Websense has an interesting write up on adware company Exfol. Yesterday I mentioned that the WMF exploit is being used in banner ads distributed by Exfol.
Jason Perlow, Sr. Technology Editor at ZDNet is a technologist with over two decades of experience with integrating large heterogeneous multi-vendor computing environments in Fortune 500 companies. Jason is currently a Partner Technology Strategist with Microsoft Corp. His expressed views do not necessarily represent those of his employer.
Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CNET News.com. Larry has covered the technology and financial services industry since 1995, publishing articles in WallStreetWeek.com, Inter@ctive Week, The New York Times, and Financial Planning magazine. He's a graduate of the Columbia School of Journalism and the University of Delaware.
US-CERT has the answers, and it's not Windows.
Some new approaches have emerged for reducing the risk of being affected by this exploit. One approach involves using Data Execution Prevention (DEP).
I first saw this posted at SunbeltBLOG -- researchers there documented a new exploit that affects fully patched Windows XP SP2 machines. Landing on an infected web page can set off the exploit with no user interaction. Firefox and Opera do not prevent this exploit...
Got a new computer for Christmas? Are you worried about all the spyware horror stories you've read?
If you've never seen the NORAD Tracks Santa site, (or even if you have) check it out. It's fun for all the kids, big and small.
Fascinating read at Email Battles with a write up by the author of known rootkit, Hacker Defender. He goes by the name holy_father and explains why he writes rootkits.
Hot off the press at SunbeltBLOG:We received a tip from a researcher in the spyware community that there was a lawsuit against 180Solutions, DirectRevenue and eXact Advertising. The problem is that it was filed in a small county in California and thus required a bit of work to get.
Spyware tricks have become increasingly devious, making spyware and adware stick to machines longer, more difficult to remove and sometimes impossible to see with ordinary methods. In the spyware tricks series I wrote about seeing installations with multiple resuscitators, increasing numbers of randomly named files, even randomly named folders.
What is rogue anti-spyware? Rogue anti-spyware programs are defined by spyware and anti-spyware expert Eric Howes on the Rogue/Suspect Anti-Spyware Products and Sites page.
Supposed anti-spyware program SpyAxe is installed by a trojan named zlob.cy (aka Trojan-Downloader.Win32.Zlob) according to F-Secure. SpyAxe showed up on the scene about two months ago and has earned quite a name for itself. SpyAxe manages to appear on users’ desktops without any notice or consent...
My Morning Jacket, the artists who recorded the copy protected CD "Z" I mentioned here, are doing more than protesting Sony BMG’s use of DRM spyware. They are revolting.
Rootkits have been making the news with increasing frequency recently and I expect this trend will continue. eWeek recently quoted Microsoft’s Anti-Malware Technology Team leader Jason Garms as saying more than 20 percent of malware removed from systems running Windows XP with Service Pack 2 are rootkits.
As a follow up to yesterday’s post about why DRM leads to spyware, I thought I’d show the difference in a DRM protected CD and a normal CD. The CD that I wrote about, "Z" by My Morning Jacket, uses the Media Max SunnComm DRM, also found to have security issues as described here by the Electronic Frontier Foundation (EFF).
Freedom to Tinker has a fascinating post on copy protection and why the use of spyware with DRM is a logical progression.