addition to the tools you already have installed.


Download SpywareBlaster: Download.com

SpywareBlaster Website: javacoolsoftware.com

Techie Buzz Verdict:

SpywareBlaster is a great way to add an additional layer of security to your PC. I like the fact that it does not have to run continuously in the background in order to work. It’s been around for over 10 years and I’ve never seen any serious complaints about it. I can easily recommend it.

techiebuzzrecommendedsoftware1

Techie Buzz Rating: 4/5 (Excellent)

Highly Critical Vulnerability In The Linux Kernel Fixed

Today a very dangerous bug privilege escalation bug in the Linux kernel has been fixed. The bug allows an underprivileged process to run with the root privilege from any application with a GUI.

It affected the x86_32 and x86_64 platforms and was reported to the X.org security team, who then referred it to the team handling the kernel.

The vulnerability was discovered by Rafal Wojtczuk of Invisible Things Lab. This is how Joanna Rutkowska, the founder of Invisible Things Lab, describes it:

The attack allows a (unpriviliged) user process that has access to the X server (so, any GUI application) to unconditionally escalate to root (but again, it doesn’t take advantage of any bug in the X server!). In other words: any GUI application (think e.g. sandboxed PDF viewer), if compromised (e.g. via malicious PDF document) can bypass all the Linux fancy security mechanisms, and escalate to root, and compromise the whole system. The attack allows even to escape from the SELinux’s “sandbox -X” jail.

All the Linux kernel since 2.6 are vulnerable according to Rutkowska. Linux kernel 2.6.0 was introduced in December 2003. So, this means that the vulnerability has been around for almost seven years.

Linus Torvalds has already released a patch to fix this and it has been pushed upstream recently into stable kernel.

[via: Softpedia]

Trojan Uncovered In an Innocuous Snake Game for Android

One of the biggest attractions of Android is its open Market, which houses a wide range of apps that can be used for anything from listening to music to overclocking the processor. However, as mentioned earlier, Android’s biggest strength might also turn out to be its biggest weakness. The open Market means that it’s a lot simpler for malware developers to target Android handsets than the highly locked down iPhone.

Android-Snake-Tap

F-Secure is now reporting that Tap Snake – a popular Snake game for Android, is actually a client for a spying app. During installation, this game requests full network access as well as access to your GPS sensor. Once installed, it runs in the background and secretly reports your location every 15 minutes.

Fortunately for users, the game itself is simply acts as a client or s front-end. In order for the actual spying to occur, the handset must also have a paid application called GPS SPY. Moreover, GPS SPY must be registered to the same email address as TapSnake. This obviously makes it much harder to actually spy on any user, since physical access to the device or extreme gullibility on behalf of the user is be required.

Are Flash Cookies and Zombie Cookies Violating Your Privacy?

It’s bad enough that we get hit with tons of third party browser cookies that can track our surfing habits. Now we have to worry about Flash cookies and even worse, Zombie cookies. So what are these new cookies?

Almost every computer that accesses the web, now has Adobe Flash installed on it. In case you didn’t know, the Flash program stores it’s own cookies that your web browser has absolutely no control over. Are these Flash cookies bad for us? Yes, they can store all kinds of private information that can be passed to almost any website that uses them. A typical browser cookie is only 4k in size, while a Flash cookie can be up to 100k. That’s more room for information that you may not want to share.

In addition to being more difficult to control, the Flash cookies are now also resurrecting browser cookies that you may have intentionally blocked or removed. These resurrected cookies are known as Zombie cookies. I found out about this from Woody at Windows Secrets newsletter. Once I found out, I decided to look around for ways to get some control over these rogue Flash cookies. Here’s what I’ve found so far.

Adobe Flash has privacy settings that you can adjust by going to their website.

http://www.macromedia.com/support/documentation/en/flashplayer/help/

I’ll be honest with you – I really don’t understand many of these settings, but I have used them a few times. I just don’t know how much good it’s done me. Here are some sample screen shots of my settings.

adobe-flash-settings-1 adobe-flash-settings-3

There are settings in each of the 8 tabs there. All I can recommend is that you review the settings and be sure that most of them ask your permission for unusual requests such as webcam access.

Another way to control and remove Flash cookies is to use this freeware program I’ve found called FlashCookiesView.

flashcookiesview

This program is available as a zip file and is completely portable. Just unpack it into a folder and execute the program when you need it. FlashCookiesView allows you to see all of the Flash cookies, view the contents of the cookies, and to delete any of them you wish.

Get Nirsoft’s FlashCookiesView

More Information:

• Firefox users can delete Flash cookies with – BetterPrivacy
•  Here is a Chrome extension which also allows Flash cookie removal:  Click & Clean
•  Here is more security information on Flash cookies
•  You can delete Flash cookies manually by going to the storage locations listed here

Now you know as much as I do. If you have your own tips on controlling Flash cookies or any other Windows security issues, be sure to comment below or email me.


AVG Releases Reports of Mumba Botnet

AVG has claimed that the Mumba Botnet is out in the wild and has nearly 55,000 PCs setup under its network. This poses a serious security threat to those infected users accessing the Internet without a proper firewall or an antivirus. The Mumba Botnet has stolen up to 60 GB of data until now. This data includes credit card numbers, bank passwords and other sensitive data.

The order in which infected nations stand, is the USA alone with 33%, 17% in Germany and 7% in Spain. This clarifies that people in developed nations and people with technologically inclined brains make the country a hotspot for an attack as compared to developing countries.

