Complete Computer Security Information - David Woodsmall

Last Updated: 2/08/2010 - Optimized for Firefox 3.6

COPYRIGHT 1987 thru 2010 - David R. Woodsmall - www.woodsmall.com

UNLESS specified, Microsoft Windows is the effected Software

Feel free to link to any of my pages

Caveat Emptor - I am not responsible for any problems

I try to present accurate info

Double check any advice, before taking it

I apologize, but I am not able to help with your problems

Please try HERE to find sites that may be able to Help you

CLICKING ONCE on a Desired, Listed subject will take you to that information

SPAM / JUNK EMAIL Information Recalls / Warnings REGISTRY WINDOWS TIPS

SECURITY INFORMATION JUMP TABLE

Programming Language Vulnerabilities

Beginner / Newbie Steps to Protect Your Computer Data

As long as you connect to the Internet (browse, eMail), your computer is not safe. Running NON-Windows (MAC or Linux) increases your computer safety, BUT gives your fewer choices to protect and clean-up your computer (my opinion). 1] How to protect your computer and it's data A] PASSWORDS 1) Do not pick easily discovered passwords. 2) Set the Administrator password - DO NOT EVER FORGET THIS. (look this up 3) You may wish to add a Boot up (also called a hard drive or BIOS) password - DO NOT EVER FORGET THIS - If you have a laptop (mobile computer) or other unknown people could get at your computer. You will have to look up this procedure in computer or motherboard owner's manual. 4) Do not pick simple passwords - combine upper case lower case and symbols. 5) Make passwords at least 10 characters in length 6) Do not use birthdates, names of relatives or pets as part of your password. 7) Do not use words found in a dictionary as passwords nor as part of passwords. 8) Submit your password here, to find out how strong is the password. Generate Secure Passwords here 9) Consider using a free password (key) SAFE to protect your passwords. B] Always keep your Operating System (usually Windows?) up-to-date. NOTE: Microsoft generally releases updates on the SECOND TUESDAY of the MONTH. C] Always run a good anti-virus and a good anti-malware program(s). Norton 360 combines these and other needed protection. ALWAYS keep these up-to-date. Again for both 2008 & 2009, PCWorld and I suggest (Symantec's) NORTON 360. Note - it is very fast, these days. D] Always keep your applications up-to-date (Word, Excel, PowerPoint, Adobe Reader, JAVA... E] You really should use a (they are cheap) Hardware Firewall. You may already have one. F] EMAIL - do not open emails from unknown persons. Do not open any email attachments, UNLESS you are expected it, from that person. For more EMAIL security information I suggest using a keyword on YOUR outgoing emails that contain attachments - this shows that you, not a virus, actually sent the attachment. Let your correspondents know what keyword you use. For more EMAIL safety tips, click here G] You should use a Software Firewall to prevent bad programs from sending your data back to their home. I suggest the one included with NORTON 360. I do prefer ZoneAlarm's software firewall, but I'd rather not have Norton trying to nicely interact with an other software firewall. H] I strongly advise using Firefox 3.5.7 (or later) WITH NoScript and BetterPrivacy (to squash Flash Cookies) as a Browser. If you want to use Internet Explorer, use IE 8 (or later) Firefox 3.6 Goes Gold - Norton tool bar not yet compatible (1/22/2010) I] I suggest using Mozilla's THUNDERBIRD as an email program rather than any Microsoft email program - I believe it is much safer. J] I suggest setting your browser to remove Cookies after you shutdown the browser. This is usually an option of the web browser. K] I suggest (automatically) deleting ALL temporary files when you shut windows down. CCleaner is both good and free - I've used it for many years. Lastest version 1/5/2010 = Version 2.28.1091 L] personally. I don't use any form of IM (Instant Messenger), as I believe that they pose a security risk - it's up to you. M] Make your file extensions visible - this helps prevent accidentally executing a piece of Malware. Open Windows Explorer or any folder window and click: Tools->Folder Options->View Ensure that the option Hide file extensions for known file types is UNchecked. Disable hidden filename extensions Files that are executable (such as .com, .cmd .exe,...) are more dangerous than others. Click here for more information N] Turn of the Windows Messenger Service - this is NOT the same thing as an Instant Message, and has nothing to do with Instant Messages. If this is on, Malware can take control of your computer. O] Turn off JAVA (I use NoScript to do this task) in your web browser. Even Microsoft recommends DIS-allowing unknown sites to use JAVA. This may cause some websites to not run correctly. NoScript lets you allow specified sites to run JAVA P] Turn OFF JavaScript (I use NoScript to do this task) in your web browser. Even Microsoft recommends DIS-allowing unknown sites to use JavaScript. This may cause some websites to not run correctly. NoScript lets you allow specified sites to run JavaScript. Q] Click here for more BEGINNER's / NOVICE / Impoving computer seccurity guides R] DISCONNECT FROM THE INTERNET WHEN NOT USING IT If your cable modem has a switch that disconnects the modem from the Internet (your ISP), consider disconnecting from the Internet when you are not actually using the Internet (I do this). This prevents attacks on your computer when you are not using it. Newer Motorola cable modems have this disconnect switch. DO NOT TURN OFF YOUR INTERNET MODEM IF YOU USE VoIP for a phone connection - such as Vonage, or Time-Warner's Digital Phone, or SKYPE - as this will disconnect your phone(s). S] Backup your computer - this is not very expensive these days. 2] What to do if you think you have a virus or Malware on your computer. 3] Identity Theft preventiuon and information

ActiveX (Microsoft's)

Microsoft FINALLY fixing ActiveX bug - Tuesday 7/14/2009 Symantec confirms ActiveX bugs in its own consumer software - 4/4/2008 CLICK HERE for more information about ActiveX NoScript - a free Mozilla Firefox Extension, blocks Cross-site Scripting (XSS)

ADOBE Security Issues

Adobe Reader's Patch Tuesday - Jan. 12, 2010 Adobe warns of critical Flash and Air vulnerabilities - Patches due Tuesday 8 December Vulnerability: Adobe Reader and Adobe Acrobat remote execution vulnerability CVE-2009-4324 - 12/15/2009 Adobe Reader Under Zero-Day Attack - NO fix yet (1217/2009) Current Adsobe attack installs Trojan.Pidief.H Trojan.Pidief.H (from attack on Adobe software)- Removal - Symantec Security updates available for Adobe Flash Player - Vulnerability identifier: APSB09-19 - 12/10/2009 For the fourth time this year, Adobe has admitted that hackers were using malicious PDF documents to break into Windows PCs Security Updates Available for Adobe Reader and Acrobat - Release date: October 13, 2009 I would UNcheck the INSTALL McAfee Security Check: Adobe has released Flash Player 10.0.32.18 - 9/10/2009 Adobe released Adobe Reader 9.1.3 (CPSID_49522) - 7/31/2009 Critial Alert - Adobe Flash Vulnerability Affects Adobe Products 7/23/2009 Essential security updates for Adobe and FoxIt PDF readers Adobe PDF Exploit Signatures - 26 February 2009 It May Be Time to Abandon Adobe Hackers exploit unpatched Adobe Reader bug September 15, 2008 - infected PDF file got through a User's up-to-date Adobe Acrobat Writer. Security updates available for Adobe Reader and Acrobat - February 7, 2008 Neosploit Updated to Include an Acrobat Exploit - 05-05-2008 One of the most common PDF exploits is via Javascript passed as arguments to Acrobat. Researcher: JavaScript Attacks Get Slicker TA08-149A - Exploitation of Adobe Flash Vulnerability - May 28, 2008 Adobe's Unintended Black Comedy Adobe Reader 8.1 for XP (a security patch) was released Bugs Menace Adobe Photoshop

ADWARE / SPYWARE Detectors / Removers / Anti

Ad-Aware 2008 Free - anti-Spyware & Privacy risks - PCWorld Best Free Adware/Spyware/Scumware Removers - techsupportalert.com Ad-Aware Personal - downloadable free of charge Lavasoft's FREE Ad-Aware - finds/deletes spyware (one of my favorites) also removes Cookies REMEMBER TO OCCASIONALLY CHECK FOR UPDATES TO Ad-Aware NOTE: Support for Ad-Aware 6 has EXPIRED 10/30/04 NOTE: AdAware Plus, $27, works in Real-time and Blocks installation of Spyware
AdWare GLOSSERY
Another AdWare detector contender (RUN BOTH): HOME OF SPYBOT REMEMBER TO OCCASIONALLY CHECK FOR UPDATES TO SPYBOT Update to Spybot Search & Destroy Version 1.6.0 (or later). Info on Spybot Search & Destroy 1.5.2 also removes Cookies I also occasionally use the free CWShredder - a CoolWebSearch Trojan Remover. Version 2.19 is available. If all else fails, purchase Spy Sweeper, $30/yr. Version 5.8.1 (build 51), has been released. DO NOT upgrade to 5.8.1 Build 55 - installation files seem to be corrupt, and caused me to go back to Version 5.8.1 (build 51), I am also using, purchased SpyWare Doctor - $30 They offer a free scan, but charge the $30/yr if you want to remove the pests. In my personal opinion, I prefer Spy Sweeper. NEVER download a spyware program without investigating it first (see below). Many free/for sale spyware detection programs cause you problems. 2007 Anti-Spyware Software Review 2007 Review of Webroot's Spy Sweeper 2007 Review of Spyware Doctor Today's Top Spyware & Security Stories - PC World PC Magazine picks Web Root's Spy Sweeper 5.0 - 9/25/2006 PC Magazine picks Spyware Doctor 4.0, as a close second choice PCworld picks Web Root's Spyware Sweeper 4.0 - Sept 2005 Microsoft's free Anti-Spyware program Beyond Ad-aware: Block Spyware and Other Pests Review: Enterprise Spyware Detectors - Sept. 16, 2005 The Many Faces of Spyware Tutorials -> Spyware/Hijacker/Malware Removal - bleepingcomputer Spyware Dictionary SpyWare Guide (PC World) WARNING - Lots of ANTI-SPYWARE Programs ACTUALLY INSTALL Spyware SpyWare Programs - Comparisons Eric Howes' Privacy & Security Page Benjamin Edelman C/NET's Spyware Software Download Center Spyware Info dot com The Definitive Spyware, Adware, Pop-Ups, and Malware Removal Guide MAJOR GEEKS SPYWARE DOWNLOAD PAGE Privacy Watch: Gain Extra Protection With Adware Scanner Secrets Remove Trash Apps (really insistant AdWare) - a manual method for so doing Tools to ward off SpyWare ZoneAlarm Tips
CEXX Org - seems to be an anti-AdWare site
Spyware and Adware are files made by publishers that allow them to snoop on your browsing activity, see what you purchase and send you "pop-up" ads. They can slow down your PC, cause it to crash, and worse. If you are like most Internet users, chances are you are probably infected with these files. Simply surfing the Internet, reading email, downloading music or other files can infect your PC without you knowing it. Study: Tools Let Spyware Slip Through Cracks Poor (Spyware) Defenders - PCWorld 12/2004 Spyware Wrap-Up - PCWorld - 11/03/2004 GMail Vulnerable To Contact List Hijacking (Jacking) - Slashdot More Spyware Prevention and Removal - PCWorld 10/27/2004 More on Fighting Spyware Is Distributing Spyware a Crime? - PCWorld 10/11/2004 Spyware Primer - PCWorld - 10/13/2004 Kill Spyware by Hand

Free online scan for Spyware of your PC

Free Online PestScan - Zonelabs

AIX (IBM's Unix)

IBM AIX muxatmd Buffer Overflow Vulnerability

AJAX Problems

AJAX - Emerging Security Threat #1 - Jim Raposa Ajax worm can hijack Web sites browser hijacking - JavaScript CLICK HERE for more information about AJAX

Anomynity - Remain Anonymous

Browser Fingerprinting Can ID You Without Cookies SYMPA (Send_Your_Mail_Privately_&_Anonymously) - eRightSoft.com - freeware Proxy Lists/Info Anonymity Apps: Surf in Secret - PCmagazine Nov 30, 2004 Anonymizer, Inc. American Express offered some such service starting 9/2000 - I don't know if they still do.

