by Mick on April 13, 2009
Conficker began installing an antivirus that is referenced in SpywareProtect2009 infected computer, which shows their true intention.
Kaspersky reported that the worm started using its peer-to-peer mechanism yesterday including program updates and false security. The new update is also an interesting new mechanism to automatically destroy itself after May 3 2009.
Microsoft Malware Protection Center blog has a list of good news. E variant of the changes and that, today, @ PC World Blog lists some new elements that may be of its creators.
If you are still unsure your computer may be infected by the worm Conficker Eye Chart will help you diagnose, it is easy.
Basically Conficker blocking access to some 100 security sites and the eye chart displays images from several of those sites.If your browser loads the correct settings for dead image so there is a good chance your computer is infected with, it’s time to get rid of Conficker. [click to continue…]
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
by Mick on October 30, 2008
Google can steal your data?
How hackers steal data is getting more sophisticated, they now involving more search engines technology such as Google. It only takes a few seconds to snatch Social Security numbers from Web sites by using the search method.
The fact that Social Security numbers on the Web is human error, because such information should not be published there. However, the hackers have been using Google in a sophisticated way to automate attacks against Web sites, said Shulman (founder and CTO Imperva – database and Application Security Company).
In the presentation at the RSA Conference, Shulman said that the new Imperva find ways to execute to SQL injection attacks coming from Google. In an SQL injection attack, the malicious instructions are included in Web-based form and answered by the Web application. This often resulted sensitive information from the back-end database or used to insert malicious codes in the web page.
Google’s manipulation is particularly liked by the hackers because of the anonym nature - for hackers and automated attacker engines. Tools like Goolag and Gooscan can execute wide search on the web to find vulnerable points, and provide a list of Web sites that have a problem.
Another method is Google Worms, which use a search engine to find certain weaknesses points. With the inclusion of additional code, that vulnerability can be exploited. “In 2004, this is science fiction. In 2008, this became a painful reality, “Shulman said.
Google and the search engines are taking other steps to stop such abuse. Google, for example, have a particular search method that can produce the collection of Social Security numbers in a wipe. Google also limit the number of search queries that are sent per minute, which can slow the search for mass Web sites that have a grip of weakness.
But this only makes the hacker must be a little patient. Limit the search also hurt security professionals who want to do automatic daily searches of the problems in the Web sites it, said Shulman.
Another type of attack is the “site masks,” which caused a legal Web site that disappeared from the search results. If you find sites that the contents the same, the Google search engine will removing one of the index results.
This circumstances is used by hackers to create a Web site that has links to Web pages competitors, but filtered through a proxy server. Google indexes the content under the domain proxy. If this is done several times with more proxy server, Google will assume that it’s correct Web pages as duplicates, and removing from the index.
One way a Web admin should do, according to Shulman, is to protect the web sites from being indexed other than by legal search engine IP address.
fake antispyware
Nowadays, more and more fake antispywares software that circulates and infected thousands to millions computers in the world. Besides coming from removable storage media such as pen drive, the spyware can spread through e-mail to send fake messages containing attachments.
Spywares act by providing a fake message that resembles the Windows program, which seems to tell that in your computer, there are spyware / spyware, and then install the fake antispyware program ‘XP AntiSpyware 2009’.
To clean it up, there are several steps that need to be done. And this is how :
1. Disconnect the computer from the network.
2. Scan your computer using a removal tool. You can use the removal tool to clean up from Norman (you can download it here; http://download.norman.no/public/Norman_Malware_Cleaner.exe )
3. Remove the registry string, which was created by the spyware. You can use the script below; [click to continue…]
