Blogs are popularly being read on RSS aggregators these days. That or via Atom feeds and recently, it has been said that attackers could use Javascript to take advantage of this. According to an article on USA Today, this could be any kind of information as long as it is in this format. In the said article, you could also find out the list of vulnerable readers: Bloglines, RSS Reader, RSS Owl, Feed Demon, and Sharp Reader.

This kind of news is actually not so new. Mark Pilgrim was one of the bloggers who has written about this before. He even set up an experiment of sorts, wherein subscribers to his blog feed saw a screen full of platypi. He has mentioned in his blog entry that the difficulty with RSS is that there is a lot of arbitrary HTML and it could include Javascript — it could be malicious Javascript as designed by some attackers. Mark Pilgrim even listen down the elements that should be stripped off by RSS readers, just to be safe:
script tags, embed tags, object tags, frameset tags, iframe tags, meta tags, link tags, style tags, style attributes from every tag.

If you are always subscribing to different blogs, forums and mailing lists through RSS, you should be careful about it. If there are comments RSS, you could also take precautionary measures by not subscribing to it. It is possible to get attacked through the RSS of comments. Aside from that, if you have set up your own personal aggregator, make sure that you have a ’smart’ aggregator which strips off the said tags. If you have an aggregator on your computer, check if it is vulnerable. Maybe you could install something else that isn’t prone to attacks via RSS. It is better to be secure after all.

Tags: IT Security Basics, Malware, News, Tips

Categories: IT Security Basics, Malware, News, Tips

Leave a Comment

Harmful objects can be obtained from the web. We are all aware that Malware and Trojans are rampant objects that have been wandering of anywhere on the Internet, especially websites that are often visited by people for reference and information. Such sites would get hijacked and also contaminate visiting users as well, something that can be done through Internet cookies stored on the web folder in the machines.

While developers and security administrators have religiously searched for ways to find such solutions, the ever changing development of new threats coming from the Internet has been far from over. To date, even the well-protected workstations can still be penetrated by objects that are not immediately visible.

Internet fences in the form of firewalls and software protection templates have tried to stop such intrusions but need to be updated frequently to answer the related threats. Without such temporary fences that are up, workstations are sitting ducks waiting to be shot, and if web administrators are not up to date with the new threats, the fences used are good as gone once they occur.

Tags: firewall, Malware, Spyware, trojans

Categories: IT Security Basics, Malware, Network Security, Physical Security, Security Policies, Spyware

Comments Off

Viruses and malware issues are far from being a thing of the past. On the contrary, they seem to grow large by numbers as each day passes. Thus the works of security software companies have their work cut out for them. There is not definite date to which such threats and intrusions would wholly be resolved.

For the time being, it would be advisable for people to scan third party storage devices such as diskettes, USB drives and mobile storages to be safe and sound. These wandering viruses can attack at any time and this is a fact anywhere computer related materials are concerned.

Files can go as far as infecting the executable files, hence document, excel and compiled scripts are baits for immediate infection and malicious intrusions. Software applications also have their limits as their development teams cater only to a specific genre for known harmful files. But it is better to lower the risk of intrusion than not having protection at all.

[tags]scan, spyware, virus, infections, spyware, malware, trojans[/tags]

Tags: infections, Malware, scan, Spyware, trojans, virus

Categories: Backups, IT Security Basics, Malware, Network Security, Operating Systems, Programming, Real-World Issues, Security Policies, Spyware, Storage, Tips, Wireless Security

Comments Off

Not everyone hates worms – the natural kind, that is. I still remember classmates from grade school (even high school!) who grossed out everyone else by eating worms in their natural state. I am talking about a different kind of worm here, though; the kind that everyone hates; computer worms.

Pretty soon, we just might have ants on our side to combat the threat that worms pose year in and year out. Researchers in the field of IT security have been working on a project to combat worms, drawing their inspiration from the common ant. The Daily Tech tells the story:

Security researchers found inspiration in the common ant. Describes Wake Forest University Professor of Computer Science Errin Fulp, “In nature, we know that ants defend against threats very successfully. They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We were trying to achieve that same framework in a computer system.”