The Mumba botnet is extremely dangerous because apart from the malware spreading capabilities, the botnet now also has Zeus under it. Zeus is another Trojan tool to steal bank login information. The malware attacked vulnerable and popular browsers like Firefox and IE.

Yuval Ben-Itzhak, the SVP at AVG said,

The unique infrastructure of the Mumba botnet means that going after the servers hosting the stolen data is now much more difficult than before.

AVG is moving towards security in a more serious way and the recent inclusion of AVG Link Scanner into browsers brings AVG a score on other antiviruses. Likewise, these reports give it more credibility in the field.

(Source)

Security Researchers Reveal Android Vulnerability That Allows Hackers to Read Your Email and SMS

AndroidJust days after a wallpaper app was called out for harvesting private data, security researchers have revealed another potential pitfall in Google’s popular mobile operating system. At Defcon hackers conference, Las Vegas, researchers from Spider Labs distributed a rootkit that exploits a bug present in the Android operating system.

“It wasn’t difficult to build,” said Nicholas Percoco, head of Spider Labs, who worked with his partner to develop the malware in just two weeks. The rootkit in question is able to silently gain full system access and can collect and transmit sensitive user information like e-mail and text messages. Spider Labs hopes that the public disclosure will prompt manufacturers to fix the bug present in current Android systems.

Percoco used HTC Legend and Desire handsets for the demonstration; however, he believes that other Android phones are also vulnerable. While Android’s openness is one of its biggest strengths, it can also turn out to be its biggest weakness. The open Market definitely makes it an easier target than the iPhone.

Hacker Turns ATM Machines into Magical Money Tree

Black-Hat-ConferenceWhen I was a kid, I used to wish that everyone had a magical money spewing tree. In the mind of a dreamy little kid that would have been the perfect solution to poverty. Even better, kids could then be kids, instead of having to understand why diamond is hard and graphite is soft. On Wednesday, Barnaby Jack, a security researcher, demonstrated how anyone could get their own magical money spewing machine. And frankly, it’s downright scary.

In a session titled “Jackpotting Automated Teller Machines Redux”, Jack demonstrated to attendees at the Black Hat security conference, how easy it is to hack modern day ATM machines to make them do your bidding. Although ATM Machines are secure physically, their digital underbelly has simply not managed to keep up with the times. Most of them are powered by ancient software that have primitive security measures.

In one instance, Jack simply used a master key available online, while on the other instance he remotely hacked into the system. Although, his demonstration was focused on machines manufactured by Triton and Tranax, Jack believes that he can manipulate practically any ATM installation.

Tough New Security Rules For Indian Telecom Operators

The DoT (Dept. of Telecommunications) in India has  laid down strict new telecom security rules which may put the onus on operators to ensure that their networks are secure from every sense. Failure to meet the new requirements can lead to carriers being 500 Million rupees and the carriers could also have their contract canceled. These rules were issued in the form of a license amendment and are intended to resolve security fears over the foreign-built networks, and in particular those from Chinese firms Huawei and ZTE.
The DoT also said that operators are completely and totally responsible for security of their networks and must conduct a security audit on each deployment of routers, switches, VoIP installation and other network gear. Operators are also expected to provide location details of mobile customers within up to 50 meters. The new rules require operators to outline their security plans to the government within 30 working days.

Windows Shell Shortcut Vulnerability Is Being Actively Exploited

Earlier this week the exploit code for a highly critical Windows vulnerability affecting all versions of Windows from XP to 7 was made public. The bad news is that malware developers are already actively exploiting this bug. Symantec has identified that the W32.Stuxnet worm, which spreads using this vulnerability, has already affected thousands of systems.

The Shell Shortcut Parsing vulnerability is a particularly worrisome bug because there aren’t a lot of things a user can do to protect himself. Even if autorun and autoplay is disabled, users can still get infected. All that the user is required to do is to open the compromised device, network share or WebDav. The only preventive measure is to disable icon rendering. However, doing so will basically cripple the Windows environment. To make matters worse, Steve Gibson from GRC research is claiming that a security researcher has already figured out a way to exploit this vulnerability through favicons.

Microsoft is obviously working hard to patch this severe vulnerability. However, an official patch may take weeks to come. Until then, ensure that your system has up-to-date malware protection, and avoid using Internet Explorer (other browsers can also be exploited, but possibly to a lesser degree).

15-Year Old Pwnes Apple App Store Quality Check

Today I am presenting to you, the iPhone App Handy Light. Possibly developed by a 15-year old and with the Fisher Price look and feel, it has got nothing more to it than five simple colors in which you can make the screen glow respectively. This might come in handy as torchlight. However, running in the background, is an app, which lets you tether your internet connection over Wifi.

Apple app store needs strict quality checks. However, this $.99 torchlight app was so simple that it could not give them a thought that such capabilities can co-exist in this KISS from a 15 year old!

Using this app, you can use your iPhone as a 3G modem to dial an Internet connection from your computer. I know. You will say this can already be done but, the catch with Handy Light is that you do not pay the stupid $20 per month that AT&T so badly wants from you for dialing an internet connection using the 3G modem in your iPhone.

As obvious, such awesomeness does not remain hidden for long and as word started spreading, Apple came to know about this app. Apple has now removed Handy Lights from the app store. However, those who have it installed already, can still reap the benefits.

(Source)