Articles and News about Security

Conficker virus STILL AROUND - outbreak at Greater Manchester Police Bill Cosby hasn't died, but hackers take advantage Microsoft: UAC Can Be Hijacked by Social Engineering Botnet Floods Major Websites With Fake SSL Connections Hack On Iowa Racing/Gaming Unit Jeopardizes Data Of 80,000 Employees PGP Corporation Acquires TC TrustCenter & ChosenSecurity Fake Microsoft Outlook Update Installs Trojan, then fakes SSL connections Browser Fingerprinting Can ID You Without Cookies Personal Data Of 77,000 At Risk As Data Is Lost In Alaska 49 Congressional Websites Hacked By Brazilian 'Red Eye Crew' Computer Theft Adds Up To $7 Million For Blue Cross Of Tennessee Identity Thieves Successfully Targeting Wealthy Victims, Study Says Many Voice Encryption Systems Easily Crackable Sophos Security Threat Report 2010 Researcher Cracks Security Of Widely Used Computer Chip Majority Of Online Banking Customers Use Same Credentials On Other Less-Secure Websites Researches hack the connection between Web App and it's database BM ISS Researcher Exposes Holes In Cisco's Internet Surveillance Architecture ITRC Report: Malicious Attacks Are Now More Frequent Than Human Error BBB ranks top 10 scams of 2009 10 email scams to watch out for FBI Probes Hack at Citibank Hackers exploit Tiger Woods car accident, spread malware Sexy spamming girls steal World of Warcraft passwords Data leaks could lead to big fines for companies in future Ants Vs. Worms: New Computer Security Mimics Nature room service tidies his hotel room they might do something rather more sinister Verizon and Vodafone credit balance emails carry malware Fake Verizon 'balance-checker' is a Trojan Nasty Gmail Bug Erroneously Marks Unread E-mails As Read Microsoft: Worms Are Most Prevalent Security Problem Fix Old Flaws to Stop New Attacks - Intro Fix Old Flaws to Stop New Attacks Nasty Halloween Trick: Fake Antivirus Sites GET Sophos Free encryption tool (ALL Windows OSes) (I have NOT tried it) Sidekick Data Loss: T-Mobile's Unending Nightmare Comcast Testing Virus Notifications to Infected Users - 10/9/2009 Phishing Scheme Almost Catches FBI Chief Download the free Microsoft Antivirus program Microsoft's New Free Antivirus Hits the Streets - 10/2009 Website exposes sensitive details on military personnel New Adobe Flash Player version 10.0.32.18 has been released - 9/10/2009 W32/Induc-A virus being spread by Delphi software houses Cisco Wireless LANs at risk from 'skyjacking' flaw German hackers crack GSM encryption - 25th August 2009 Boobytrapped images pose threat to Apple users Free download: New version of Sophos Anti-Rootkit Twitter topples under denial-of-service attack Black Hat '09 Shines Light on Security IT departments braced for Microsoft out-of-band patches on July 28, 2009 HSBC receives record fine after losing data in post Critial Alert - Adobe Flash Vulnerability Affects Adobe Products 7/23/2009 Microsoft FINALLY fixing ActiveX bug - Tuesday 7/14/2009 Ebook Vulnerabilities in First-Generation RFID-enabled Credit Cards - 7/11/2009 Google Expands Site Dedicated to Fighting Malicious Ads Top 10 Ways Cyber Criminals Use Your Information - PDF MS made Firefox UNSAFE unless you Remove the .NET Assistant Firefox Extension - USE IE Java Runtime Environment 6.0 Update 14 Released NOTE: Norton 360 & 2009 require a Patch to work with Firefox 3.5 NORTON PATCHES FOR FIREFOX 3.5 (7/13/2009): Compatability of Norton 360 with Firefox 3.5 Compatability of Norton Internet Security 2009 with Firefox 3.5 WiFi is no longer a viable secure connection (WPA and WPA2 encryption systems are no longer enough to protect wireless data) Wi-Fi VERY unsafe in Hong Kong - Hacked Sites Install Google-Targeting Malware Of course, the latest Pharming attacks are based on phoney Swine Flu emails. Critical vulnerability in plug-in for IrfanView image viewer Intel CPU cache poisoning - dangerously easy on Linux - Network World Nemesis: Symantec Website Open to XSS Vulnerability - 4/15/2009 IBM Tivoli Storage Manager Express Heap Buffer Overflow Vulnerability HP Network Node Manager Multiple Command Injection Vulnerabilities The First Linux Botnet Computer Experts Unite to Hunt the Conficker Worm - NYTimes - Mar 19, 2009 iPhone security flaw could give hackers complete control Online Fraud Hits Airlines Hard Power Grid Is Found Susceptible to Cyberattack Network Security Blog Computer Security Conference - CSC 2009 - Myrtle Beach, SC on March 26-27, 2009 Group publishes Spec for improving interoperability of IP video surveillance The Security Certification Directory Microsoft puts the kibosh on Facebook worm Koobface Digg - EBay Auction Tool Web Site Infected With Malware After CERT warning, Microsoft delivers AutoRun fix Common Vulnerability Scoring System Version 2 Calculator Sneaky New Virus (Anti-Virus-1) Spreads via Ads - eWeek.com was hacked NoScript probably would have prevented the above problem Anti-Virus-1 REMOVING Anti-Virus-1 - bleepingcomputer.com Hackers exploit unpatched Adobe Reader bug Permanent fix needed for DNS security issues, Kaminsky warns at Black Hat CWE/SANS TOP 25 Most Dangerous Programming Errors Integrity-178B OS is designed and certified to defend against sophisticated attacks Thunderbird 2.0.0.23 is out Keeping an Eye Out for the Sinowal Trojan Space station computer virus raises security concerns New techniques hide PDF malware - Microsoft Windows Vista ... - Apr 29, 2008 Finjan Finds Database of 8,700 Stolen FTP Credentials new push from the government to make it legal to snoop through anybody's e-mail UPS/FedEx Delivery Failure Purported e-mail from UPS, FBI contains virus Webroot's Spy Sweeper version 5.8.1 (build 51) has been released (update site) Scam centers on voter registration Latest Microsoft XP updates (July 8, 2008) seem to have killed ZoneAlarm Pro. I have had to de-activate (7/9) ZoneAlarm Pro in-order-to get any Internet access. ZoneAlarm Pro 7.0.483.000 fixed the above Internet access problem. Expect iPhone, Fourth of July scams, security firm says Phony escrow services cheat online car shoppers Trojan lurks, waiting to steal admin passwords Microsoft Security Intelligence Report (July - December 2007) NEW, Worse Vrtdion of a Data held for Ransom Virus detected - 6/5/2008 Webroot's WINDOW WASHER Version: 6.5.5 (build 153) was released 5 News Cisco Vulnerabilities for PIX and ASA What is JS/Psyme (and How to Get Rid of It) Skype File URI Code Execution Vulnerability Symantec Backup Exec System Recovery Manager Directory Traversal Cyber-crooks switch to dynamic code obfuscation to avoid being detected Apparently Zone Alarm & Other Malware Detectors are giving False Poisitives to break into a computer's encrypted hard drive? Just freeze the machine's memory chip computer virus recently discovered on digital photo frame RINBOT - New computer virus attacks business networks Spyware Horror Story: Toxic Wine - A WINE Virus effecting Linux systems Symantec confirms ActiveX bugs in its own consumer software - 4/4/2008 Stripping Away Malware's Armor Major Linux security Hole Found VALENTINE's DAY (2/14/2008 & 2009) STORM WORM COMING Why UAC will not work - users logged in NOT as root/administrator will NOT stop malware Smart Ways to Use Mozilla Firefox free AVG Anti-Root All Privacy & Security Downloads - PC World CES: SentrySafe's Water- and Fireproof Backup Drive guerrillamail - disposable e-mail addresses which expire after 15 Minutes FTC Stops Explicit Popups Zone Alarm Pro Version 7.0.462.000 has been released AJAX - Jim Rapoza's 10 Emerging Security Threats #1 Google APPs - Emerging Security Threat #2 - Jim Raposa Mobile devices & Applications - Emerging Security Threat #3 - Jim Raposa RFID - Emerging Security Threat #4 - Jim Raposa Rich Internet Applications - Emerging Security Threat #5 - Jim Raposa RSS - Emerging Security Threat #6 - Jim Raposa Social Networks - Emerging Security Threat #7 - Jim Raposa Virtual Worlds - Emerging Security Threat #8 - Jim Raposa Virtualization - Emerging Security Threat #9 - Jim Raposa VOIP - Emerging Security Threat #10 - Jim Raposa Security Researcher Finds Flaw in Windows Media Player Critical vulnerability found in Ask.com toolbar Symantec Launches Norton AntiBot as Public Beta the electronic trail briefly left in a computer server's RAM must be turned over as evidence Firefox 3.0 to Include 'Get Me Outta Here' Malware Protection News Analysis: Security Appliance Vendors Blas� About CSRF Flaws BitDefender's top malware chart for May 2007 Sony pleads innocent in latest rootkit fiasco Phishers Play Top 40 AT&T Introduces Pay-For-Play Parental Controls for Cell Phones E-voting predicament: Not-so-secret ballots Windows Patch Caused Crash, Skype Says U.S. Government Threatens Retaliation Against States who Reject REAL ID Would You Like A Job With That Virus? Just Say "No Thank You" to Data Disclosure Microsoft limits search data retention, to a point Symantec Bats Botnets with New Tool Fox News server found unsecured What Are All Those .DAT Attachments? Fraudsters Use Charities To Prep Stolen Credit Cards For Sale Phishing.gov? enVivo!CMS Vulnerability Mpack installs ultra-invisible Trojan Red Cross Scam Targets Military Families Apple Shuts Down IPv6 Security Hole MPack Trojan Attack Claims 10,000 Web Sites - 6/18/2007 ANI Trojan Sticks It to Tom's Hardware - patch was available 12 Ways to Be A Security Idiot - 12 Slides Microsoft Urges Workaround as Worm Hits Unpatched DNS Flaw Make your computer HEAVY and risk of it being stolen is greatly reduced. WEP can now be cracked in less than ONE MINUTE More Cisco Flaws - 4/7/2007 Be very careful about opening ".HTA" (Hypertext-Application) Files: New Sysinternals tools from Microsoft Kill Spyware by Hand Gozi Trojan leads to Russian data hoard - account information of thousands stolen Microsoft Investigates IE 7 Vulnerability Over 50% of infections detected in February were spyware and ... - HNS Can a Rootkit Be Certified for Vista? Does you computer make strange sounds at unpredictable times? Microsoft's OneCare Finishes Last in Anti-virus Tests What's Bugging eBay? Viruses Attacking USB Devices CERT - Home Network Security Information CERT - Home Computer Security Blocking Sites that send you ads CBC News Indepth: Computer security - How safe is your computer? Researchers say they peeled The Onion Router The Encyclopedia of Computer Security History of Computer Security weakest link in the security chain: executives who work at home JAVA - Infected GIF files can take control of your computer These JAVA versions contain fixes for this vulernability. Older JAVA versions HAVE the vulernability. Sun Java 2 Runtime Environment 1.3.1_19 Sun Java 2 Runtime Environment 1.4.2_13 Sun Java 2 Runtime Environment 5.0.Update 10 Sun Java 2 Standard Edition SDK 1.3.1_19 Sun Java 2 Standard Edition SDK 1.4.2_13 More details on the above JAVA vulnerability VML vulernability - MS fix is out - can be infected just by viewing a Web page Vista Aims to Stop Hackers' Social Engineering Ploys Acer Preloaded Vulnerability - 1/16/2007 Exploit Released for Critical PC Hijack Flaw that Microsoft thought it had just fixed Opera users need to update to version 9.10 in order to eliminate two threats. Media, Tech Firms Probe Possible High-Def DVD Hack Don't Get Sucked Into Someone's Criminal Schemes DEP/NX has been included in CPUs for years to prevent malware attacks, but turned OFF Gift Card Fraud Rumors and Reality IE 7 Cautionary Tale MySpace worm uses QuickTime for exploit Cracking the BlackBerry with a $100 Key EveryDNS, OpenDNS Under Botnet DDoS Attack See GIFT CARD FRAUD WARNING IBM to offer a free anti-spam program Critical Firefox & IE hole allows password theft Exploit Code Published for Apple OS X Glitch Apple: Beware of Rigged QuickTime Movies - Upgrade to QuickTime 7.1.3 About the security content of QuickTime 7.1.3 Keep Your Secrets: A Safe, Easy Way to Encrypt Files Patch those (under attack) wireless drivers WinZip Vulnerability Apple has released an update to the firmware for their Intel-based Macs, DRM hacker has cracked Apple's iPod protection A critical flaw in the Broadcom wireless driver embedded in computers Phishers Cast a Mobile Net (via cell phones) Windows Server 2003, Longhorn Server & Vista Security Articles ActiveX Flaw Identified - 11/6/2006 Month of Kernel Bugs Microsoft Warns of PowerPoint Attack Spam Trojan Installs Own Anti-Virus Scanner Black Hat Security Conference Archives Spyware, Bots, Rootkits Flooding Through Unpatched IE Hole Crime Rings Target IE 'SetSlice' Flaw; ZProtector Released - fix due 10/10/2006 Learn about Vista's changes to user security Firefox Still Tops IE for Browser Security HOW TO UPDATE WINDOWS Security Watch: VML Bug Imperils IE Users Defective By Design Org is protesting Apple's DRM strategies Security Watch: Security Tips Galore Apple Ships Patch for MacBook Wi-Fi Hack Security Tip: Buy Password-Cracking Software Passware sells a large collection of programs for cracking passwords Beware of Rogue Antispyware and Anti-popup Products Hacker Discovers Adobe PDF Back Doors - 9/15/2006 Malware Money Tough to Trace Record number of phishing sites seen for July CA eTrust Antivirus [was erroneously] flagging Windows 2003 Server's lsass.exe infected Son of the Critical Windows Bug - MS06-040 Top 8 Threats Retina MS06-04- NetApi32 Scanner - Free Scanner Probes PCs for Critical Windows Bug Looks like Cisco's firewall is vulnerable to yet another attack Who is causing trouble on the Internet - DShield's 10 most wanted Phishers try to best banks' authentication Top 10 Spyware Threats - Webroot Top 100 Security Tools Download Free SVG Viewer 3.03 (security updates) Sony BMG is using SunnComm's MediaMax DRM on some new CDs: CDs Containing SunnComm MediaMax Version 5 Content Protection Software Two DNS servers hit by denial-of-service attacks Symantec antivirus security bug Windows - a Corrupted Font can cause a PC security breach Windows Small Business Accounting 2006 crashing on you? Microsoft Outlook 2000, XP or 2003 vulnerability The people at the Mobile Antivirus Researchers Association (MARA) are reporting that they have discovered the first PC to Handheld crossover malware written in C#. CME provides single, common identifiers to new virus threats to reduce confusion AJAX Poses Security, Performance Risks Virtual Machine Rootkits: They Live! Microsoft: Stealth Rootkits Are Bombarding XP SP2 Boxes 'Mr. & Mrs. Smith' DVD Ships with Rootkit-like DRM Harder-to-Detect Oracle Rootkit on the Way Caught by a Phish Adobe Fixes Shockwave Code Execution Flaw - February 24, 2006 Who Tests the (software) Code Testers? ActiveState Returns to Open-Source Roots Adobe Patches Photoshop, Illustrator Flaws Gartner Disses Oracle Security Oracle Opens the Book on Its Recipe for 'Unbreakable' Code Find out how pharming attacks hijack Internet domains - view the video Big Hole in Symantec SMS Product Cookie Holes Expose Browsers more than 1 billion suspicious computer security events recorded in 2005 'High Risk' Flaw in Symantec AntiVirus Library Security Patch Watch: Sun Java, Symantec, Cisco Trend Micro: RSS Is Worm Bot's Next Target Security Vendors Clueless Over Rootkit Invasion News Analysis: Ca Sony's 'Rootkit' Is on 500,000 Systems, Expert Says XML-RPC Threatens Linux, Unix Systems Internet Security issue - eWeek Check if your PC is vulnerable to IE's Javascript problem Linux/BSD still exposed to WMF exploit through WINE! Hackers Exploiting Zero Day Windows Flaw Microsoft has released an advisory, suggesting IT administrators and users set the email client to read only text, and disable Windows picture and fax viewer. Patch HAS been released - 1/06/2006 Trojan, Exploit-WMF, delivers unwanted gift to Windows PCs Santa delivers more Christmas malware - The Trojan horse "MerryX.A" - 12/2005 SecurityFocus is designed to facilitate discussion on computer security OpenSSH cutting edge Demystifying Denial-Of-Service attacks, part one Tracked by cellphone Microsoft December 2005 patch release to include one critical update Sony fixes security hole in CDs, again - 12/8/2005 Survey: Most home PC users lack security WORM Attacks New Worm Targets Linux Web Service Holes Linux: Secure as You Want It to Be Windows bug allows invasions - XP w/SP2 & Windows Server 2003 - Windows Firewall Update makes invisible entries visable in Windows Firewall Red Hat, IBM help form company to buy Linux patents New Worm Targets Linux Web Service Holes - 11/2005 Network Appliance Data ONTAP iSCSI Security Controls Can Be Bypassed Microsoft Security Bulletin MS05-051 Problematic for Some, Security Firm Says Microsoft has re-issued Windows 2000 SP4 Update Rollup, due to problems Adobe Fixes Flaws - Acrobat and Adobe Reader plug-in buffer overflow Microsoft Exec Warns of 'Fake' XP SP3 Update - Windows XP Service Pack 3 Microsoft Bolsters Video Content Security in Vista Windows XP SP3 to ship when Vista ships Most Monitors Won't Play New HD Video & you have to upgrade to Windows Vista Read & follow PCworld's 10-step PC Security suggestions Detecting and Attacking Bluetooth-Enabled Cellphones at the Hannover Fairground existing Bluetooth hole has been opened wide - Security watch 6/6/6/05 Drive-By Download Sites Chauffeur Spyware Consider using NOD32 Anti-Virus & Anti-Spyware Software browser security-check Web sites Liberty Alliance takes on ID theft Cracking WEP in 10 minutes Spyware solutions: Technology and leadership Update Your Internet Security Arsenal Head Off Spyware, Viruses and Malware Five Linux Security Myths You Can Live Without

Advisory / Alert Sites & Databases

Technical Cyber Security Alerts - US-CERT Internet Storm Center - SANS dot ORG Latest vulnerabilities analysis - Sophos FBI eMail Scam list - signup for their email Vernerabilities - listed by Secunia.com Advisories Listed by PRODUCT Advisories Listed by VENDOR Latest Viruses, Worms, Trojans, Spyware, and Malware Versign iDEFENSE Publications spywareguide PC Magazine's SECURITY WATCH EIT Planet's Security News - antionline.com SECURITY - Information Week Daily cyber threats and internet security news alerts Published Scoops - governmentsecurity.org Office of Inadequate Security Invisible Things Lab - NEWS - cutting-edge research in computer system security emergingthreats.net Graham Cluley�s blog - Sophus Paul Ducklin�s blog - Sophus Chester Wisniewski�s Blog - Sophos SophosLabs blog

Advisories, Microsoft

REPORT A MICROSOFT VULNERABILITY Windows hole discovered after 17 years Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released recovery form for you to use to restore access if your account has been locked Microsoft is blocking access to thousands of Windows Live Hotmail accounts after passwords were stolen Phishing attack heists Hotmail, msn.com, and live.com passwords - 10/2009 SA09-251A: Microsoft Updates for Multiple Vulnerabilities After CERT warning, MS delivers AutoRun fix MS Office BMP Input Filter Heap Overflow Vulnerability - labs.idefense.com MS Office WPG Image File Heap Buffer Overflow Vulnerability- labs.idefense.com MS PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability- labs.idefense.com MS PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability- labs.idefense.com MS Excel Chart AxesSet Invalid Array Index Vulnerability- labs.idefense.com TA08-190A - MS Updates for Multiple Vulnerabilities July 8, 2008 TA08-189A - MS Office Snapshot Viewer ActiveX Vulnerability July 7, 2008 Security Loophole Found In Windows 2000 Operating System - 11/12/2007 Microsoft Gearing Up To Patch ShellExecute Office 2007 Vulnerability - the first one found ActiveX Flaw Identified - 11/6/2006 Retina MS06-04- NetApi32 Scanner - Free Scanner Probes PCs for Critical Bug Microsoft Advisories, Listings Sign up for Microsoft Advisories Internet Storm Center - SANS dot ORG Microsoft Security Home Page

Advisories by OS, Product, & Vendor

Advisories Listed by PRODUCT Advisories Listed by VENDOR

Advisories / Exploits, Specific - New Alerts

Conficker virus STILL AROUND - outbreak at Greater Manchester Police Spammed out Amazon Shipping Update contains malware (a Trojan) Banking malware found on Android Marketplace Phishing attack heists Hotmail, msn.com, and live.com passwords - 10/2009 Fake anti-virus virus proclaims to be your Facebook friend - October 1st, 2009 Cybercriminals exploit Michael Jackson, Farrah Fawcett deaths New Trojan stealing FTP credentials, attacking FTP websites How to defend against rogue DHCP server malware Finding malware on your Windows box (using the command line) When BIOS updates become malware attacks Rootkit Hunter demo: Detect and remove Linux rootkits Botnet threats and countermeasures Nine Ball - attack strikes 40,000 Web sites Here Comes Nine Ball, Another Major Web Threat Beladen Gumblar Hacker Hits URL Shortening Service Cligs Keeping an Eye Out for the Sinowal Trojan

