Thursday, March 24, 2005

"SpywareBlaster and Other Free Tools"

One of my absolute favorite free security tools is SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) SpywareBlaster isn't a spyware removal tool. Instead, it is designed to prevent your machine from ever becoming infected in the first place.

The software protects Internet Explorer by locking down a lot of the frequently exploited features such as ActiveX controls. Another nice thing about SpywareBlaster is that it maintains a list of Web sites that are known to be malicious.

It adds any known malicious sites to Internet Explorer�s Restricted Site list. The Restricted Site feature won't prevent you from visiting sites on the list, but rather renders sites on the list harmless if you should happen to visit one of them.


Spyware Removal

There are a lot of good, free spyware removal programs on the Internet. I have yet to see an anti spyware program that is 100% effective though. The only sure way to keep your system clean is to use multiple anti spyware programs. That way, one program can catch what another misses.

When it comes to free spyware removal programs, there are three that I really like.

I recommend Microsoft's AntiSpyware, which is still in beta testing (http://www.microsoft.com/athome/security/spyware/software/default.mspx).

I also like Ad-Aware (http://www.lavasoft.com/) and Spybot- Search and Destroy (http://www.safer-networking.org/en/download/)

Phishing Attacks Skyrocket - Beware Of Your Email Inbox!

A recent security threat report issued by Symantec.com detailed a number of the threats facing computer and Internet users in their travels.

The most prevalent threats are apparently those that attempt to steal identity-related information like phishing attacks.

Arthur Wong, vice president of Symantec Security Response and Managed Security Services, says, Attackers are launching increasingly sophisticated attacks in an effort to compromise the integrity of corporate and personal information."

As indicated, the report details these threats and discusses the attacks making use of the various methods:

Rise in Threats to Confidential Information

The report indicates threats to confidential information represented 54 percent of the top 50 malicious code samples received by Symantec. Trojan horses are the primary vehicles of this type of attack.


Steady Increase in Phishing Attacks

This one is the biggie. Symantec's report reveals phishing attacks are up an astounding 366%. "By the end of December 2004, Symantec Brightmail AntiSpam antifraud filters were blocking an average of 33 million phishing attempts per week, up from an average of 9 million per week in July 2004." Unfortunately, Symantec expects this trend to continue its increase.


Increase in Attacks Against Web Applications

According to Symantec, "Nearly 48 percent of all vulnerabilities documented between July 1 and Dec. 31, 2004 were Web application vulnerabilities." Because web apps are approved by firewalls (in order to access the Internet), the security characteristics are avoided. Web application attacks include exploiting vulnerable web browsers.


Rise in Number of Windows Virus/Worm Variants

Because of the proliferation of Windows-based computer environments, the number of viruses and malicious programs targeting Microsoft's software continue to grow at an accelerated rate.

Symantec's report reveals, "From July 1 to Dec. 31, 2004, Symantec documented more than 7,360 new Windows 32 virus and worm variants. This represents an increase of 64 percent over the previous six-month period. As of Dec. 31, 2004, the total number of documented Windows 32 threats and their variants was approaching 17,500."


Increase in Severe, Easy-to-Exploit, Remotely Exploitable Vulnerabilities

With the increase in attacks based solely on executable programs and code, the ease of getting these programs to perform their malicious duties has also increased.

Symantec indicates, "70 percent were considered easy to exploit, which means that either no custom code is required to exploit the vulnerability or that such code is publicly available. Compounding this problem is that nearly 80 percent of all documented vulnerabilities in this reporting period are remotely exploitable, which likely increases the number of possible attackers."

Symantec also made mention of additional security risks faced by users today. These risks focus on adware and spyware. According to Symantec, "lefeats was the most commonly reported adware program, accounting for 36 percent of top 10 reports," while Webhancer was the most frequently reported spyware program.


Hackers Grab 59000 California State University Ids

A report by Reuters revealed the results of a massive hacker attack made against California State University. According to the report, the personal identity information of 59000 students may have been compromised during an attack on the school's servers.

The article reveals, California State University, Chico in northern California is alerting students, former students, prospective students and faculty that their personal information, including Social Security numbers, may have been compromised in the attack three weeks ago, said spokesman Joe Wills.

"It looked like it was illegal access to do some, perhaps, some downloading of files," Wills said. "In investigating it we realized the hackers had some access to a great deal of personal information."

The university is continuing its investigation.


Cialis Top Spammer Disguise Word

Sophos.com issued a report detailing the most popular words spammers like to target and use to disguise their mailings. According to their research, the erectile dysfunction drug Cialis is the most common marketing term used by spammers attempting to pass their spam off as legitimate marketing emails.

Graham Cluley, senior technology consultant for Sophos, explains what is meant by disguising these keywords, "Spammers have a dilemma. They want to sell certain products or include certain phrases in their spam emails, but they also know that many people will have filters looking for those words and are automatically junking them. For this reason they use ‘obfuscation' to try and disguise the words from the anti-spam software."

To view the list of top marketing terms used in spam mailings, please read Sophos' report. Caution, many of these words are adult-related.