WFU created digital “ants” — utilities that migrate from computer to computer over networks searching for threats. When one locates a threat, others congregate on it, using so-called “swarm intelligence”. The approach allows human researchers to quickly identify and quarantine dangerous files by watching the activity of the ants.

The implications are tremendous. Anti-virus software that is commonly used today usually take up a lot of resources, and make computers slow down. With this new technology, we just might see a whole new breed of anti-virus programs. While everything is in the research and development phase still, it does give us a bright future in terms of fighting malware!

Tags: antivirus, ants, it-security, Malware, worms

Categories: Malware, News

Leave a Comment

Worms and Trojans can make their way into local intranets fast if you don’t have a good firewall to protect your networking environment. Most of it originates from overlooked files like granting access to the Internet for specified users. But rest assured, unless you document and orient these people on potential risks, chances are the ones to whom you grant access will be the bane of your network security issues.

A worm can multiply fast if not contained immediately. For one, it can affect the whole network. So how do you go about it?

1. Unplug all the computers from the network. Cable disconnection would be a good start. If they are not connected, then there is no place for them to go. Depending on the number of workstations, you may have your work cut out for you. But at least it defeats the need to come and go from one workstation to the other once one is cleaned.
2. Scan the computers manually using a CD. As much as possible use a write-once optical disc. This way, if you find the worm or virus, you have it cornered. There is no place to hide nor go for them.
3. Restart and make a second check. Make sure everything is clean for one workstation. Do this for the rest of the computers that have been potentially affected.

This process requires a lot of patience. But it beats having to turn to the usual formatting and clean everything from scratch. It is indeed demoralizing, but the thing is, you just have to deal with it since better security policies need to be enforced on your end as far as users are concerned.

Tags: Malware, networkin, trojans, worms

Categories: Malware, Network Security

1 Comment

One click is all it takes to be infected and for the avid PC user, it would be wise to make sure that you look before you click. Malware issues can come in different forms like:

1. Emails
2. Popups
3. Links via Instant Messaging

In fact, even if you know the person who sent you the link, you cannot entirely rely on your relationship and trust with them as the main reason for clicking on the link. This was done before but today, people have to be aware that there are some accounts that can be easily hacked or even impersonated.

Much of these issues have plagued us through the years. Some have had their share of problems dealing with Malware and Trojans. They are different from viruses but sometimes, they can do more harm compared to the traditional viruses.

Even having anti-virus or anti-spyware protection is not guarantee from being contaminated with them. Remember, a click is all that it takes and all hell will break loose. For most, it is easy to remedy since they can reformat their computer. But think about the files you may lose from the moment you click on these links.

It may be hard to save these files since chances are they have already been infected. With that said, your files and PC are practically good as dead. So the moral of the lesson is, don’t be trigger happy with clicking. You are just raisin the stakes of being infected by doing so.

Tags: Malware, security, Spyware, trojans

Categories: Malware, Spyware

Leave a Comment

We know for a fact that the battle towards malicious software and viruses released on the web has caused a lot of pain as far as pinpointing and remedying them but apparently nothing has been done to really resolve them. We buy licensed software but we have to ask ourselves on the extent of their coverage. Are they up to date and can they really save us from all these uncertainties of getting online?

Microsoft has been a prime target, being one of the widely used operating systems we know of today. But while Bill Gates and company are doing their part in being able to address the various intrusions and headaches that they can do with a simple click, you just don’t know who to trust these days. Even the software companies have the ability to manipulate and do some foul work and they are occurring right under our very noses.

Security researchers concede that their efforts are largely an exercise in a game of whack-a-mole because botnets that distribute malware like worms, the programs that can move from computer to computer, are still relatively invisible to commercial antivirus software.