Joke-ClickMe

This is a practical joke program. It is not a trojan nor a virus. Joke.ClickMe | Symantec Joke.ClickMe Technical Details | Symantec Joke.ClickMe - Removal Joke-ClickMe Joke-ClickMe Hacked Sites Install Google-Targeting Malware Don't open that Western Union Transfer email Of course, that latest, is phony Bird-Flu Emails. CONFICKER WORM (W32.Downadup): Conficker virus STILL AROUND - outbreak at Greater Manchester Police Visual Pictures can determine whether or not you have the CONFICKER Worm (I don't know if the above covers Conficker D variant. I believe that it would.) ONLINE Conficker Test - click HERE CURRENTLY, 3/27/2009, If you have: 1] a Good, UP-TO-DATE anti-virus program installed, and set to automatically update. Note that for both 2009 & 2008, PCWorld rated Symantec's Norton 2009 Internet Security Suite the Best at overall detecting, blocking and removing Malware. There are other opions, no doubt. I went back to Norton two years ago - it is now very fast and thorough. 2] ALL Microsoft suggested security updates for your version of Windows (and have your computer set to always get and apply Windows updates) - YOU "SHOULD" be protected from currently known versions of the Conficker Worm. Resurgence of the Conficker virus - dt CONICKER / W32.Downadup Worm BACKGROUND Information: AFTER 4/1/2009, Conficker code alters, making it very difficult to remove (NOT a joke). Conficker blocks you from reaching any web address that includes Microsoft, Symantec, McAfee, AVG, Kaspersky, Trend Micro, F-Secure, Panda, Sophos, SecureWorks or Sunbelt in the URL. It also blocks URLs that contain 103 other names and phrases that relate to security. Supposedly Full list of Blocked URLs - scroll down - listed under "domain lookup prevention New variant of Conficker set to hit computers on April Fools Day Conficker worm "getting a lot uglier" | IT PRO How to diagnose and defeat the dangerous Conficker worm - McAfee The Conficker Worm - Norton W32.Downadup (CONFICKER - Norton Conficker - Wikipedia W32/Conficker.worm - McAfee McAfee Security Insights Blog � Conficker is no joke McAfee KnowledgeBase - Information relating to W32/Conficker worm - PDF - McAfee Three in 10 Windows PCs still vulnerable to Conficker exploit .. New Conficker Variant Detected as WORM_DOWNAD.AD | Malware Blog - TrendMicro WORM_DOWNAD.AD - Description and solution - TrendMicro Computer Experts Unite to Hunt the "Conficker" Worm OTHER RECENT MALWARE ALERTS: Psyb0t or Bluepill Worm - NASTY: Nasty New Worm, Psyb0t Targets Home Routers, Cable Modems Firefox and Seamonkey Vulnerabilities - 2009-03-27, There is some SMiShing going on - text msg sends you to a BAD web site - 2009-03-27 Cisco Releases IOS Bundle of Vulnerabilities - 2009-03-25 Java Runtime Environment 6.0 Update 13 Released - 2009-03-25 Waled Malware is back again: Malware fall-out after dirty bomb news report in *your* city Waled (Malware) explosion in your city! Microsoft Warns Of Zero-Day Excel Exploit Waledac - New And Improved Storm Botnet Morphing Malware Anti-Virus-1: Sneaky New Virus (Anti-Virus-1) Spreads via Ads - eWeek.com was hacked Anti-Virus-1 Adobe PDF Exploit Signatures - 26 February 2009 CookieMonster Can Steal HTTPS Cookies - bank sites, travel sites, credit cards UPS/FedEx Delivery Failure Universities, colleges warning about bogus e-mail Watch out for fake IRS e-mails Email purportedly from a private investigator investigating you New Storm Botnet Fourth of July Attack Valentine's Day (2/14/2008) Storm Worm is fast approching Microsoft Urges Workaround as Worm Hits Unpatched DNS Flaw Exploit Released for Critical PC Hijack Flaw that Microsoft thought it had just fixed Retina MS06-04- NetApi32 Scanner - Free Scanner Probes PCs for Critical Windows Bug - MS06-040 Microsoft Windows Hyperlink Object Library Buffer Overflow - 06/2006 Lavasoft Personal Firewall Privilege Escalation Vulnerability - 07/18/2006 Ubuntu has issued an update for the kernel. This fixes a vulnerability - 2006 Red Hat update for libwmf - 07/18/2006 Red Hat update for GnuPG - 07/18/2006 Red Hat update for freetype - 07/18/2006 Microsoft PowerPoint Memory Corruption Vulnerability - 07/18/2006 rPath update for kernel - 07/18/2006

ATTACK TREES

Attack Trees - wikipedia

AUTHENTICATION

Authentication - wikipedia authentication library - howstuffworks.com

BACKDOORS

Backdoor - Wikipedia, the free encyclopedia Scroll down to find BACKDOOR & other info - tutorials - How to protect ... F-Secure Virus Descriptions : Backdoor System Backdoors Explained Hidden Backdoors, Trojan Horses and Rootkit Tools in a Windows Environment PROGRAMMING BACKDOORS Placing Backdoors into a UNIX computer Computer Security 101: Lesson 6: viruses, worms, trojan horses hidden backdoors into most computer systems Remove Backdoors removal instructions Windows Backdoors: Greatest Security Breach Ever? Home Computer Security Virus, worms, trojans and backdoors Viruses, Worms, Trojan horses, Phishing and Anti-virus Software The Enemy Within: Firewalls and Backdoors

Beginner's / Novice / Newbie - Impoving computer security

Howtos, Guides, Information, Advice, Cures, Help, Newbies,...

COMPUTER SECURITY RECOMMENDATIONS Beginner's guide: How safe is your computer? - CBCnews A Few Tips to Help You Protect Your Home Computer - SANS.ORG Kevins Mitcnicks Security Advice - in blogspot - SCROLL down TO "mitcnicks" Computer Security, Firewalls, Viruses and Worms - Don Pedro Malware, Spyware, Adware Or Trojan - What's the Fuss? Defining Malware: FAQ - Microsoft The Complete Layman's Guide to Cyber Safety History of Computer Security Computer insecurity - Wikipedia, the free encyclopedia Computer Security Index - faqa.org Computer Security Group - cl.cam.ac.uk Computer Security - pelttech.com IT Security - itsecurity.com HNS - Malware of the week: Piggi.B worm, ReverseClick.A trojan and ... Computer Security for Students - Jmaes Madison University WHAT TO DO if your computer is INFECTED / How to tell if your computer is INFECTED

BetterPrivacy - Firefox Add-on to fight Flash Cookies

Ever wondered why you are still tracked though you tried everything to prevent it? BetterPrivacy is a safeguard which protects from usually not deletable LSO's (such as Flash Cookies) on Google, YouTube, Ebay... BetterPrivacy 1.45 - DOWNLOAD BetterPrivacy Prevents Tracking by Flash, Other "Super-Cookies ... 10 Best Firefox Addons for Security and Privacy Discourse.net: 'Better Privacy' Firefox Add-On Eats Hidden Cookies Remove non-deletable super cookies with Better Privacy Firefox addon Better Privacy Deletes Sneaky Flash Cookies From Firefox - PC World

BHOs - Browser Helper Objects (CLSID)

A BHO is a small program that extends Microsoft's Internet Explorer. Examples of BHO usage include visible add-on toolbars in IE, but can also be hidden functions. Adware and spyware as well as browser hijackers often use BHOs to display ads or follow your moves across the internet, because a BHO has access to each URL you visit and can redirect you or display other pages than you requested (sites that infect your PC with Malware or ads, for example). BHOs often use ActiveX installation programs. PERSONALLY, I BLOCK Active-X from running from non-trusted sites. I am running PCWorld's free BHODemon2 Version: 2.0.0.23, which notifies me when BHOs try to install (I can block the installation). I can also block installed BHOs from running. However, I suggest that you run Firefox instead of Internet Explorer. The CLSID list is a Tony Klein project - information about CLSIDs - Sysinfo.org BHODemon 2.0.0.23 - PCWorld Browser Helper Objects: The Browser the Way You Want It Browser Helper Object - Wikipedia SpywareInfo > Browser Helper Objects (BHOs) "What is a Browser Helper Object?" A CLSID is a globally unique identifier that identifies a COM class object What Is CLSID? - ezinearticles.com/ CLSID (Class ID) Definition CLSID List (Windows Class Identifiers) Globally Unique Identifier - Wikipedia SourceForge.net: Files What is CLSID? - A Word Definition From the Webopedia Computer ... The clsid: URL Scheme RFC 1738 - Uniform Resource Locators (URL) Inserting Multimedia Objects in HTML OSF DCE/RPC

BLACKBERRY & Related Mobiles / PDAs

BlackBerry Update Fixes Phishing Flaw - 10/1/2009 See also: PDA Viruses

Black Listed web sites - Thought malicious and/or Intrusive

NOTE - These lists may be in error - Use this information at YOUR OWN RISK URL blacklist - Alleged Intrusion Sites Spam Links - Blacklists / Blocklists URL.blacklist.com - a 15MB, compressed file - can download ONCE for free See also WHITE LISTED WEB SITES

Bluetooth Vulerabilities

PC World says: Disable "open" Bluetooth on your phone or PDA. Bluebugging - stealing mobile phone commands Bluejacking - sending unsolicited text messages Bluesniping - using a laptop and powerful antenna to attack from a distance Bluesnarfing - stealing information War-nibbling: driving around looking for Bluetooth signals to attack Bluetooth Security - learnbluetoothtechnology iPhone's Bluetooth Bug Under Hackers' Microscope Securing Bluetooth Devices Detecting and Attacking Bluetooth-Enabled Cellphones at the Hannover Fairground existing Bluetooth hole has been opened wide - Security watch 6/6/6/05 Bluetooth - Information about CLICK HERE for more information about BLUETOOTH

BROWSER HIJACKING

Has Your Browser Been Hijacked? Browser Hijack Blaster (free) - Stop Web sites from changing your home page without your permission. AdFree v3.1 - replaces animated banner ads with a dummy - free AdAware Plus, $27, also blocks hijacking.

BROWSER REDIRECTION (mis-direction

Please see cross-scripting

BROWSER SECURITY

Browser Compatibility Tutorial Browser Fingerprinting Can ID You Without Cookies The Ghost In The Browser: Analysis of Web-based Malware - PDF - Usenix IE attack then launches malicious Firefox attack - IE and Firefox Join In to Attack You Mozilla to Disable ANI Exploits Path of Entry - 4/5/2007 Best Free Browser Protection Utilities - techsupportalert.com Scanit - browser security-check Web site Qualys - browser security-check Web site Play It Safe With the Right Browser Security Settings Browser Info & Updates - CNet

BROWERS - SURFING MORE WEB SITES SAFELY

Plugins/software to warn you of dangerous web sites. Free SiteAdvisor Ver 29 - McAfee - recommended by MYSELF and PCworld Microsoft has added SiteAdvisor info to their new "bing" search engine - Google, Yahoo and now bing (Livesearch) display McAfee SiteAdvisor info. McAfee SiteAdvisor - Wikipedia Scandoo (public beta) - toolbar - recommended by PCworld 10 Greasemonkey scripts you shouldn't browse without Keystroke loggers - and FOOLING KEYLOGGERS Mozilla fixes 9 Firefox Vulnerabilities, recently Firefox Still Tops IE for Browser Security

BROWSER VULERABILITIES

New Opera v9.51 fixes couple of security issues Click-to-Call Bug Found in iPhones, and probably are in other phone Browsers IE attack then launches malicious Firefox attack - IE and Firefox Join In to Attack You Firebug was discovered to have a vulnerability - update to version 1.04 FireFox users really need to install the Microsft ANI (Animated Cursor) Patch of 4/3/2007 More IE & Firefox Vulernabilities The Adobe Reader vulnerability also effects Browser plug-ins for IE and Firefox Opera users need to update to version 9.10 in order to eliminate two threats. vulnerability in Web-hosted PDF files revealed Adobe Reader 8 is not vulnerable to this problem. I just noticed that Adobe Reader 8 is available

BUSINESS DATA SECURITY

Protecting Personal Information: A Guide for Business - FTC

CELL PHONE VIRUSES & VULNERABILITIES

Cell phone numbers will NEVER be "released to the public". This is a HOAX - stop falling for this hoax Cell phone security: How safe is your information? - WRAL-TV iPhone security flaw could give hackers �complete control� MMS virus discovered MMS - Multimedia Messaging Service Cabir - This Time, Cell Phone Virus Is for Real skulls trojan attacks Symbian phones Nokia 7610 Smartphones suffer Skulls attack - ruins the phone

CERT

CERT - Home Computer Security CERT - Home Network Security Information Technical Cyber Security Alerts - US-CERT CERT - Computer Emergency Response Team - Carnegie Mellon US-CERT Vulnerability Notes Database

CERTIFICATES

spoof a certificate and impersonate a legitimate Website

CONFERENCES & CONFERENCE PAPERS

Computer Security Conference Ranking and Statistic - RANKINGS

(free) Secure Virtualization - Tuesday June 02, 2009 - LA - Linkedin (free) 1-day Data Protection Seminar: Boston - Wednesday, Dec. 10, 2009

CISCO Vulnerabilities

TA08-087B - Cisco Updates for Multiple Vulnerabilities - March 27, 2008 Cisco Releases IOS Bundle of Vulnerabilities - 2009-03-25

Cleanup your computer and it's Hard Drive

This section discuss cleanup, NOT removal of Malware. While I believe this to be a very good article, I don't agree with the choice of anti-Malware, as Norton's 360 is usually rated best and is MUCH faster (almost the fastest) than it was two years ago (I've switched back to Norton) - there will always be other opinions: How to Perform a Complete Computer Cleanup - Ed Coyne I use paid (Webroot's Window Washer) or free programs (CCleaner) to remove temporary files every time my system reboots.

COOKIES - COOKIE INFORMATION

Surfjack tool allows you to detect GX HTPPS cookie mis-management on user specified sites CookieSafe - Firefox Add-on Cookie Central Both Ad-Aware & Spybot remove cookies Unofficial Cookie FAQ Information About Cookies on Microsoft.com What is cookie? - A Word Definition From the Webopedia Computer HTTP cookie - Wikipedia, the free encyclopedia Howstuffworks "How Internet Cookies Work" How to Enable Cookies Client Side State - HTTP Cookies - The original cookies specification HTTP Specifications and Drafts - Cookies Time for a new (HTTP) Cookie recipe? - Implementer's notes HTTP-wg Archive: errata for cookie spec O'Reilly Network -- Cookie Specification Vulnerabilities Bug ID: 4391956 Cookie: API should enforce Cookie spec when ... PROBLEMS WITH SPECIFIC COOKIES: Gmail cookie vulnerability exposes user's privacy CLICK HERE for information about FLASH COOKIES

CREDIT CARD VULNERABILITIES

Ebook Vulnerabilities in First-Generation RFID-enabled Credit Cards - 7/11/2009

CROSS-SITE SCRIPTING (XSS)

NoScript

NoScript is an excellent FireFox add-on that (mostly) prevents Cross-Site scripting from being used to destroy your computer via a web page directing your web browser to a different site, and installing malicious software. I highly recommend running NoScript 1.9.9.45 (with the FireFox 3.5 web browser, INSTEAD of Microsoft's Internet Explorer). US-CERT now recommends NoScript as a secure browsing practice. While I love the NoScript add-on for FireFox, version 1.8.1 broke my access to (Time-Warner) Road Runner's Web Mail service. Upon investigating, I found that I had to: 1] open the NoScript OPTIONS window 2] Select HTTPS 3] DE-select ENABLE AUTOMATIC SECURE COOKIES MANAGEMENT in-order-to be able to access my email via FireFox 3.0.6 THIS WAS FIXED - NoScript's defaults were changed. I also recommend (in the NoScript Options window): 1] Clicking on the UNTRUSTED tab 2] Click on (select) FORBID 'WEB BUGS' 3] Click on OK Automatic Secure Cookie Management, is now turned OFF by default. NoScript, version 1.9.9.45, a free Mozilla Firefox Extension, blocks Cross-site Scripting (XSS). Cross-site scripting - Wikipedia CERT Advisory CA-2000-02 Malicious HTML Tags Embedded in Client ... Cross Site Scripting (XSS) questions and answers "What are some links I can visit to help me further understand XSS?"

Other Cross-Scripting (XSS) Information

Cordless Phones

Buy only Digital cordless phones that use Encryption. (anyone can listen to your analog or un-encrypted digital phone conversations). I would buy only the phones that use the 6.0 MHz spectrum. I personally prefer the phones made by Uniden.

Data Held for Ransom

Strange as it sounds, one of the newer dangers is software that Encrypts your data, and then demands that you pay a ransom to get access to your data. This technique targets Windows users. Cryzip is an early example of such a program. Cryzip locates 44 different file types, zips them into an encrypted zip file, deletes the original files, and then presents you with a ransom demand. Sometimes you can recover most of your files with an undelete program. Some free File Undelete programs are here, at PC World. Other Free File UNDELETE Software PC World recommends that you do not pay the ransom, nor go to any specified links. Instead, make a police report, using an uninfected computer, search the Internet for the text in the ransom "note". Gpcode Holds Your Documents for Ransom - scroll down New, worse version of a Data Held For Ransom Virus Detected - Upgrade your browser Ransomware... Holding Corporate America Ransom! - NTOS.EXE" Ransomware attacks target Symbian mobiles Ransomware data kidnapping on the rise Arhiveus - 2006 Kaspersky calls it Zippo and Panda Labs calls it ZippoCryptor. The latest Trojan to hold people's data hostage apparently has a flaw. The password for all systems is the same and is stored in plaintext on the victim's system, according to LURHQ. The password is C:\Program Files\Microsoft Visual Studio\VC98. New Trojan is Holding Data Ransom Data Ransom Attempt Shows Need for Vulnerability Management

Data In Motion (enterprise data loss)

Data in Motion describes enterprise data that is in the midst of being accessed, stored, sent to remote sites, archieved. The main premis is that it might be easier for criminals to gain access to data that is being moved. There is a lot of emphasis put on securing data in motion (encrypting), and not as much thought into storing the data as encrypted. I.e., it might be much easier for criminals to hack into non-encrypted, stored data, than to try to decrypt secured data in motion. Data in Motion, And At Rest - Storage Blog - InformationWeek Cloud computing's nemesis: data in motion | insideHPC.com Transparency data in motion � Jon Udell Securing data in motion vs. data at rest? It's the wrong question Security Efforts for Data In Motion Should Be Put to Rest Data in Motion - Forbes.com Data security - wikipedia (free) 1-day Data Protection Seminar: Boston - Wednesday, Dec. 10, 2009 See also ENCRYPTION See also Secure Connections

DB, Oracle, SQL,... Vulnerabilities

Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability Oracle Secure Backup Administration Server login.php Command Injection Vulnerability Oracle Secure Backup Administration Server login.php Command Injection Vulnerability

DHCP Vulnerabilities

How to defend against rogue DHCP server malware

DNS Vulnerabilities

DNS Cache Poisoning: What You Need to Know - Cisco white paper Permanent fix needed for DNS security issues, Kaminsky warns at Black Hat TA08-190B - Multiple DNS implementations vulnerable to cache poisoning

DoS - Denial of Service

Denial of Service Attacks - CERT Denial-of-service attack - wikipedia Denial of service denial

DOWNLOADS - Useful Software & caveats

1] Always download from reputable sites - some sites considered safer than most might include: tucows, download.com, PCworld and Jumbo. NOTE that very rarely, even these sites get hacked. 2] If you know the maker of the software, got to their site. I recommend using Google to locate the real site, rather than keying it in. 3] Browsers such as FireFox 3.x will use your computer's anti-virus to scan downloads on-the-fly. What's the Safest Way To Download Software? DOWNLOADS OF POSSIBLE INTEREST: All Privacy & Security Downloads - PC World

DOWNLOADERS

Downloaders are simple Malware programs used to download dangerous programs that try to steal your identity, passwords, money, and everything else that they consider useful to them. Armed and Dangerous: The New Generation of Web-Based Viruses from St. Bernard - white paper Dealing With Downloaders Downloader after downloader

ELECTRONIC GADGEST ARE OFTEN INFECTED

Electronic Gadgets Often Full of Computer Viruses computer virus recently discovered on digital photo frame

Email - Protection / Scanning

guerrillamail - disposable e-mail addresses which expire after 15 Minutes How to Scramble your Email Address Most Malware / Virus checkers will also scan your incoming, and perhaps your outgoing email, on 9autoamted) request. Ensure that it can scan YOUR email program - for example, I use Moziila's Thunderbird, with which Norton and others work quite well. The complete guide to using Gmail with Thunderbird, Mozilla Mail FBI eMail Scam list - signup for their email

EMULATION (WINE on Linux,...

