Belt and Suspenders

CounterSpy end of life occurred on June 1st.   I saw a post from someone whose company runs both a commercial antivirus product and CounterSpy.   They were wondering what secondary product they could replace it with.   I’m having flashbacks to 2007. In the mid-part of last decade mainstream antivirus products were slow to adjust to the …

Continue reading ‘Belt and Suspenders’ »

Article:Flash Ads launch clipboard hijack

Link We all know that malicious ads can be hosted by legit sites. Generally being fully patched (including third party apps) is a good protection against most attacks other than social engineering. Ryan Naraine of The Zero Day Blog over at ZDNet reports that malicious Adobe Flash ads are being used to hijack the clipboard …

Continue reading ‘Article:Flash Ads launch clipboard hijack’ »

Subpoena in a Civil Case

The SANS ISC Diary has a good write up of the Subpoena in a Civil Case malicious email. Wish I had seen that before investigating the copy our CEO received. The message is from subpoena@uscourts.com with a display From of United States District Court. It says YOU ARE HEREBY COMMANDED to appear and testify before …

Continue reading ‘Subpoena in a Civil Case’ »

16 Percent of Companies Aren’t Concerned about Spyware

http://www.networkworld.com/columnists/2007/032607edit.html In a recent study about spyware by Nemertes Research, Senior Vice President Andreas Antonopoulos was surprised to find that 16% of the companies examined were not concerned about the threat. The article notes that the reason for this isn’t lack of computer security spending at the companies in question. Nor is it because the …

Continue reading ‘16 Percent of Companies Aren’t Concerned about Spyware’ »

Eschelbeck Slams Windows Defender

I was a fan of Gerhard Eschelbeck when he was with Qualys. He’s been pretty much off my radar sense he took the CTO position at Webroot. Today he comes out swinging against Windows Defender as reported in Information Week. “If you look at the [Defender] data points, they speak for themselves,” says Eschelbeck. “Defender …

Continue reading ‘Eschelbeck Slams Windows Defender’ »

The IM Blocker is working

Getting hit with some spyware laden links here at work. Our blocker got it no problem. But for everyone without IM protection watch out for hxxp://nsl-school.org/?id=18388 hxxp://nsl-school.org/?id=winning_list hxxp://mytermex.com/?news_id=18388 hxxp://mytermex.com/?id=virus_shield hxxp://nsl-school.org/?id=news X-( http changed to hxxp to avoid anyone accidently infecting themselves. If you go to the sites, you’re on your own.

Practicing Safe Surf

In other news the sky is blue. Porn sites are sleazy. and everything isn’t as it seems on myspace. http://sourcewire.com/releases/rel_display.php?relid=27686&hilite= A survey of over 600 UK respondents showed that young men are significantly more likely to be infected with spyware than their female counterparts. The likelihood of infection was increased by the risky online behaviour …

Continue reading ‘Practicing Safe Surf’ »

Should antispyware detect cookies?

Suzi Turner asks, “should antispyware products detect cookies” in her latest blog entry at ZDNet. Here is some test results from Ben Edelman on how various antispyware programs treat cookies. I’m coming at this from the perspective of a corporate information security guy. Several years ago, I started an initiative to purchase enterprise ready antispyware. …

Continue reading ‘Should antispyware detect cookies?’ »