So with all these things set on the table, is the cyber world safe for anyone? We can fend off threats but the question is are we resolving the situation or merely providing a temporary solution to the problem? Sad to say, it is the latter. We are content with detecting them but it is really the cleaning and protection part that needs improvement.

Tags: cyber wars, internet, Malware, trojans

Categories: IT Security Basics, Malware, Security Policies, Spyware

1 Comment

Whether you are downloading a trialware or files from Bittorrent, the chances of cracking or using the full version has severely dwindled in the past months. For one, other than possibly downloading infected software with Trojans and malware, unlocking these supposed protection software has taken a bad hit by the advanced efforts of private software companies to crack down on piracy.

Take for example Kaspersky Internet Security 2009 which has cracked the whip on licenses by blocking them once you start updating the software. While you can install and crack them, they are rendered useless in the end since once you hit that update option, your key is automatically blocked. Worst, malware and Trojans start coming in (a scenario which I don’t understand if it was made on purpose by the vendor in sending malware) infecting the systems folder where Windows is installed.

Before you know it, dozens of files in the form of dll’s start showing and mind you, they are dangerous. So if that was the case, it makes you think if you were better off not using an anti-virus software at all.

But such is the price to pay for trying to pull a fast one. Everyone loves free things and free software is surely to be an eye-catcher. But if the return is tons of viruses and malicious programs that can wreck your computer, you better think twice before downloading them again.

Tags: cracked, kasperksy, Malware, software, trojans, viruses

Categories: Operating Systems, Spyware

1 Comment

What drives a potential developer to come up with their own anti-spyware software? Well for sure, it is the part where he would experience such a inconvenience and apparently for Blue Penguin Software founder Carl Haugen, this lead to the development of SpyZooka.

SpyZooka guarantees 100% removal of spyware, adware, Trojan horses, hijackers, botnets and other malware threatening the security of your computer. SpyZooka will accomplish this in an astoundingly fast 24 hours! Blue Penguin backs up this guarantee with solid results, round the clock technical support and a string of satisfied customers.

The success of SpyZooka has been quiet since 2004. In fact, SpyZooka was not even among the top anti-spyware software that we would come across the web. But regardless, SpyZooka is not a hoax or pushover. It has even gotten a number of prestigious awards including Wugnet’s Shareware Hall of Fame and Tucows five cows.

So how is this new software reliable? Well for one, it covers most of the hazards of the web today including Trojans, spyware, adware hijackers and botnets. Much of these malicious things reside on the web and on some websites that we rarely notice. So if that were the case, we need protection especially now that people are at fever-pitch attachment towards using the web for various purposes such as browsing or sending a simple email.

If you are in the market and want a reliable software to help you out, check SpyZooka out. It can make a difference and perhaps resolve problems faster than other spyware annihilators available today.

Source

Tags: Malware, spyzooka, trojans

Categories: Malware, Network Security, News, Spyware

1 Comment

Downloading files such as audio on the web is nothing new. In fact, it has become an addicting way to get good music absolutely free. But before we do go on enjoying this privilege, we also have to take into consideration that freebies can provide us more than good files to cherish. They can also carry viruses to which many of us may not be totally aware off.

One thing about viruses is you cannot immediately pinpoint them. Unless you have a very reliable virus scanner, chances are you may not even be aware that you have malware or viruses on your computer. This has been proven before. Not until you are able to do a proper scan for potential security threats to your computer and the files in it will you wake up and see at the mess you have downloaded. You may have gotten the files free from the web but you also have bonuses like having a totally infected computer for all your effort.

This is not new to us anymore. We have been hearing such problems from friends or even reported in leading websites such as technology-based articles. The threats are for real. Apparently we just choose to ignore these warnings at times and while single computers can be remedied, what if you are a workstation inside a network?

Viruses and Trojans can easily make their way and multiply to other sites. Through connectivity which a single PC may have, it would not be surprising to note that having lurking viruses that can spread like crazy can really occur.

Tags: downloads, Malware, trojans

Categories: Malware, Network Security, Spyware

1 Comment