Spyware Horror Story: Toxic Wine - A WINE Virus effecting Linux systems Linux/BSD still exposed to WMF exploit through WINE!

ENCRYPTION (Click here)

ENCRYPTION FLAWS

Evil Maid goes after TrueCrypt! Flaw Endangers Debian-Based Encryption Keys to break into a computer's encrypted hard drive? Just freeze the machine's memory chip

ETHERNET / 802.11 SECURITY - subjects not covereed elsewhere

The Unofficial 802.11 Security Web Page CLICK HERE for more information about ETHERNET

EULA - End User License Agreement

Click here for more information about EULAs EULAnalyzer - checks EULAs for bad agreements

EVENTS / CONFERENCES

Computer Security Conference - CSC 2009 - Myrtle Beach, SC on March 26-27, 2009

EXCEL ATTACKS

Pump-and-dump scammers turn to Excel Microsoft Posts Excel 'Zero-Day' Flaw Workarounds

FACEBOOK / MySpace / Twitter,...SCAMS & MALWARE

IN MY OPINION - NEVER LIST ANY PART OF YOUR BIRTHDATE ON FACEBOOK or any other website - it makes it easier to steal your identity. Do NOT download any plugins requested by Facebook, MySpace,... messages - IT IS USUALLY DANGEROUS MALWARE. I STRONGLY SUGGEST THAT YOU READ & HEED THE FOLLOWING LINK's INFORMATION - (You can choose not to become an endorser of these products or companies by making tweaks to your privacy settings.): Can You Protect Your Image (pictures) While on Facebook? ***** 70% rise in social networking spam and malware reports Which social network poses the biggest risk? Researcher: Flaws In Facebook App Authorization Could Lead To Clickjacking - Jan 20, 2010 Facebook Rolls Out Its New Privacy Settings 10 Facebook Don'ts - infosecisland Facebook privacy: a guide Identity theft: How a Rubber Duck can outfox Facebook users Sophos Australia Facebook ID probe 2009 a safer Twitter for 2010 - Sophos Cisco Systems report: Criminals target social networks like Facebook, Twitter Fake anti-virus virus proclaims to be your Facebook friend - October 1st, 2009 A Nice Big FriendFeed (a social website) Bug: Impersonate Anyone! Some Facebook Privacy issues to consider Security Threat: WordPress Under Attack - UPDATE youir WordPress - September 5, 2009 These Twitter Worms could probably have been stopped by using NoScript. Twitter shaken by worm attacks worm-madness-twitter twitter-users-warn-attack Twitter Worms (Mikeyy worm) Vanquished--for Now - 4/16/2009 "Teen Claims Responsibility for Twitter Worms" "Twitter Worm Attack Continues: Here's How to Keep Safe" Microsoft puts the kibosh on Facebook worm Koobface Elaborate Facebook Worm Virus Spreading Facebook Worm Comes From Infected Friends -- Internet Security Facebook worm hijacks web search - The Registe 5 Facebook Scams: Protect Your Profile

FIBRE OPTICS SECURITY PROBLEMS

Fiber-optic networks can be eavesdropped on using equipment costing as little as $1,000

Firefox / Mozilla - WEB BROWSER

It is my belief, and that of some other experts, that using Firefox is safer than using Internet Explorer. Firefox 3.5.7 is out Firefox updated version 3.0.15 (older 3.0 version chain) is out 10/30/2009. Firefox 3.5.2 is out Firefox 3.0.12 replaces 3.0.11 - 7/22/2009. "Warning to all Firefox users: the Microsoft .NET Framework 3.5 Service Pack 1 update, pushed through the Windows Update service to all recent editions of Windows, installs the Microsoft .NET Framework Assistant firefox extension without asking your permission. This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer" says http://www.annoyances.org/ - USE IE, NOT Firefox to print THIS Remove the Microsoft .NET Framework Assistant (ClickOnce) Firefox Extension

FIREFOX - DOWNLOAD Latest Version (3.5) here - Now works with Snagit

MY RECOMMENDED ADD-ONSs for FIREFOX: NoScript Version 1.9.9.45 - for Firefox - YOU NEED THIS PROTECTION McAfee SiteAdvisor (FireFox and Internet Explorer) Version 29 Microsoft has added SiteAdvisor info to their new "bing" search engine - Google, Yahoo and now bing (Livesearch) display McAfee SiteAdvisor info. IDND - Version 1.5.1 FireFox Articles, vulnerabilities: Firefox and Seamonkey Vulnerabilities - 2009-03-27, Essential security updates for Adobe and FoxIt PDF readers Smart Ways to Use Mozilla Firefox

FIREWALLS

I strongly recommend BOTH a Hardware Firewall and a Software Firewall (free ZoneAlarm works very well). ZoneAlarm (and other such software) can prevent those spyware and keylogger programs from "calling home" with your personal information. A Hardware Firewall helps prevent Hackers from coming INTO you computer. I have replaced the excellent ZoneAlarm Firewall (my favorite) with the Firewall that comes with Norton's 360 (Internet protection Suite). This way, I know that there are no conflicts between using softwar from different vendors. I am NO LONGER using ZoneAlarm Pro, version 7.0.483.000. Best Free Firewalls - techsupportalert.com What is firewall? - Webopedia How Firewalls Work - howstuffworks Understanding Windows Firewall in Windows XP Service Pack 2 - Microsoft Why you should use a computer firewall Firewall FAQ Firewall Q&A Programmatically controlling a UPnP Firewall - Knox North 2008 Firewall Software Report - toptenreviews.com Free Software Firewalls Differences and Features of Hardware & Software Firewalls Firewall Debate: Hardware vs. Software Hardware Firewalls vs. Software Firewalls Firewalls: Hardware and Software - AntiOnline (5/2004) Is the Windows XP firewall enough? What does a router (hardware) do? Internet firewalls: Frequently asked questions What You Should Know About Firewalls - PCWorld Home PC Firewall Guide Firewalls and Internet Security Firewall Reference Books The Windows (DOS) command: netstat -an will list all your open ports SEE Also: IP FILTERING SEE ALSO: What To Do

FIREWALLS, HARDWARE

These can be purchased as standalone "appliances", but people usually buy them bundled with Cable/DSL Routers (they are part of that product - read the information on the box). I and most security experts believe that even home users need both a Hardware Firewall and a Software Firewall. Hacker pierces hardware firewalls with web page - No interaction required For people who know aobut firewalls, you can share your firewall intrusion logs with "DShield" a company dedicated to fighting intrusions. DShield provides a platform for users of firewalls to share intrusion information. DShield is a free and open service. If you use a firewall, please consider submitting your logs to the DShield database. You may either download one of DShield's ready to go client programs, or use their Web Interface to manually submit your firewall logs. Registration is encouraged, but is not required. DShield - Home Page DShield reports and database summaries Firewalls: Hardware ***** Do You Know � Hardware Firewalls Hardware Firewalls - cybercoyote LeakTest - Hardware Firewalls/NAT Routers Hardware Tips: Keep Your PC Hidden From the Bad Guys - PCWorld What Hardware Firewalls Does ScamBusters Recommend?

FIREWALLS, SOFTWARE

Software Firewalls are a MUST to help prevent Malware from sending your private information out to the crooks. While Zone Alarm is my favorite software Firewall, I have switched to using the Firewall that comes with Norton's 360 - this way, there are no conflicts between software from different vendors. Norton's 360 keeps getting rated the best or near-best in: 1] Virus detection and removal 2] Malware detection and removal 3] Rootkit detectiona and removal. 4] Bot detection and removal 5] Software Firewall 6] Password Safe 7] Speed of checking for bad software 8] Speed of updating itself 9] Registry Repair (hard to find, but it's there) 10] Email Checker BOTH Incoming and Outgoing Handles: Microsft, Thunderbird, Mozilla 11] Warns of unsafe web sites 12] Fixes corrupted files and directory structures (if possible) 13] AND SO ON - READ ABOUT IT ZoneAlarm - Free and Professional - my favorite Comodo Firewall Pro - a good one COMODO FIREWALL PRO VERSION (3.0) - CNET 5-STAR Rating Comodo Firewall Pro 3.0 - Review - PC MAGAZINE SmoothWall Express - smoothwall dot org Use SHIELDS UP (grc.com) to see if your Firewall works - Highly rated Software Firewalls - Norton Internet Security Software Firewalls Software Firewalls versus Wormhole Tunnels Software Firewalls: Made of Straw? Part 1 of 2 SEE ALSO - LINUX FIREWALLS See also: IP Info See also: IP Addressing See also: IP Masquerade See also: Linux IP Masquerade See also: IP ROUTING - START HERE and go down the page See also: IP Sub-Netting See also: IP Filters/Filtering, Port Forwarding & IP Firewall Administration See also: IP Management See also: IP Multitask

FLASH COOKIES / Local Shared Object (LSO)

DELETING FLASH COOKIES (LSOs)

How to Delete Flash Cookies Conveniently Four Options To Deal With Flash Cookies BetterPrivacy - Firefox add-on, DELETES FLASH COOKIES How to delete flash cookies [blogmag.net] How to Delete Flash Program Cookies - eHow.com Delete Flash cookies to protect online privacy - techrepublic - Video Delete cookies, disable or enable cookies (including Flash Cookies) Delete Flash Cookies saved by Internet browsing Flush.app � Flash Cookie Removal Tool For OS X | MacHacks.TV Adobe - Flash Player - Settings Manager - Website Storage Settings ...

FLASH COOKIE (LSOs) INFORMATION

Flash Cookies explained Schneier on Security: Flash Cookies You Deleted Your Cookies? Think Again - Epicenter - Wired.com Local Shared Object (LSO)- Wikipedia I'm A Super.com � Flash Cookies: The Silent Privacy Killer Flash Cookies: Local Shared Objects - Best Flash Are Flash Cookies Devouring Your Privacy? - Network World EPIC Flash Cookie Page See what Google finds about Flash Cookies Flash Cookie Privacy Test

FLAWS / VULNERABILITIES / CVE - Software

National Vulnerability Database (NVD) - NIST - includes US CERT, CVE US-CERT Vulnerability Notes Database CVE - Common Vulnerabilities and Exposures Open Source Vulnerability Database - OSVDB Acticle about the above NIST Vulnerability Database OVAL - Mitre Standard Eases Vulnerability Research SPEFIC FLAWS: Gmail cookie vulnerability exposes user's privacy VML vulernability - MS fix is out - can be infected just by viewing a Web page - JAN 2007 Acer Preloaded Vulnerability - 1/16/2007

FREE SECURITY PROGRAMS

15 free security programs that work AVG Technologies will release AVG Anti-Virus Free 8.0 Download Malicious Software Removal Tool - Microsoft Families Cleaned by the Malicious Software Removal Tool SEE ALSO THESE FREE VIRUS/TROJAN REMOVERS

FTP (all varieties) VULNERABILITIES

can allow an attacker to execute malicious commands on an FTP server - 9/2/2009 Spamhaus Blog - Spam, Malware and FTP cracks Finjan Finds Database of 8,700 Stolen FTP Credentials New Trojan stealing FTP credentials, attacking FTP websites

GOOGLE & GOOGLE DESKTOP VULNERABILITIES

Google Desktop Vulnerability - the fix is in version 5.0.0701.30540

Government, Federal & Official Sites - Reporting Problems

National White Collar Crime Center (NW3C) More coming soon.

GSM Vulnerabilities

German hackers crack GSM encryption - 25th August 2009 See also GSM See also GSM TESTING

HACKERS, ANTI, Information

NOTE: Strictly speaking, "Hackers" are not neccessarily bad guys, but these days, "Hackers" is a commonly used term for people who do "bad things" to other people's computers and/or software.

Security Tip: Buy Password-Cracking Software Passware sells a large collection of programs for cracking passwords PGP users can be tricked - don't know if it's still true computer security resource - secureroot

HARDWARE DIAGNOSTICS

Hardware Diagnostics - PCworld Troubleshooting CLICK HERE for more information about FIRMWARE CLICK HERE for more information about HARDWARE

COMPUTER HARDWARE, PROTECTING YOUR

SURGE PROTECTORS WHOLE HOUSE Surge Protectors UPS / AVR Power Cleaners / AC line Filters GFI / GFCI / RCCB AFCI

HIDS - Host Intrusion Detection System

HIDS analyzes and keeps track of the OS internals, looking for attempts at intrusion. Minimum IDS Recommendations - linux-sec.net Aid - similar to Tripwire, but open source Osiris - Open Source OSSEC - an Open Source HIDS Samhain - Open Source ThirdBrigade Tripwire

HOME COMPUTER SECURITY SPECIFICS

(Computer) SECURITY RECOMMENDATIONS

The Ten Commandments of PC Security CBC News Indepth: Computer security - How safe is your computer? Researchers say they peeled The Onion Router The Encyclopedia of Computer Security Home Computer Security - CERT OnGuardOnline.gov provides practical tips from the federal government Microsoft - Security at Home Security Essentials - Microsoft Stay Safe Online. National Cyber Security Alliance Home PC Firewall Guide Guide for. Home. Computer. Security NIST Computer Security Division's CSRC Home page Federal Trade Commission - Consumer Information Security Security Tip No. 9 - Security for your privately owned home computer Home Computer Security Checklist - digitalchoke

HOSTS file

Access to/from Sites (URLs/Web addresses) listed in your "hosts" file are blocked or re-directed to specific IP addresses by Microsoft Windows. Hosts files were originally (an are still used) used in Unix, MAC OS, and now Linux and Windows operating systems as a method to prevent suspected, alleged, "bad/AD depositing/Spyware depositiong/..." sites from effecting your computer. The contents of your Hosts file may be edited. If you run Anti-Spyware or Anti-Virus programs, you may have to use one of those programs to edit the Hosts file (otherwise, those programs may try to proect your computer by NOT allowing you to edit to the Host file). Both your Anti-virus and Anti-Spyware programs will probably automatically add hundreds of suspected, alleged, "bad" sites to your Host file, in an effort to protect your computer from these sites. Normally, You the computer user, would have NO need to worry about, modify, nor setup your computer's Hosts file. Only Advanced users may wish to modify the Hosts file. NOTE that some Malware modifies your HOSTS file to prevent you from getting to URLs of known Malware detection and corrections sites. If you can't browse to these security sites, check tghe contents of your hosts file. WINDOWS HOSTS FILE INFORMATION: How do I use the Hosts File? How do I change my hosts file? Or, how can I see my domain before ... How To: Hosts File FAQ Blocking Unwanted Parasites with a Hosts File Windows Host file corrupted - can't edit Changing your hosts file in Vista You cannot modify the Hosts file or the Lmhosts file in Windows Vista The Hosts File and what it can do for you Using the Windows Hosts File Hosts file - Wikipedia, the free encyclopedia WINDOWS VISTA HOSTS FILE: Buster Collings � Windows Hosts File Editor Change �hosts� file in Windows Vista Online Apps DBA: One Stop ... Programming Tips and Tricks � Blog Archive � Edit Windows Vista ... Edit the Windows Vista Hosts File � MAXIMUMpcguides MORE HOSTS FILE INFORMATION: Microsoft TCP/IP Host Name Resolution Order Downloads - AdBin - Windows Hosts file editor 1.0 Freeware Software - tucows Windows Marketplace: Product details for AdBin - Windows Hosts ... Hosts: Free ad blocker and hosts file editor; Windows hosts file .. Windows, Linux, and Mac Hosts File Modifications Web Ad Blocking Under Linux/Unix, BeOS, MacOS and Windows About Windows HOSTS File and How To Make Use Of It � Raymond.CC Blog What is the Windows Hosts File | Hosts File Location ... AdSense blocked by Windows hosts file Blocking Unwanted Parasites with a Hosts File MVPS HOSTS file is a free download - list of sites that MVPS says should be blocked Hosts file - Wikipedia, the free encyclopedia Host - Wikipedia, the free encyclopedia What is the Hosts file? Gorilla Design Studio Presents: The Hosts File - blocks major advertisers' hostnames The Hosts File and what it can do for you hosts-file.net - The Official Home of hpHOSTS: hpguru's HOSTS file

HTML Injection (Site Cross Site Scripting)

Don't be a victim of Sinowal, the super-Trojan What is HTML Injection Code injection - Wikipedia Bugtraq: SNMP Injection: Achieving Persistent HTML Injection via Gtalk 1.0.0.105 html injection and Stealing message

