I sent email to nic contact of pcworld.com today but if anyone has contact with them, please inform them of the issue:
DNS resolver:
removespyware.ru's IP address is resolved as 70.42.185.10
70.42.185.10 is pcworld.com
http://www.dozleng.com/updates/index.php?showtopic=16134
1. Outpost Firewall Pro 2009
2. Online Armor
3. Comodo Firewall
4. ProSecurity
Outpost Firewall Pro 2009 6.5.2355.316.0597 leads the challenge with 99%, tightly followed by the paid version of Online Armor Personal Firewall 2.1.0.131 with 98% and the best free product – Comodo Firewall Pro 3.0.22.349 with 95%. ProSecurity 1.43, which will be replaced by Real-time Defender in the future, is on the third place with 93%. All these products reached the Excellent protection level. Online Armor Personal Firewall 2.1.0.131 Free and Kaspersky Internet Security 7.0.1.325 are close to the excellent results.
Among the newly tested products, Ashampoo FireWall FREE 1.20 and Webroot Desktop Firewall 5.5.10.20 reached the best network performance results. The worst results were measured with G DATA InternetSecurity 2008.
It seems that Firewall Challenge tests make a big difference between really good products and the rest of the world. Most of the products are filtered in very low levels which means that they probably miss some critical features.
However, it is crucial to know what does it mean if a product succeeds in our tests and what does it mean if it fails. Before you start interpreting the results, you should be familiar with the information on the index page, especially with the methodology and rules. You should also know which kind of products do we test before you start to interpret the results.
http://www.matousec.com/projects/firewall-challenge/results.php
They announced the 2 yesterday and announced another one:
MFSA 2008-36 Crash with malformed GIF file on Mac OS X
Get v3.0.1 now to take advantage of the security fixes and other program fixes. Release notes here.
Phishing E-mail: Colonial Vendors and Business Associates
Phishing E-mail: Colonial Bank WebBiz Alert - Update
Phished website with link to malware (auto-download)
Only 9 malware scanner will detect the malicious file:
http://www.virustotal.com/analisis/71edda93864f8daa8abbb2b113f3282a
Antivirus Master - Rogue Product
Date Published: Tuesday, July 15, 2008
Category : Rogue Security Software
Also known as: FraudTool.Win32.UltimateAntivirus.m [Kaspersky]
http://ca.com/au/securityadvisor/pest/pest.aspx?id=453137639
Site to block using hosts file and if you are using Outpost Firewall, add it in IP Blocklist:
anvimaster.com - whois result here
anvi-scanner.com - whois result here
scanner.anvi-scanner.com
Note: today's update on IP Blocklist includes the above to be block by Outpost Firewall.
I have added CoU Calendar search engine for Internet Explorer 7, Firefox and Opera browsers today so I can search using the built-in search bar any posted updates in CoU's Calendar. For CoU members and visitors (guests) who want this also, please follow the guide at http://www.dozleng.com/updates/index.php?showtopic=16074
I have added CoU Calendar search engine in IE and Opera browsers today so I can search using the built-in search bar any posted updates in CoU's Calendar. For CoU members and visitors (guests) who want this also, please follow the guide at http://www.dozleng.com/updates/index.php?showtopic=16074
I am not really sick of hearing about Storm Worm news because it's not like EICAR test file yet. Why? Because with EICAR test file, all antivirus will detect it as EICAR but for Storm Worm, um.. not:
It will offer secret_archive.exe file when user visits or clicks such links:
So it is really not like EICAR like yet. Scanners still need to do more work to be able to detect all variants of Storm Worm:
http://www.virustotal.com/analisis/b0d43f3fa36f76695a0e30ee846322df
Well, malware scanners have excuse, EICAR test file has no variant.
The campaign by bad guys to spread their rogue antivirus program's installer of Antivirus XP 2008 is not only thru trojan infection but also via email SPAM:
Going to the bad link will try to auto-download the installer of Rogue antivirus XP 2008's installer.
It's in the wild - SPAM with infected file ups_invoice.zip and my inbox has 4 of it today:
63% of malware scanner will detect the infected file, if user mistakenly download retrieve this unwanted email or save or touch that file:
Scan result: http://www.virustotal.com/analisis/07d607ef1cfcd0b67fe27595a71a9452
NOTE: If you will google "UPS Packet" or UPS Paket", you will see the same message posted in newsgroup and forums :(
....really in the wild so be careful guys.
dozleng.com is up but we need to keep it as "offline" board. RSS is working to receive updates alert. We should be ready by end of this week. Sorry for the inconvenience.
Calendar of Updates (dozleng.com) is having technical problems with the database. The Calendar, forums and blogs will not be available until this issue is fixed. Sorry for any inconvenience.
Internet vendors have quietly and secretly patched a defect in the Domain Name System that could have let hackers control the Web. Security expert Dan Kaminsky found the problem and quietly alerted CERT, which outlined the problem after patches were released. Hackers could have used cache poisoning to control traffic, e-mail and data.
http://www.newsfactor.com/news/DNS-Security-Flaw-Secretly-Patched/story.xhtml?story_id=023000SJUO7U
Security Newsletter For Home Users:
Protect yourself
Protect yourself while traveling this summer: It's summer! The kids are out of school, and it's time to travel, right? Just make sure to protect yourself. If you bring your portable computer or mobile phone with you, start with 3 ways to protect your laptop on the road or tips to avoid wireless attacks through your Bluetooth cell phone. If you're traveling sans mobile devices, you'll find these other tips helpful:
Security updates for July 8, 2008
Protect your computer
Protect yourself and your family
Security Newsletter For IT and Developers:
Viewpoint: Inside the Windows Vista Kernel
Top Stories
Security Guidance (see links at http://www.microsoft.com/technet/security/secnews/newsletter.htm)
Windows Vista Security Guide
Understanding and Configuring User Account Control in Windows Vista Windows Vista Application Development Requirements for UAC Step-by-Step Guide to Controlling Device Installation and Usage with Group Policy Step-by-Step Guide to Managing Multiple Local Group Policy Microsoft Forefront Client Security Enterprise Manager Microsoft Forefront Integration Kit for Network Access Protection New Microsoft Security Development Lifecycle (SDL) Center How Do I: Export and Import Certificates? Community / MVP Update
Security MVP of the Month: Tony Bradley
MVP Article of the Month: Going It Alone: How Mobile PCs Protect Themselves Outside of the Network
Version 7.0.483.000 fixes the issue: Microsoft Update KB951748 is known to cause loss of internet access for ZoneAlarm users on Windows XP/2000. Windows Vista users are not affected.
Go to http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html to get your fix :-)
We found many dodgy installers and the list of has grown from 3 to 39 software installers that adds unwanted add-on and it is pre-checked.
Today, we delisted RealPlayer from the dodgy installer listings.
See http://www.dozleng.com/updates/calendar50398
MS08-040 has been revised to remove erroneous references to SQL Server 2005 Service Pack 1 in the MBSA and SMS Detection and Deployment tables. Also clarified permissions requirements for vulnerability mitigating factors.
MS08-039 was also revised by changing the information reference link for OWA Premium in the Mitigating Factors sections for both vulnerabilities
More Posts
Next page »