IDENTITY THEFT

I AM LEARY OF THE FOLLOWING SITE, AS I DON'T BELIEVE IN GIVING ANYONE YOUR PERSONAL INFORMATION. THIS SITE DOES COME RECOMMENDED BY VARIOUS SOURCES, SO IT MAY BE PERFECTLY SAFE. THE INFORMATION THAT YOU PROVIDE IS TRANSFERRED VIA A SECURE HTTPS CONNECTION. NOTE THERE IS AN "OPT-OUT" CHECK BOX - I WOULD USE IT, IF YOU USE THIS SITE.: My ID Score - a new way to quickly and easily assess your risk of identity theft Security book chapter: The Truth About Identity Theft How to limit your personal data in online directories Unwary Customers Contribute to Online-Banking Security Woes Top 10 Ways Cyber Criminals Use Your Information - PDF Deter. Detect. Defend. Avoid ID Theft - ftc.gov About Identity Theft - Deter. Detect. Defend. Avoid ID Theft Identity Theft and Fraud - usdoj.gov Wedding season brings threats of identity theft for engaged couples IdentityTheft.org - Identity Theft Prevention and Survival SSA logo: link to Social Security Online home Identity Theft - ssa.gov IDENTITY THEFT dot com Identity Theft Resources Identity Theft Resource Center - A Nonprofit Organization Identity Theft -- Office of Inspector General Online Identity Theft: Phishing Technology, Chokepoints and ... - PDF Online identity theft - OECD Observer Liberty Alliance takes on ID theft
Caught by a Phish Sunbelt Adds Detection for ID Theft Keylogger Spyware Researchers Discover ID Theft Ring The latest Identity Theft technique - 10/2004 Limiting Identity Theft Damage See also: Password Safes

IDS - Intrusion Detection System

Intrusion detection system - Wikipedia how artificial intelligence is influencing intrusion detection system (IDS) development IDS References - wikipedia IDS Resources (links) - wikipedia See also: Firewalls See also: HIDS See also: HOME NETWORKING SECURITY See also: IP Filters/Filtering, Port Forwarding & IP Firewall Administration See also: IP ABUSE See also: IP Masquerade See also: IP SECURITY See also: IPsec See also: IP Stack Hardening See also: NIDS See also: VPN

IM - INSTANT MESSAGING

Critical AOL's IM FLAW Instant Messaging Attacks - PCworld Click here for more IM security information Click here for IM reviews and downloads

Complete Home Security and Home Maintenance

INTEL SECURITY/VULNERABILITY INFORMATION

Three Vulnerabilities found in last 9 months (4/2009). Attacking SMM Memory via Intel CPU Cache Poisoning (whole thing) Attacking SMM Memory via Intel CPU Cache Poisoning - PDF Attacking Intel Trusted Execution Technology - Paper (Black Hat DC, Feb 2009) Attacking Intel Trusted Execution Technology - Slides (Black Hat DC, Feb 2009) Interesting - latest Microsoft XP updates INCLUDE Intel's Processor Patches (see below) SEE ALSO: SPIM

INTERNET EXPLORER

German and French governments say stop using Internet Explorer German government says stop using Internet Explorer IE Exploit a a �Watershed Moment In Cybersecurity�, Offers Guidance - 1/17/2010 I've always suggested using Firefox for Browsing (You will still need Internet Explorer to download updates to the Windows Operating System) Is IE8 Already in Need of a Security Patch? - March 26, 2009 eWEEK Labs' Tests of Microsoft IE 8 Show Web Browser Is a Must-Upgrade Internet Explorer 8: What You Need to Know Review: IE 8 Shows Great Improvement, but Still Behind Rivals It's The Launch Of IE 8 IE 7 Bug Reopens Debate Over Patch Responsibilities IE attack then launches malicious Firefox attack - IE and Firefox Join In to Attack You complicated and interesting tool for phishing attacks in IE7 Microsoft Investigates IE 7 Vulnerability TURN OFF JAVASCRIPT in IE - all versions - Microsoft says so - 6/2004 Turn OFF JAVA, at least from unknown sites. IE 7 Cautionary Tale Download tool to Remove Microsoft IE 7 beta 2 (only)

Intrusion Detection Languages / CISL

Common Intrusion Specification Language, or CISL A CISL Tutorial Common Intrusion Detection Framework, or CIDF

Intrusion Prevention / Protection Systems - IPS

IPS Solutions Get Smarter IPS Devices Reach for High End Process Accounting (to find and remove the cause of slowness) Finding Causes of Heavy Usage User resource reporting Bots spiders and crawlers Htaccess

IP ADDRESS - Where is it located & who owns it?

IP address's location - networldmap Lots of lookups based on a given IP address - dnsstuff WhatIsMyIP.com 127.0.0.1 - IP Loopback Address CLICK HERE FOR MORE IP ADDRESS INFORMATION

ISO & ISO 17799

ISO 17799, ISO17799 and Computer Security News The ISO 17799 Information Security Portal See also ISO IMAGES - BURNING / CREATING See also ISO Standards See also: ISO Organization

iTunes Alerts

iTunes 8 takes down Vista with 'blue screen of death'

JAVA and J2EE Security Problems

<">Java Runtime Environment Version 6 Update 18 was released on 1/19/2010 Java Patch Closes Security Holes (see above) Java Runtime Environment 6.0 Update 13 Released - 2009-03-25 Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Elevate its Privileges TA08-193A - Sun Java Updates for Multiple Vulnerabilities - July 11, 2008 Java Security Traps Worsen - 5/9/2007 Tutorial: Developing real-time and safety-critical embedded Java applications - Part 1 Tutorial: Designing real-time and safety-critical embedded Java applications - Part 2 JAVA - Infected GIF files can take control of your computer These JAVA versions contain fixes for this vulernability. Older JAVA versions HAVE the vulernability. Sun Java 2 Runtime Environment 1.3.1_19 Sun Java 2 Runtime Environment 1.4.2_13 Sun Java 2 Runtime Environment 5.0.Update 10 Sun Java 2 Standard Edition SDK 1.3.1_19 Sun Java 2 Standard Edition SDK 1.4.2_13 More details on the above JAVA vulnerability See also: JAVA (all types) Encryption CLICK HERE for more information about JAVA / J2EE / J2ME / J2SE / JAVA2 ...

Javascript Hijacking

September 15, 2008 - infected PDF file caught a User's up-to-date Adobe Acrobat Writer. One of the most common PDF exploits is via Javascript passed as arguments to Acrobat. JavaScript Attacks Get Slicker AJAX Apps Ripe Targets for JavaScript Hijacking sneaky JavaScript Datanotary Hijack - spywareinfo Preventing Web Site Hijacking or Theft Script Console - Javascript TitleTimer is a Javascript-prod ... JavaScript Hikacking - net-security CLICK HERE for more information about JavaScript

Keyjacking / Keylogging / Jacking

There were 180 known, unique keyloggers in Aptril, 2006. Suggestions: 1] Use a Software Firewall (other than the Windows XP Firewall). NOTES (all OPINIONS - use at your own risk) 1] It is not possible to use software to detect hardware keyloggers 2] Software keyloggers seem to be of two types: A] Ones that use a software "hook" about 65% of all SW keyloggers These can be much more effectively found/blocked - 99%+ ??? B] Those that do NOT work by hooking into system software. 3] Using a very good OUTBOUND software Firewall, such as Zone Labs ZoneAlarm, can prevent the keyloggers from reporting back their stolen information (not 100% effective, as I can think of ways that the payload can be retrieved). 4] Don't use the same password for different sites. 5] Change passwords often. 6] Use your mouse to confuse keyloggers 7] Use a secure, encrypted keyword "Safe" - BUT enter the data via tip #6, above. Alos export and save OFF of your computer, a complete list of your IDs and Passwords, in case your system crashes and your keyword safe stops working. :HOW TO FOOL KEYLOGGERS Keystroke loggers - and FOOLING KEYLOGGERS Prevent keyloggers from grabbing your passwords - Scott Dunn - WindowsSecrets.com Some keyloggers can read the Microsoft Windows Clipboard, too More tricks to evade keyloggers on public PCs Keyloggers: How they work and how to detect them (Part 1) Keylogger Reviews - Find out who's doing what on your computer Hardware keylogger - Wikipedia Keystroke logging - Wikipedia Keyloggers - all about key loggers What is a Keylogger Trojan? Thwart password-hungry keyloggers with a Greasemonkey script - a virtual keyboard I Hate Keyloggers: free to download. Anti-Key-Logger, Keylogger Introduction to Spyware Keyloggers Keyloggers - Scamwatch.gov.au Keystroke loggers - and FOOLING KEYLOGGERS Keyloggers: How they work and how to detect them (Part 1) Hardware keylogger - Wikipedia How To Login From an Internet Cafe Without Worrying About Keyloggers - PDF KL-Detector: detect keylogging activity on your computer! New Authentication Scheme Combats Keyloggers, Shoulder-Hacking ... Remove Keyloggers removal instructions How to protect a computer from keyloggers? Antikeylogger, Antispyware How do I Remove a Keylogger? Remove Keyloggers removal instructions Sunbelt Adds Detection for ID Theft Keylogger Keyboard Spy: implementation and counter measures

Malware Software & Alerts (Anti-Malware)

In law, Malware is sometimes known as a computer contaminant, for instance in the legal codes of California, Virginia, and several other U.S. states. WHAT TO DO IF YOU SUSPECT YOU HAVE AN INFECTED COMPUTER WHAT PROGRAMS ARE STARTED AT BOOTUP? WHAT IS RUNNING ON YOUR WINDOWS SYSTEM? Be very careful about opening ".HTA" (Hypertext-Application) Files: I AM CURRENTLY (10/5/2009) RUNNING ONLY (Symantec) Norton's 360 Security Suite. It includes anti-virus, anti-malware, anti-bots, anti-rookkits, Real-Time detection, eMail protection, two-way Firewall,... and is the now quite fast. Invasive Programs - BookRags Five of the Dirtiest Malware Tricks Malware, Spyware, Adware Or Trojan - What's the Fuss? Computer "Malware": Worms, Trojans, Back Doors and Viruses Defining Malware: FAQ - Microsoft HNS - Malware of the week: Piggi.B worm, ReverseClick.A trojan and ... Read & Run Me First - Malware Removal Guide Free website lists programs with spyware & malicious adware - StopBADware.org Microsoft's Free Malware Remover - XP, WIN2K & WIN2003 ONLY Malware Removal - eurekster Best Computer Security Sites - Gizmo NEWS, ALERTS, CYBERCRIME REPORTS: Sophos security report reveals top threats of 2009 - 7/2009 PC Magazine's Head Off Spyware, Viruses and Malware Series History of Malware Malware info - Noticebored Guide to Malware Incident Prevention and Handling - NIST CMEprovides single, common identifiers to new virus threats to reduce confusion WinPatrol v9.5 - free or $20 Pro version Pestpatrol Center for Pest Research Pests - Computer Associates Spyware Information center Malware - Wikipedia malware.com Malware: what it is and how to prevent it Spyware Guide Database - Spyware, Malware and Adware Defining Malware: FAQ Lenny Zeltser - Reverse-Engineering Malware See also JAVA, JAVA2, J2EE, J2ME, J2SE,... Anti-adware misses most malware Uniblue's Wintasks 5 professional Neuber Software Security Task Manager - evaluates them all, running or not

MALWARE - HOW SOME MALWARE WORKS

Reverse Engineering Malware (Part 1) Stripping Away Malware's Armor

REMOVE SPECIFIC MALWARE - TOOLS / SCANNERS TO

KillBox is a tool to delete in-use files Bleeping Computer Downloads: Pocket KillBox REMOVING Anti-Virus-1 - bleepingcomputer.com Malwarebytes' Anti-Malware Download Link - bleepingcomputer.com CWShredder - a CoolWebSearch Trojan Remover CLRSCH.COM - Remove "CLRSCH.COM" Adware Tool (download) dc9.exe - what is it DC9 - File C:\Recycled\Dc9.dll infected by "Trojan-Downloader.Win32.Agent.bt" HERE4SEARCH - Trojan.Nebuler - Symantec HERE4SEARCH sends your information to these sites (Says Symantec): here4search.biz content.jdial.biz smart-security.biz F-Secure Spyware Information Pages : Look2Me Can't Remove Look2Me - Safer Networking Forums Remove Look2me Smart Computing Article - How To Get Rid Of Look2Me Symantec Security Response - Adware.Look2Me If you try to remove Look2Me while Explorer is running |MG| Free Download - Look2Me Remover 1.2.0 SWI Forums > How do you remove Look2ME.com ?? Look2me Removal Tool - Lavasoft Storm Virus - F-Secure Malware Information Pages: Small.DAM Teslaplus TROJAN REMOVEL TOOLS Trojan Remover 6.5.9 ViewpointKiller - Kills Viewpoint Media Player - Ver 1.21 Beta - Freeware

BEST MALWARE REMOVERS / SCANNERS - ANTI-MALWARE - REVIEWS

NOTE that Norton's 360 is NO longer the Bloated, slow, resource Hog. It was vastly revised in 2008 and is now the second fastest, but removes the Most Malware Picking the Right Security Software

2010 Anti-Malware

Norton Antivirus - Norton Internet Security - Norton 360 Version 3.0 (2010) Review: Norton Internet Security 2010 checks your reputation Norton Internet Security 2010 Norton Internet Security 2010 - At A Glance - Reviews by PC Magazine Norton Internet Security 2010 - PC Magazine Advanced Antivirus 2010 (NON-suite) REVIEWS #1 - G Data AntiVirus 2010 - HAVING SEEN A ROOT-KIT, I DISAGREE WITH THIS CHOICE #2 - Symantec Norton AntiVirus 2010 - MY NUMBER ONE - BUT GET THE SUITE, NOT JUST AN ANTI-VIRUS PROGRAM (get Norton 360 [Version: 3.5.2.11]). Comparative test of anti-virus products on Windows 7 - AFTER 3 weeks of NOT getting updates In both 2008 and 2009, PCWorld rated Symantec Norton's 360 and Internet Security 2009 Suites as the NUMBER ONE RATED, BEST Security Suite. In 2008, Norton (Symantec) (NAV) Security Suites quit being such a resource hog, and became almost the fastest, if not the fastest, reliable anti-virus, anti-malware scanner. I switched all of my computers back to Symantec. Symantec now has no problem with NVidia graphics cards (that I know of). 2009 results not yet available online, but here is a synopisis of Symantec - COURTESY PC MARCH 2009 WORLD (Symantec Norton Internet Security 2009): NUMBER ONE RATED Symantec Norton Internet Security 2009 Detection Rootkit Rootkit Adware Sucessful False Positives backdoors, Detection Removal Detection Malware bots, Elimination trojans & spyware --------- --------- ------- --------- ----------- -------- 99% 95% 100% 97% 80% zero NUMBER TWO RATED BitDefender Internet Security 2009 Detection Rootkit Rootkit Adware Sucessful False Positives backdoors, Detection Removal Detection Malware bots, Elimination trojans & spyware --------- --------- ------- --------- ----------- -------- 97% 100% 100% 96% 70% One NUMBER NINE (last) RATED TrendMicro Internet Security Pro 2009 NOT PCworld recommended Detection Rootkit Rootkit Adware Sucessful False Positives backdoors, Detection Removal Detection Malware bots, Elimination trojans & spyware --------- --------- ------- --------- ----------- -------- 69% 95% 100% 68% 75% not mentioned Early 2008 Security Suite Ratings - PCWorld: #1 RATED Symantec Norton Internet Security 2008 Price for use on up to three PCs: $70, PCW Rating: 84 Very Good, Performance: Very Good, Design: Very Good, Features: Superior Bottom Line 2008-2009: Norton offers solid performance, including the best behavior-based protection against unknown threats. SpywareBlastger - helps prevent malware isntallation and dangerous ActiveX usage SUPERAntiSpyware Free version SUPERAntiSpyware Pro (not free) Spyware Doctor with AntiVirus 6 - $40 - PCmag Spy Sweeper 5.5 with Antivirus - PCmag Ad-Aware 2008 Pro - PCmag VIPRE Antivirus + Antispyware 3.1 - PCmag a-squared Emergency USB Stick - rated poorly - PCmag AVG Anti-Virus Free 8.0 - PCmag avast! antivirus 4.8 Home Edition GarbageClean 3.0 - not liked by PCmag NovaShield AntiMalware 2.0 - not liked by PCmag SpyEraser 2 - "still has a long way to go" - PCmag STOPzilla 5.0 - "you can do better" - PCmag ThreatFire 3.5 - "free utility is excellent complement to existing protection" - PCmag Webroot AntiVirus with AntiSpyware and Firewall - PCmag

ONLINE/DOWNLOADABLE MALWARE CHECKERS - Free I believe

Free online ActiveScan 2.0 antivirus - requires ActiveX - Panda Security a-squared Web Malware Scanner McAfee Avert Stinger Free Virus Scan: Use ESET's Online Antivirus Scanner Trend Micro - Housecall - requires ActiveX Bit Defender - turn off any pop-up blockers Computer Associates - requires use of Internet Explorer? Trend Micro - Free Tools and Services Online special removers Jotti's malware scan is a free, online - scans uploaded files - Javascript required SEE ALSO ONLINE VIRUS CHECKERS

REMOVE MALWARE WHEN CAUSE NOT KNOWN

KillBox is a tool to delete in-use files Bleeping Computer Downloads: Pocket KillBox Remove a Virus or Other Malicious Infection Ad-aware - Freeware Bazooka Adware and Spyware Scanner - Detects a multitude of spyware, adware, trojan, keylogger,... Bug Off - disables a few exploits that are commonly used CWShredder Malwarebytes' Anti-Malware CA Anti-Spyware 2009 LE | Formerly CA eTrust PestPatrol Anti-Spyware Spybot Search & Destroy Spy Sweeper - Freeware (also full version for a fee) FOR MORE STUBBORN PROBLEMS: Please save or print these instructions before beginning: FOLLOW THESE DIAGNOSTIC INSTRUCTIONS from forums.techguy.org Welcome to Tech Support Guy! RUN THESE SCANNERS AND SUBMIT RESULTS TO: To get free help with your problem, please read our Welcome Guide. If you need live support immediately, you can Chat Now. Kaspersky Online Scanner ewido anti-malware Security Suite During the installation, uncheck the following under Additional Options: Install background guard Install scan via context menu NOTE: Merijn sold HijackThis to TrendMicro. They've released version 2.0.2. NOTE2: FEWER SITES WILL ANLAYZE YOUR HIJACK THIS OUTPUT FILES, HERE ARE TWO AUTOMATED SITES THAT WILL ANALYZE YOUR HIJACK THIS LOG FILES: Analyzes your Hijack log files - http://www.hijackthis.de Analyzes your Hijack log files - http://hjt.networktechs.com/ Run HijackThis (2.0.2) and click Do a system scan and save a log fil HijackThis - FAQ - MicroTrend HijackThis - Quick Start Guide TrendMicro HijackThis - investigate browser add-ons download .. HijackThis Tutorial - How to use HijackThis to remove Browser HijackThis� Logs and Infections Removal Stinger - general virus/trojan/malware remover - McAfee FREE Threatfire 3.5 Protects Against New Malware Threats - PC World

OTHER MALWARE REMOVERS - Freeware, Open Source, Commercial

MAN in the MIDDLE Attacks

A man in the middle attack occurs when an attacker can direct the client/server traffic through his/her/their computer system and modify or capture the data (which could be messages). Carnegie-Mellon University has come up with a method of detecting man in the middle attacks. The Carnegie-Mellon solution, Perspectives, is discussed in this paper. If the Detection mechanism detects a problem, DO NOT SEND personal data. Even if the Detection Mechanism (called Perspectives detects no problem, most of us would NOT trust the site. Perspectives is a FireFox 3.0 add-on. Man-in-the-Middle - SSL-protected Websites Getting A Perspective On Man In Middle Attacks Mozilla garners praise over Firefox security feature Perspectives Overview

MEDIA PLAYER - Microsoft Windows

Windows media Player - Latest version is: 11.0.5721.5260 Scripts in (Windows Media Player) ASF files (part 1) Detecting scripts in ASF files (part 2) Media Player - Security component upgrade - Microsoft Slashdot | Microsoft Media Player "Security Patch" Changes EULA ... Hackers Tune In to Windows Media Player Microsoft Security Bulletin MS06-005: Vulnerability in Windows ... Questions and answers for Windows Media Player Security Restrictions

Messenger Services Spam (Win2k, NT, & XP)

NOTE: Just turning Off Windows Messenger Service will NOT prevent it from running every few minutes. How to prevent Windows Messenger from running on a Windows XP-based computer - MS Remove Windows Messenger Disable/Remove Windows Messenger Stopping Windows Messenger SPAM Windows Messenger Spam Elimination Freeware

MICROSOFT - NON-Windows SECURITY ISSUES

Fake Microsoft Outlook Update Installs Trojan SMBv2 vulnerability: To patch or not to patch? Silver light update - January 20, 2010 Microsoft Closes PowerPoint Zero-day Hole - May 12, 2009 Microsoft Works File Converter Section Length Header Remote Heap Overflow Vulnerability Security design: Why UAC will not work Security Researcher Finds Flaw in Windows Media Player VML vulernability - MS fix is out - can be infected just by viewing a Web page See also: Advisories, Microsoft See also: EXCEL See also: IE - Internet Explorer See also: Messenger Services See also: Power Point Attacks See also: Windows Free Security Updates See also: WORD See also: Zero-Day Attacks

MOBILE MALWARE / VIRUSES

SMS Phishing is called SMiShing. BlackBerry PDF parsing vulnerability - 7/15/2008 Mobile devices & Applications - Emerging Security Threat #3 - Jim Raposa Low threat from mobile malware - F-Secure - 9/27/2007 Phishers Cast a Mobile Net (via cell phones) - SMS Phishing (SMiShing

C# Crossover Malware (Mobile Malware)

The people at the Mobile Antivirus Researchers Association (MARA) are reporting that they have discovered the first PC to Handheld crossover malware written in C#.

(HOME) NETWORKING SECURITY

Recommendations, Mine CERT - Home Network Security Information 127.0.0.1 - IP Loopback Address CLICK HERE for more information about NETWORKING Check your computer's Ports for network vulnerabilities - port scanner Network Security - Network World How to Enable the My Computer Security Zone in Internet Options - Microsoft Network security - Wikipedia, the free encyclopedia See also: Firewalls See also: Browser Security See also: Hardware Firewalls See also: Softwareware Firewalls Wireless Encryption - USE IT: SECURITY - Wireless See also: WAP See also: WEP See also: WPA. NOTE: WPA can be cracked. See also: WPA2. NOTE: even WPA2 is no longer secure. More Advanced: See also: Hosts file See also: IP Filters/Filtering, Port Forwarding & IP Firewall Administration See also: IP Management See also: IP Masquerade See also: IP Routing See also: Modems See also: Secure Connections See also: Wireless Security

NIDS - Network Intrusion Detection System

Network Intrusion Detection System - wikipedia Network Intrusion Detection System (NIDS) Firestorm NIDS - SANS Institute - Intrusion Detection FAQ: What is network based ... Evading NIDS, revisited - popular IDS evasion attack techniques freshmeat.net: Project details for Firestorm NIDS Active Mapping: Resisting NIDS Evasion Without Altering Traffic Site DISA - U.S. Defense Information Systems Agency EasyIDS - Free customized CentOS install cd containing Snort, Barnyard, BASE, ntop, and more Barnyard - SourceForge.net: Barnyard BASE Snort Wireshark (was Ethereal)

NOVELL SECURITY ISSUES

Novell's iPrint open to attack, say researchers Novell eDirectory LDAP Search Request Heap Corruption Vulnerability- labs.idefense.com

ONLINE BANKING

While useful, online banking can be very dangerous to your wealth. There are many Key Loggers and other such Malware ready to send your bank account numbers and passwords to the crooks. If you must bank online, I strongly suggest that: 1] Do NOT send any private information (account numbers, passwords,...) UNLESS you see the "Lock" symbol (scroll down a little) on your web browser, indicating that the transaction is being send ENCRYPTED. See also: The "LOCK" security symbol 2] You use a Password Safe to keep and supply your account numbers and passwords. If you don't use a password safe, at least confuse the key logger. 3] Delete ALL temporary files immediately after doing your online banking. You could use the free CCleaner. 4] Use STRONG (not easily guessed or computed) Passwords. 5) Use an OUT-GOING Firewall to help prevent Malware from sending your banking information to the crooks. I currently use the one built into (Symantec's) Norton's 360 Version 3.0. ENSURE that it is turned on (configured) to stop BOTH unknown incoming AND outgoing Internet traffic. 6] If possible, use some non-Microsoft-Windows operating system, such as Linux or MAC OS X (there are fewer malware programs written for these operating systems, although Malware does exist for them). Majority Of Online Banking Customers Use Same Credentials On Other Less-Secure Websites NSW Police: Don't use Windows for internet banking

OPEN OFFICE

OpenOffice bug hits multiple operating systems

Open Source Anti-Viral Programs

Clam AntiVirus

Open Source Vulnerabilities

Open Source Vulnerability Database

ORACLE Vulnerabilities & Patches

38 Oracle security patches coming next week - 10/16/2009

ORGANIZATIONS - Anti-Malware

Anti-Spyware Coalition (ASC)

OUTLOOK / OUTLOOK EXPRESS - Microsoft's

Beware of Fake Microsoft Outlook Update E-mail

PASSWORD TIPS / INFORMATION

PASSWORD - wikipedia

PASSWORD STRENGTH CHECKERS

There are different ideas as to what consitutes a strong (hard to crack) password. Here are some programs that test your password: password STRENGTH checker - Microsoft Gmail flaw shows value of strong passwords

PASSWORDS - GENERATE STRONG

Random Password Generator How To Create Strong Passwords That You Can Remember Easily Perfect Passwords - GRC Strong passwords: How to create and use them - Microsoft Security Awareness - Articles - Keep Safe with Strong Passwords Strong Password Generator Choosing and Protecting Passwords - Cyber Security Tip ST04-002 Strong Password Generator PASSWORD INFORMATION - Continued: Video: Simple tips for better password security Password Tips and Encrypting Passwords Password "Safes" Security Tip: Buy Password-Cracking Software Passware sells a large collection of programs for cracking passwords PASSWORDS - BIOS PASSWORDS - WINDOWS

PASSWORD (Key) SAFES

The advantages of Password Safes: A] You don't have to remember the poassword B] KEYLOGGERS CAN NOT GET YOUR PASSWORD IF A PASSWORD SAFE IS USED TO SUPPLY THE PASSWORD. The problems with password safes: A] You must export (I'd print) a list of them, in case your system crashes. B] What happens if your subscription to Norton's 360 expires (it includes the password safe that I use)? I'll have to check on that. C] You have to log-in to your password safe. D] If you go to a site that allows logins, your password safe will probably ask if you want to sign in, or if you want it to save your password. Where to get a Password Safe: Do NOT use one that works online - you want the program on your computer. A] It comes free with Norton's 360 anti-Malware Suite (Version 3.0/2010/2009/2008). B] With Password Safe, a free Windows utility designed by Bruce Schneier I'm a fan of Bruce Schneier - I'd use his if your anti-Malware doesn't supply one. C] Password Safe - Sourceforge D] KeePass Password Safe - open source password manager E] Password safe - Free Password Manager F] KeePass Password Safe 1.11 - C/NET G] COMODO I-Vault - Free Password Management NOT FREE - THESE HAVE SOME KIND OF COST: A] RoboForm 6.9 - (most popular for pay) C/NET A friend uses/likes it (it is not free). RoboForm creates complex passwords for you, and keeps them encrypted. RoboForm then supplies the passwords then needed (you don't type them). You can get a printout of your encrypted passwords for a backup. RoboForm review RoboForm download site. WARNING - WHEN MY (2009) NORTON 360 EXPIRED, IT WOULD NO LONGER EVEN RUN (as opposed to no longer getting updates). I FIND THIS COMPLETELY WRONG (my opinion). I CONSIDER NORTON 360 THE BEST ANTI-MALWARE (and I still use it). (I feel that it should just stop updating itself, while, of course, warning the user that that the protection is obsolete). This (not running after the expiration date) IMPLIES THAT YOU HAD BETTER PRINT OUT ANY ID/PASSWORDS THAT YOU HAVE IN NORTON'S IDENTITY SAFE BEFORE YOUR NORTON EXPIRES. See also: Encryption See also: Encryption Products (sofware applications)

PATCHING

PATCHES - LINUX

PDF Vulnerabilities

September 15, 2008 - infected PDF file got through a User's up-to-date Adobe Acrobat Writer. Security updates available for Adobe Reader and Acrobat - February 7, 2008 Neosploit Updated to Include an Acrobat Exploit - 05-05-2008 One of the most common PDF exploits is via Javascript passed as arguments to Acrobat. Extracting scripts and data from suspect PDF files - 7/15/2008 BlackBerry PDF parsing vulnerability - 7/15/2008 New techniques hide PDF malware - Microsoft Windows Vista ... - Apr 29, 2008 PDF malware crashes into October 2007's top virus charts PDF malware New .PDF malware (?) - 2007 ARN - New techniques hide PDF malware Cyber-criminals launch PDF malware offensive - vnunet.com Researcher: JavaScript Attacks Get Slicker vulnerability in Web-hosted PDF files revealed NOTE: Adobe Reader 8 is NOT affected by the above vulnerability - UPDATE to Reader 8. I just noticed that Adobe Reader 9.1 is available

PHARMING

Phishing uses social engineering to convince users to enter personal information onto a faked site that collects the data for the criminals. Pharming goes one better, so when a user enters a perfectly legit URL of their choice (like their bank) they are hijacked and taken to the criminals' faked site. No social engineering involved. BROWSER PATCHES TO SHOW THE FAKED URL ARE USUALLY AVAILABLE. There is a tool that will help you fight both the phishers and the pharmers. It's a browser plug-in from a company called Netcraft. Larry Seltzer did a review. Of course, the latest Pharming attacks are based on phoney Swine Flu emails. Find out how pharming attacks hijack Internet domains - view the video Pharming - definition of APWG - Anti-Phishing (and Pharming) Working Group New Netcraft Toolbar Blocks Phishing, Analyzes Web Sites Anti-phishing group expands to address pharming

PHARMING, DRIVE BY

change the default administration password for your router.

PHARMING NEWS

Router access is enough for attackers to steal personal information

PHAXING

phaxing

PHISHING

Phishing uses social engineering to convince users to enter personal information onto a faked site that collects the data for the criminals. Pharming goes one better, so they when a user enters a perfectly legit URL of their choice (like their bank) they are hijacked and taken to the criminals' faked site. Both Firefox 3.0 and Internet Explorer 7 will attempt to screen out known Phishing web sites by blocking access to those sites (I think that you can over-ride the blocked access, if you wish). I AM USING McAFEE's SITEADVISOR Firefox 3.x plugin to help evaluate sites. There is a tool that will help you fight both the phishers and the pharmers. It's a browser plug-in from a company called Netcraft. Larry Seltzer did a review. Netcraft dot com Fight Fraud and Phishing With New Tools - PC World Cloudmark and Comodo have anti-phishing software (see previous link).

Join the fight against phishing - Report Phishers - PhishTank

Neither UPS nor FEDEX will send you an email regarding problems with your delivery - do NOT click on any links in these emails. If you wish, go to the real UPS or FEDEX web page and start your inquiries there. A recent phishing e-mail read, threatening account deletion A new phish frontier: Phishing of domain registrar accounts AT&T Cell Phone Phish - 10/9/2009 Phishing Scheme Almost Catches FBI Chief BlackBerry Update Fixes Phishing Flaw - 10/1/2009 Chained Exploits: How to prevent phishing attacks from corporate spies Rock Phishing: The Threat and Recommended Countermeasures Google Talk Users Hit with Phishing Attack After Gmail Outage UPS/FedEx Delivery Failure Universities, colleges warning about bogus e-mail Hackers spoof MSNBC Watch out for fake IRS e-mails Email purportedly from a private investigator investigating you Can you spot a phish? Play Carnegie Mellon�s game and see Phishers Play Top 40 Just Say "No Thank You" to Data Disclosure Phishing.gov? phoney invoices - the latest phishing technique Internet Banking Verification phishing scam against Flickr users Microsoft: UAC Can Be Hijacked by Social Engineering RSA Alert: New Universal Man-in-the-Middle Phishing Kit Discovered your credit card has been assigned to two different accounts.... I've now seen the Bank of America Phishing scheme: B of A phish attack - Subject Line: Sitekey update is required phishing attack against military personnel APWG - Anti-Phishing Working Group Phishers Cast a Mobile Net (via cell phones) Study: Microsoft Anti-Phishing Uses Best Bait The Top Phish this week Ads Masquerading As Security Warnings Phishing Filter Prevents E-Mail Identity Theft Phishers try to best banks' authentication Caught by a Phish Phishing - definition of Phishing: What's Spam Got to Do With It? Phishing Attacks Escalating April 2005 Phishing Trends report of the Anti-Phishing Working Group APWG - Anti-Phishing (and Pharming) Working Group Spotting Phish and Phighting Back New Netcraft Toolbar Blocks Phishing, Analyzes Web Sites antiphishing.org FraudWatch International: Anti-Phishing Specialists� The Phishing Guide - PDF - NGS

PHOTOGRAPHS - DOCTORED / SCAM STOPPERS

A defense against Photoshop funny business

POP-Ups - POPUPS - STOP THEM

FTC Stops Explicit Popups Turning OFF Microsoft's Messenger Service helps enormously, and has nothing to do with Instant Messenging (you can still IM if you wish). There was a tie (PC Magazine article, but I prefer Zone Alarm): Zone Alarm Pro (NOT the free version) Symantics Norton Internet Security

Port Knocking

Port Knocking is a technique of opening Firewall ports by attempting a connection that causes the Firewall to open up certain computer ports in anticipation of a legitmate connection. The best method of avoiding Port Knocking is to set all of your computer ports to Stealth Mode, wherein your computer does not respond AT ALL when it receives an unsolicited message to any of your computer ports. PERSONALLY, I believe that Zone Alarm Pro does the best job of locking your computer ports. You can check the status of your computer ports by going to GRC's SHIELDS UP, scroll down and run the "PROCEED" option, then scroll down & select Common Ports. Port Knocking - wikipedia

PORT NUMBERS - Assigned Computer

ANA ORG (IETF) - Port Number Assignments Port Knowledgebase Ports used by known Trojans The Windows (DOS) command: netstat -an will list all your open ports

PowerPoint ATTACKS / VULNERABILITIES

MS Advisory: Beware Unexpected PowerPoint Files New Exploit Takes on MS PowerPoint - Malware Blog - Trend Micro - 4/3/2009 A PowerPoint Blog: PowerPoint Malware Flaw - Apr 23, 2009 Microsoft PowerPoint - Malware - Finding the Needle Microsoft Malware Protection Center : New 0-day Exploits - 4/2/2009 Advances in Office/Excel/Powerpoint Malware detection & analysis - 7/31/2009 Vulnerability: MS08-051. Microsoft PowerPoint vulnerabilities could allow remote code execution (949785) - 12 August 2008

PRIVACY

Many of the newest Web Browsers (IE 8's InPrivate and FireFox 3.50 (still in Beta) have a Privacy or Stealth Mode, which enables the user to browse web sites without leaving the usual trail of data on the the computer used for the browsing. NOTE that Stealth Mode will NOT hide your identity from the sites that you visit. Computer Security Ethics and Privacy Internet privacy - Wikipedia Computer Privacy Articles Computer Security and Privacy Anomynity - Remain Anonymous You are being tracked by FLASH COOKIES Monitoring of Employees on the rise WEB BUGS are stealing information from your computer ** Computer Privacy Software: computer privacy software � internet privacy ... AllTracksGone Window Washer Computer Privacy Cop 2005 - Free

PRIVACY POLICY

Our Privacy Policy

PROGRAMMING VULNERABILITIES

'Dangling pointers' more dangerous than thought, says security vendor

PYTHON Vulnerabilities

Stay tuned...

RAM SCRAPERS

Customized malware created to grab credit card, PIN, and other confidential information out of a system's volatile memory. Lots of these attacks are occuring in POS (Point-Of-=Sale [Cash Register]) Servers. Attack Of The RAM Scrapers The Hacker News Network � RAM scraper Scammers scrape RAM for bank card data - The Register Will RAM scraping loosen the sky and make it fall? Attack Of The RAM Scrapers - ISN RAM Scrapers - alt.comp.anti-virus - Google Groups Hard to Detect Hack � Attack Of The RAM Scraper - DIGG

REGISTRY (Windows)

A lot of malware makes entries in the Windows Registry file, so that the malware can restart itself if killed, and hide itself in various places on your computer. Therefore, it is often necessary for the user to modify (via malware removal programs) these Registry file entries. I have collected links to both information about the Registry file and links to programs that may be able to fix your corrupted Registry file. MODIFYING YOUR REGISTRY FILE MAY MAKE IT UNABLE TO BOOT. It is a good idea to back up your Computer Registry files before making any changes. Windows XP makes a backup everytime that you reboot, so that you have the option of going back. For older versions of Windows, you may need to manually create a registry backup. Registry Fixes REGISTRY - DETAILED INFORMATION

Removing Specific Spyware/Malware

Bit Defender - free virus removal tools CWShredder - remove Cool Web Search variants (Trend Micro bought & retired it) Free Tool removes CoolWebSearch (aka CoolWwwSearch, YouFindAll, etc. - CW Shredder Free tool removes unwanted Internet Explorer about:blank home page

RFID Security/Virus Problems

RFID Viruses and Worms PASSPORTS with RFID CHIPS Have Been HACKED Ebook Vulnerabilities in First-Generation RFID-enabled Credit Cards RFID tags become hacker target - CNET News How RFID Tags Could Be Used to Track Unsuspecting People Is Your Cat Infected with a Computer Virus? (via RFID) RFID - Emerging Security Threat #4 - Jim Raposa Click here for more RFID Information

ROAD RUNNER SECURITY

Road Runner Help - Free Firewall for RR customers Road Runner Security Website REPORTING ROAD RUNNER SPAM: If YOUR outgoing email is blocked as SPAM (Email: removal@security.rr.com) If You wish to REPORT SPAMMERS to Road Runner (Email: spamblock@security.rr.com) Road Runner also uses Third-party Black-List sites to filter SPAM.

Root-kit Hacks - DETECT ROOTKITS

CAUTION - I KNOW NOTHING ABOUT THESE SITES - Caveat Emptor

AntiRootkit.com - information on all aspects of Rootkits

free AVG Anti-Root Remover (NOT for Vista) Study: Symantec Best at Removing Rootkits; Microsoft Worst - eweek RootkitRevealer - Sysinternals - Free How RootkitRevealer works, and how to use it Rootkit Hunter demo: Detect and remove Linux rootkits Blacklight (Beta) by F-Secure - Free until September, 2006 Using Blacklight to detect and remove Rootkits from your computer Free download: New version of Sophos Anti-Rootkit Anti Rootkit Software - IceSword Icesword 1.22 - Major Geeks PC World - PC World Downloads - IceSword IceSword Author Speaks Out On 'Rootkits' Download IceSword 1.22 - IceSword - A very useful rootkit scanner ... - Softpedia Six Rootkit Detectors Protect Your System -- Rootkits ...- REVIEWS chkrootkit - locally checks for signs of a LINUX rootkit Rootkit Hunter demo: Detect and remove Linux rootkits Rootkit Hunter loganalysis.org - useful information on log analysis for computer security Sleuth Kit (TSK) is a collection of UNIX tools to investigate computers Kill Spyware by Hand Best Free Rootkit Scanner/Removers - Updated 30th March, 2007 - techsupportalert.com Review: Six Rootkit Detectors Protect Your System - Information Week - 1/16/2007 F-Secure BlackLight - review - Information Week IceSword - review - Information Week RKDetector - review - Information Week RootkitBuster - review - Information Week Rootkit Unhooker - review - Information Week Conclusion of the six reviews - review - Information Week Sophos Releases Free Anti-Rootkit Software Panda releases free Anti-Rootkit Software Panda Activescan download - REQUIRES ActiveX enabled to RUN Detect rootkits and rootkit behavior with these techniques Search for rootkits with Rootkit Hunter on Linux systems RootkitRevealer (zip) - free Microsoft Research rootkit home page Understanding Hidden Threats: Rootkits and Botnets - US-CERT Prevention Guide: Detecting and removing rootkits in Windows What are user-mode vs. kernel-mode rootkits? Rootkit: The Complete Documentation - 10t3k.org Rootkits: almost invisible malware - PandaSoftware ID-Triggered Rootkits - blogspot Rootkits - White Papers, Webcasts and IT downloads - Bitpipe.com

ROOT-KIT NEWS / ARTICLES

Rootkits can even be loaded into your Computer BIOS. The Dissection of a Rootkit - F-Secure Security Labs Rootkit Detection and Removal - pcsupportadvisor Can a Rootkit Be Certified for Vista? Rootkits: The Ultimate Stealth Attack Rootkit - wikipedia US CERT Cybertip explains �hidden threats� such as root kits and botnets SANS Institute: Analysis of the T0rn rootkit Anatomy of a Root-Kit Hack Hacking Tools Can Strengthen Security The Doomsday Machines of Malicious Software Root Kit Info Microsoft Research recently announced Strider GhostBuste InfoWorld: Holy Father on rootkit writing for fun, profit Rootkits: The Ultimate Stealth Attack Microsoft: Stealth Rootkits Are Bombarding XP SP2 Boxes Rootkit Takes Aim at AOL Rootkits Sprout on Networks

LINUX ROOT KITS - DETECTION & INFORMATION

Kstat - for usage, enter: ./kstat -i all rkscan is a small Linux Rootkit scanner chkrootkit - locally checks for signs of a LINUX rootkit Help - rootkit scan - What should I do? - Ubuntu Forums Towards a tamper-resistant kernel rootkit detector - ACM Some known Linux Rootkits are: Adore - info by Packet Storm Adore is a popular LKM-based rootkit - O'Reilly - Safari Books Online - 0596007949 Adore - search of "Security Power Tools" (an LRM rootkit) - Analysis of the KNARK Rootkit - Rootkit: The Complete Documentation Information about the knark Rootkit Knark is a kernel-based ... Analysis of the KNARK Rootkit by Toby Miller Analysis of the KNARK rootkit - PDF

SONY's USE OF ROOT-KITS

Sony pleads innocent in latest rootkit fiasco RootkitRevealer v1.7 - Free - Finds rootkits on your PC Rootkits - The New Wave of Invisible Malware is Here - white paper News Analysis: Sony's Rootkit DRM Raises Legal Red Flags AV Firms Say New Trojan Uses Sony DRM Rootkit EFF Takes Action Against Sony BMG Texas Sues Sony BMG Over CD Rootkit Amazon.com Offers Refund for 'Rootkit' DRM-Carrying Sony CDs User Privileges, Malware and the Sony Rootkit Debacle Sony BMG Recalls Copy-Protected CDs Sony's Second 'Rootkit' DRM Patch Doesn't Hush Critics Sony to Help Remove Its DRM Rootkit MORE ON SONY'S USE OF ROOTKITS See also: COPY PROTECTION

RAILS Vulnerabilities

RubyOnRails XSS Vulnerability Claims Twitter, Basecamp And My Confidence See also: XSS

ROUTERS / SWITCHES - Vulnerabilities & Problems

Critical Juniper Router Flaw Triggers Prompt Patching Click here for CISCO Vulnerabilities

RUBY Vulnerabilities

RubyOnRails XSS Vulnerability Claims Twitter, Basecamp And My Confidence See also: XSS

SAMBA Security Issues

Samba Security Information Disclosure and DoS

SECURE CONNECTION VULNERABILITIES - SSH, SSL, ...

Fake Microsoft Outlook Update Installs Trojan, then fakes SSL connections SSL Crack Shows You Must Advance Your Security - Security from eWeek Reports of a successful exploit of the SSL Renegotiation Vulnerability? Debian/Ubuntu OpenSSL Random Number Generator Vulnerability

SECURITY, CHECK Your Computer Security

These are safe, reputable sites, even if their use license seems scarey

A good list of PC Port Scanners optout - grc.com - DIS-allow those annoying pop-up browser windows Hacker Wacker SecurityProtocols dot com - USES POP-Unders Anti Online loganalysis.org - useful information on log analysis for computer security Sleuth Kit (TSK) is a collection of UNIX tools to invesitgate computers Ports and their normal use

SECURITY PROBLEMS (computer) - General Info

CVE - Common Vulnerabilities and Exposures - News Click here for more Vulnerabilties / Flaws Information
awareness materials on information security topics - UK Dept. of Trade & Industry NoticeBored Classic security awareness module for March

IE's Automatic Execution of Embedded MIME Types Web Bugs monitor who is reading what **

SECURITY SOLUTIONS/FIREWALLS/RESOURCES (Computer)

Get FREE ZoneAlarm to protect your PC from Intruders *****

Security Info - Microsoft Kaspersky's Security Suite - Review - PCWorld 5/2006 PC Mag's Security Software index PCWorld's Firewall review - 6/2004

SHOPPING SAFELY ONLINE

Banks use different names, but check to see if your credit card issuer can supply you with one time use credit cards - these are temporary, cards, with account numbers that can only be used once, online or voer the phone. If someone steals this credit account number, and you have already used, it, they can not use it again. Stay Safe Online . org

SIEM / SIM /SEM - Security Info & Event Management

The convergence of SIEM and log management A Practical Application of SIM/SEM/SIEM Automating Threat ... SIEM: A Market Snapshot - Security - IT Channel News by CRN RSA Conference: Tim Mather: Experienced Security: SIEM in the Cloud Security Event Management ( SIM, Security Event Log Monitoring ... White Papaers NetIQ Security Manager has solid SIEM foundation - Network World ArcSight SIEM Is the Most Deployed Enterprise Security Management ... Security Information and Event Management (SIEM) - RSA

SKYPE Security Issues

Skype does NOT encrypt ANY data it sends. A Look at Skype's Unresolved Security Issues Skype File URI Code Execution Vulnerability Windows Patch Caused Crash, Skype Says

SMART PHONES (all) - Vulerablities

Survey: 54 Percent Of Organizations Plan To Add Smartphone Antivirus in 2010

SMiShing - SMS Phishing

SMS Phishing is called SMiShing. There is some SMiShing going on - text msg sends you to a BAD web site Phishers Cast a Mobile Net (via cell phones) - SMS Phishing (SMiShing)

SNMP

SNMPv3 Authentication Bypass Vulnerability

SPEAR-PHISHING

A variation on phishing that targets employees at specific organizations. Spear-Phishing Attacks Out Of China Targeted Source Code, Intellectual Property - Darkreading Spear-Phishing on the rise

SPIM - SPAM In Instant Messenger

SEE ALSO: Instant Messenger

SPOOFING

Making an email's address and header information apear to come from someone other than the real sender. Spoofing is often used for some fraudulent purpose. Criminals often spoof real websites. Spoofers often send SPAM emails, These days, more and more web sites (think Banks, Credit Unions, Social Security) are being spoofed. Some of thse spoofs are so good, users can not tell that they are fake, just by looking at them. E-mail spoofing - Wikipedia How to recognize spoofed Web sites To help avoid spoofing problems: 1] Browse with a secure web browser that alerts you to known spoofed URLs I use Firefox with: [A] NoScript addon for Firefox and [B] Norton's Phishing indicator (built-in) and McAfee's SiteAdvisor

SPYWARE

See also Adware (Click here). Spyware's intentions are either to: 1] Steal valuable information, that may cost you a lot of money: A] Key-Loggers / Jackers / Jacking How to FOOL Keyloggers B Identity Theft C Root-Kits D There are too many types to list here. Please go HERE for more information. OR 2] The older type - which tracks where you go and what you do, to attempt to target you with ads more suited to your tastes - I call this ADWARE. I Currently (1/19/2010) use ONLY Norton's 360 to combat Spyware. If I suspect that I have problems, I run additional, one-time scans, using other Malware removers. YOU NEED TO ACTUALLY BUY A NEW VERSION EACH YEAR (NOT just the updates), as the program's functionilty gets better each year, and you'll only get that with a new version of the actual PROGRAM (Norton's 360 security suite). I no longer run the (good) Webroot Spy Sweeper, as I got tired of programs fighting each other (reporting other anti-malware programs as actual malware. This way, Norton's 360 does everything, and does not conflict with anything. I was using Webroot's Spy Sweeper to fight Spyware. Today's Top Spyware & Security Stories - PC World SpywareGuide Greynets Database Ad-Aware Free - anti-Spyware

SQL Injection

SQL injection - Wikipedia SQL Injection Attacks by Example SQL Injection - OWASP SecuriTeam - SQL Injection Walkthrough SQL Injection Cheat Sheet SQL Injection - Microsoft SQL Injection - Use a SQL Injection Scanner to Fix It There are two commonly known methods of SQL injection SQL Injection Attacks - Are You Safe? [ASP & .NET Tutorials] Video results for sql injection Application Security Exploit, SQL Injection - video PREVENTING SQL INJECTION ATTACKS: How to find and stop automated SQL injection attacks CodeProject: SQL Injection Attacks and Some Tips on How to Prevent 4GuysFromRolla.com - Protecting Yourself from SQL Injection Attacks Preventing SQL Injection Attacks Prevent SQL Injection Attacks Prevent SQL injection by hardening code Prevent SQL Injection in Php (OWASP Tutorial) | Blank89 ... How To: Protect From SQL Injection in ASP.NET New tools to prevent SQL injection attacks - Tales from the Evil ... Preventing SQL Injection with MySQL and PHP How to Prevent SQL Injection Storm Attacks - Courtesy of Microsof Preventing SQL injection Attacks on your Joomla Websites

SYMBIAN

Most mobile malware has been written largely for Symbian Series 60 devices. Recently J2EE malware was detected. For more Symbian information, Click Here.

TERRORISM, anti-, Links

US-CERT - aggregate available cyber security information

THUNDERBIRD (Mozilla's free eMail program)

I prefer Thunderbird to any Microsoft eMail program, as fewer Hackers target Thunderbird than target Microsoft eMail products. NOTE: Mozilla is donating Thunderbird to the public (making it open-source) - at some point in time, Mozilla will stop supporting Thunderbird (8/2008). SO, FAR, 8/26/2009, Mozilla is still supporting Thunderbird. Thunderbird 2.0.0.23 is out

TROJAN INFORMATION - CLICK HERE

USB Security Issues and Solutions

Enterprise Data Taken To The Cleaners - Literally "Secure" flash drive vulnerability discovered, exposing sensitive data Viruses Attacking USB Devices GFI EndPointSecurity - Help Prevent data theft and virus infection via USB

VIRTUALIZATION Security Issues

Tips for protecting data on VMware virtual machines Secure Virtualization: Much Ado About Next To Nothing Virtual Worlds - Emerging Security Threat #8 - Jim Raposa Virtualization - Emerging Security Threat #9 - Jim Raposa Secure Virtualization: Achieve and Maintain IT Security in Virtual Environments Virtualization Security Products (I don't know them): RSA (part of EMC) McAfee - enterprise - Secure Virtualization CLICK HERE for more information about VIRTUALIZATION

VIRUS INFORMATION - Complete - CLICK HERE

VISHING

Internet Con artists are switching to the Telephone to con people. Vishing Joins Phishing as Security Threat Security Fix - Brian Krebs on Computer and Internet Security ... Cyber-criminals switch to VoIP 'vishing' - vnunet.com

VISTA SECURITY

File-Sharing Vulnerability Hits Vista - 9/25/2009 SP1 is OUT - GO GET IT. New techniques hide PDF malware - Microsoft Windows Vista ... - Apr 29, 2008 Windows VISTA May corrupt iPODS, apple warns Apple: Vista May Corrupt iPods - Software - IT Channel News by CRN ... Vista's Safely Remove Hardware feature & Windows Explorer Eject may corrupt iPods VBootkit - 0wning Vista from the boot\ Notes on Vista forensics Program Names govern admin rights in Vista Vista and Malware - PC Mag Can a Rootkit Be Certified for Vista? Microsoft: UAC Can Be Hijacked by Social Engineering Learn about Vista's changes to user security See also Windows VISTA Information See also Windows VISTA DRM Information See also DRM Information

VML and other Markup Languages

VML vulernability - MS fix is out - can be infected just by viewing a Web page Security Watch: VML Bug Imperils IE Users

WEB, IP & EMAIL ABUSE - White Papers

The Importance of Vulnerability Management - Whie Paper - BibFix Nine Steps to Enforcing E-mail and Web Acceptable Usage Policies - white paper How Secure Are Your Virtual Servers? Do You Really Know? - whitepaper Tripwire Web Application Security: Too Costly To Ignore - White Paper by Hewlett-Packard Ensuring Web Application Security: Four Best Practices - White Paper by IBM Two Reasons Why You Should Install Messaging Security Software - White Paper

WEB PAGE Security

"Attack Trace" search engine: Is your website being targeted by malware?

WEB Security

LinkScanner - ONLINE - submit URL for immediate safety check AVG LinkScanner 8.5.361 - Review & FREE Download LinkScanner - REVIEW & FREE DOWNLOAD AVG LinkScanner: Browse safely - FileCluster Reviews AVG Link Scanner: Check for potentially harmful links even before ... AVG LinkScanner Helps Avoid "Poison" Web Sites - Network World McAfee's FREE SiteAdvisor - Firefox/IE Plugin checks safety of Links How to limit your personal data in online directories The Biggest Security Hole on the Web? = The penetration of Adobe Flash and Acrobat The Ghost In The Browser: Analysis of Web-based Malware - PDF - Usenix Managed Security Monitoring services - Counterpane Sophos security report reveals top threats of 2009

WHITE LISTED URLs (web sites) - Thought Safe to Visit

NOTE - THESE LISTS MAY BE IN ERROR - USE THIS INFORMATION AT YOUR OWN RISK SpamLinks.net dnswl.org - DNS Whitelist SWINOG URIBL whitelist SWINOG DNSRBL whitelist Distributed Checksum Clearinghouse email whitelist Greylisting.Org Whitelisting Spamcheck blacklist domains - surbl.org Mail Provider Postmaster Websites See Also BLACK LISTED WEB SITES (deemed malacious or very intrusive

White Papers on Security

coming soon.

Windows Security Updates from Microsoft

Get & Install the latest Windows security updates. Microsoft's Monthly Windows Security Updates - REQUIRES using Internet Explorer

WINDOWS VULNERABILITY PROBLEMS

Without a patch, The only way to stop Aurora in IE is to disable JavaScript., OR use FireFox. Microsoft DID issue an emergency patch for Aurora, on 1/21/2009 'Aurora' Exploit Retooled To Bypass Internet Explorer's DEP Security Unpatched Microsoft Bugs Raise Red Flags - September 08, 2009 Windows File-Sharing Zero-Day Allows for PC Takeover 9/9/2009 Microsoft FINALLY fixing ActiveX bug - Tuesday 7/14/2009

WIRELESS Security

Please click here for information about Wireless Security

WORD, .DOC files & WORDPAD ATTACKS

Microsoft suggest running WORD (w/computer booted up) in Safe_Mode (yeah, right). Microsoft Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability Microsoft WordPad Word97 Converter Stack Buffer Overflow Vulnerability Office .DOC Problems - yet another zero-day attack Unofficial Registry Script Blunts MS Word Zero-Day Attack

x64_AMD (EM64T) 64-Bit Protection

ZoneAlarm 64-Bit Available in Special Preview Beta

Xen VULNERABILITIES

Adventures with a certain Xen vulnerability (Oct 2008) - PDF - invisiblethingslab.com Xen 0wning Trilogy: 1. Subverting the Xen Hypervisor - PDF - invisiblethingslab.com 2. Detecting & Preventing the Xen Hypervisor Subversions - PDF 3. Bluepilling the Xen Hypervisor - PDF

XML Security Issues

Stay Tuned

WORM INFORMATION - CLICK HERE

XP SECURITY

Manage Your Computer's XP Security Settings in One Place with ... Understanding Windows Firewall in Windows XP Service Pack 2 - Microsoft Windows XP: Securing your network

Zero-Day Attacks

Attackers Employed IE Zero-Day Against Google, Others - 1/14/2010 Microsoft Closes PowerPoint Zero-day Hole - May 12, 2009 The Zero-Day Attack Microsoft Confirms Excel Zero-Day Attack Under Way Zero-Day Exploits Abound at Legitimate Web Sites Microsoft Rocked by New IE Zero-Day Flaw Warning Microsoft Confirms PowerPoint Zero-Day Attack

BOTS (ZOMBIES) - Armies of (Ro)BOTS (Botnets) - INFORMATION

One of the fastest growing Windows computer threats are armies of "Bots" (robots), also called "Zombies". Many people make money by selling software to create these Bots. Bots are usually sent to infect your computer by being distributed in Email attachments, often appearing to be from people you know. There are over a 100 known kits to create bots, for sale (5/2006). Once on your computer, these Bots take over control of your computer and use it to capture fiancial data and your account user names and passwords. These information is often sent, encrypted, back to the criminals for their use. The bots then use your computer to mount attacks on other computers. 6 things you should know about botnet attacks - GCN Invasion of the botnets: Cyberattacks on the rise The First Linux Botnet Botnet threats and countermeasures RUBotted - a free program to find Out if Your PC is Part of a Botnet There are few really good defenses against Bots except for the usual: Symantec has released Norton's ANTIBOT, which I AM using. Anti-Bot is apparently now bundled into Norton's 350 and apparently no longer sold as a separate Utility. Antibot was well-rated by PC Magazine. Here are the usual methods of avoiding BOTs: 1] Never open email attachments, even from people that you know, with out first checking with that person to ensure that they really sent you this particular attachment. I use a pre-designated codeword to let others know that the email is really from me. (you and your email correspondants agree on a particular codeword, for example "PACKRAT" - then you always include the codeword PACKRAT in the Subject line of your Email. Put the codeword close to the beginning of the Subject line, so that is easily viewable in the short display area of your email program. 2] Of course, you are running a hardware Firewall (I hope), but also run a software firewall, such as the free ZoneAlarm. The hardware firewall helps screen out incoming Malware, but one of the duties of the software Firewall is to prevent these Zombies from sending your data OUT of your computer. Click here for more information about Firewalls. NOTE that the Windows XP Firewall can NOT prevent keyloggers from sending your data OUT to criminals, but ZoneAlarm can prevent programs from sending outgoing data. 3] Consider using an email program other than Microsoft's, as most Malware targets Microsoft's software. I use Mozilla's Thunderbird for Email. Opera is another good email program. Spotlight On Bots: The World�s Most Un-Wanted Bots - Symantec 1] Denial of Service Bot, aka "DoS Bot" 2] Extortion Bot, aka "Bling Bot" 3] Identity Theft Bot, aka "Bot Simpson" 4] Spambot, aka "Spam-a-bot," "Canned Spam" 5] Fraud Bot, aka "Phishing Bot," "Bot Water" Botnet Floods Major Websites With Fake SSL Connections More Researchers Going On The Offensive To Kill Botnets

BOTS (ZOMBIES) - RECENTLY SPOTTED

Pushdo/Cutwail Spambot - A Little Known BIG Problem - 11/13/2009 Mac Threat Alert - first Mac OSX botnet, aka MacBot or iBotnet The First Linux Botnet PC MAG review: Norton's ANTIBOT Norton Anti-BOT - Bots and Botnets�A Growing Threat When Bots Attack! - The scariest threat today is lurking right in your browser Over 1 Million Potential Victims of Botnet Cyber Crime - FBI Cybercrime Information Symantec Bats Botnets with New Tool Internet bot - Wikipedia, the free encyclopedia Bots & Cybercrime - Symantec All About Bots. Trojans And Worms! Botnet - wikipedia Understanding Hidden Threats: Rootkits and Botnets - US-CERT Honeynet.org - Tracking Botnets free Swat It detects/removes over 4000 malware programs (I don't know them) Stop the bots Stop the bots | The Register

ZoneAlarm

Latest Microsoft XP updates (July 8, 2008) seem to have killed ZoneAlarm Pro. I have had to de-activate ZoneAlarm Pro in-order-to get any Internet access. NOW THERE IS A FIX FOR THE ABOVE PROBLEM - Installation of Microsoft Update KB951748 (7/8/08) may result in loss of Internet connectivity. Click here for more information on how to resolve this ZoneAlarm/Microsoft issue Zone Alarm Pro Version 7.0.483.000 has been released Get Check Point's FREE ZoneAlarm to protect your PC from Intruders ZoneAlarm Tips
ZoneAlarm 5.5 Review - PCworld

FREE Virus Checkers

I don't know anything about these free virus checkers

Free online ActiveScan 2.0 antivirus - requires ActiveX - Panda Security a-squared Web Malware Scanner McAfee Avert Stinger Free Virus Scan: Use ESET's Online Antivirus Scanner Trend Micro - Housecall - requires ActiveX Download Malicious Software Removal Tool - Microsoft Families Cleaned by the Malicious Software Removal Tool Bit Defender - turn off any pop-up blockers Computer Associates - requires use of Internet Explorer? Trend Micro - Free Tools and Services Online special removers Jotti's malware scan - free, online - scans uploaded files - Javascript required Free Antivirus - PCmag Need Anti-virus Software? Try One of These - (Alwil's Avast & Grisoft's AVG Freebyte's Guide to Free Anti-Virus Software AntiVir PE - anti-virus scanner - Freeware Get AVG Anti-Virus Free AVG Free...Not free after 1/15/2007 Free avast! 4 Home Edition FREE ANTIVIRUS - PCmag says these two lack Real-Time Scanning: BitDefender 8 Free Edition ClamWin Free Antivirus 0.86.2

Free, single file (upload it) Virus Checkers

JOTTI checks a single, uploaded file with 15 Virus Checkers: Jotti - scans an uploaded file with 15 virus checkers (free) See also ON-LINE Virus Checkers

OTHER RESOURCES - Caveat Emptor

The Rainbow Books - NCSN www.malwarehelp.org - Malware Removal Tools Dark Reading - Security Information Dark Reading - Security Services Spyware and Adware - infosyssec.com Secure Root Securians: FAQ - Wiki - a small group by a passion for Information Security Best Computer Security Sites - gizmo.richards Invisible Things Lab focuses on cutting-edge research in computer system security Computers - Security - qjmail.com Published Scoops - governmentsecurity.org Security - Linux / MAC X / Windows - simplehelp.net Downloads - filecluster.com Computer Security Sites - Gizmos's Freeware/techsupportalert.com Top 9 Security Extensions for Firefox BUBL LINK: Computer security Computer Security - dedicated to freely distributing ways of preventing computer intrusion Spyware and Adware - directopedia.org Security and Encryption < Computers and Internet - Yahoo Schneier on (CVomputer) Security Laptop Computer Tracking Software - IT Asset Management & Security 10 part Computer Security 101 Course Security, Programming, Geeky Links - Ross Anderson Security Engineering - The Book (free, online) Security - U of Cambridge - select: Projects, Publications,... Security Fix - Brian Krebs on Computer and Internet Security ... History of Computer Security Black Hat Security Conference Archives Read & follow PCworld's 10-step PC Security suggestions Internet Storm Center - SANS dot ORG "Spyware and Adware" - computer-directory SecurityTracker Computer Security Institute NIST Computer Security Division's CSRC Home page Malicious Software - glopedia.com Internet / Network Security - About.com Security Manuals & Documents - GovernementSecurity.org Security Portal for Information System Security Professionals - Infosyssec F-Secure Security Information Center computer security check Spyware Nation AntiOnline - AO - community of security, network and computer professionals, ICSA Labs - independent organization offering computer security views/opinions Computer, Internet and information security: news, help, advice ... PC Security Post Resources to help you keep your computer secure - Myofb Personal Computer Security howtos and tutorials - geeks RSA - The Security Division of EMC Computer Security - CSOsearch Spyware Survival Guide Computer Security News - best-computer-exposed.info Wilders Security Forums Computer Security Site dot com Linux Security dot com Spyware and Adware - Security Roadmap Security Worm - software & books NIST Computer Security Special Publications CERIAS - COAST Homepage nsecure.Org - Nmap Free Security Scanner, Tools & Hacking resources Top 100 Security Tools NewOrder - computer security and networking portal Russian Business Network (RBN) theitsecurityguy blog Computer Security - Computer Security Issues - LiveZoneCenter GOOD, BUT DANGEROUS MALWARE WEB SITE - ONLY FOR MALWARE PROFESSIONALS THIS SITE DEALS WITH LIVE MALWARE - YOU NEED TO KNOW WHAT YOU ARE DOING: http://www.malwareinfo.org/

Apache Security Problems

Apache HTTP Server Vulnerability Lists

iPhone (Apple's)

New worm creates botnet out of jailbroken iPhones (informally called "Duh" or "Ikee.B") Another iPhone worm - and this time it's malicious Hacked iPhones held hostage for 5 Euros World's first ever iPhone worm, ikee, discovered in the wild The iPhone may be immune to existing variants of crimeware. The iPhone is only capable of running one task at a time - therefore Malware can not run in the background. using SMS to attack Apple�s iPhone and Google Android SMS vulnerability on iPhone - 7/5/2009 iPhone OS 3.0 brings 46 security patches - 6/18/2009 6 Major Flaws in iPhone. Will Consumers Still Spend the Money? - June 2009 iPhone Flaws - Cut & Paste Coming Soon See also: WORMS, RECENT ATTACKS

APPLE / MAC / OS X / Snow Leopard / iPOD and QuickTime

Apple security updates - Apple

Apple Patches 12 Mac Bugs in Flash, SSL - 1/20/2010 Mac shoot-em-up arcade game called "Lose/Lose" DELETES your files Flood of BOGUS (Malware)Codecs for MACs are very abundant. Quicktime 7.6.4 was released - 9/12/2009 Apple Working On Fix for Snow Leopard Bug Snow Leopard Bug Deletes All User Data How good is Snow Leopard's built-in anti-virus protection? Apple ships a known vulnerable version of Flash with Snow Leopard - Downgrades Adobe Flash Snow Leopard downgrades security and misses opportunity to improve Guest blog: Sophos Anti-Virus supports Snow Leopard Boobytrapped images pose threat to Apple users Two New OS X Attacks Bite Apple - 6/17/2009 Tored email worm rears its head on Mac OS X Mac Threat Alert - first Mac OSX botnet, aka MacBot or iBotnet Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability Apple Time Machine flaws raise reliability questions TA08-162C - Apple QuickTime Updates for Multiple Vulnerabilities - June 10, 2008 Apple QuickTime Updates for Multiple Vulnerabilities - 6/10/08 Apple Macintoshes Targeted by Porn-Based Computer Virus Back To My Mac - What Could Possibly Go Wrong... Go Wrong... What is Leopard Sandboxing? More Leopard Security Apple Fixes Year-Old QuickTime Flaw Security Firm: Don't Use iPhone Web Dialer Many Severe QuickTime Bugs Patched - Now it's at version 7.2 iTunes is now at version 7.3.1 Apple Shuts Down IPv6 Security Hole Windows VISTA May corrupt iPODS, apple warns Apple: Vista May Corrupt iPods - Software - IT Channel News by CRN ... Vista's Safely Remove Hardware feature & Windows Explorer Eject may corrupt iPods Mac Hacked Via Safari Browser iPod Virus - Well, no, not really DRM hacker has cracked Apple's iPod protection Virus wormed into Apple video iPods - October, 2006 Pod slurping � the mounting threat to your network Mac Malware: Slow but Steady Evolution Mac OS X Security - January 2007 More Mac Bugs Through This Month Apple security updates Apple - Support - Product Security The first flaw in the Apple bug-a-day project is an easy-to-exploit QuickTime issue Exploit Code Published for Apple OS X Glitch Apple: Beware of Rigged QuickTime Movies - Upgrade to QuickTime 7.1.3 About the security content of QuickTime 7.1.3 Apple has released an update to the firmware for their Intel-based Macs DRM hacker has cracked Apple's iPod protection Defective By Design Org is protesting Apple's DRM strategies Apple Ships Patch for MacBook Wi-Fi Hack

Programming Language Vulnerabilities

SECURITY INFORMATION JUMP TABLE

OTHER INFORMATION

Search Engine Submission - AddMe Increase Page Rank

Changing LINKS

Complete Computer Security Information - David Woodsmall

Last Updated: 2/08/2010 - Optimized for Firefox 3.6

COPYRIGHT 1987 thru 2010 - David R. Woodsmall - www.woodsmall.com

UNLESS specified, Microsoft Windows is the effected Software

Feel free to link to any of my pages

Caveat Emptor - I am not responsible for any problems

I try to present accurate info

Double check any advice, before taking it

I apologize, but I am not able to help with your problems

Please try HERE to find sites that may be able to Help you

** CLICKING ONCE on a Desired, Listed subject will take you to that information **

SECURITY INFORMATION JUMP TABLE

Programming Language Vulnerabilities

Beginner / Newbie Steps to Protect Your Computer Data

ActiveX (Microsoft's)

ADOBE Security Issues

ADWARE / SPYWARE Detectors / Removers / Anti

Free online scan for Spyware of your PC

AIX (IBM's Unix)

AJAX Problems

Anomynity - Remain Anonymous

Articles and News about Security

Advisory / Alert Sites & Databases

Advisories, Microsoft

Advisories by OS, Product, & Vendor

Advisories / Exploits, Specific - New Alerts

Joke-ClickMe

ATTACK TREES

AUTHENTICATION

BACKDOORS

Beginner's / Novice / Newbie - Impoving computer security

Howtos, Guides, Information, Advice, Cures, Help, Newbies,...

BetterPrivacy - Firefox Add-on to fight Flash Cookies

BHOs - Browser Helper Objects (CLSID)

BLACKBERRY & Related Mobiles / PDAs

Black Listed web sites - Thought malicious and/or Intrusive

Bluetooth Vulerabilities

BROWSER HIJACKING

BROWSER REDIRECTION (mis-direction

BROWSER SECURITY

BROWERS - SURFING MORE WEB SITES SAFELY

BROWSER VULERABILITIES

BUSINESS DATA SECURITY

CELL PHONE VIRUSES & VULNERABILITIES

CERT

CERTIFICATES

CONFERENCES & CONFERENCE PAPERS

CISCO Vulnerabilities

Cleanup your computer and it's Hard Drive

COOKIES - COOKIE INFORMATION

CREDIT CARD VULNERABILITIES

CROSS-SITE SCRIPTING (XSS)

NoScript

Other Cross-Scripting (XSS) Information

Cordless Phones

Data Held for Ransom

Data In Motion (enterprise data loss)

DB, Oracle, SQL,... Vulnerabilities

DHCP Vulnerabilities

DNS Vulnerabilities

DoS - Denial of Service

DOWNLOADS - Useful Software & caveats

DOWNLOADERS

ELECTRONIC GADGEST ARE OFTEN INFECTED

Email - Protection / Scanning

EMULATION (WINE on Linux,...

ENCRYPTION (Click here)

ENCRYPTION FLAWS

ETHERNET / 802.11 SECURITY - subjects not covereed elsewhere

EULA - End User License Agreement

EVENTS / CONFERENCES

EXCEL ATTACKS

FACEBOOK / MySpace / Twitter,...SCAMS & MALWARE

FIBRE OPTICS SECURITY PROBLEMS

Firefox / Mozilla - WEB BROWSER

FIREWALLS

FIREWALLS, HARDWARE

FIREWALLS, SOFTWARE

FLASH COOKIES / Local Shared Object (LSO)

DELETING FLASH COOKIES (LSOs)

CLICKING ONCE on a Desired, Listed subject will take you to that information