Windows Shell/User (MSN & OneCare Too) : Security

Facebook widgets try to install spyware - heise Security

ericvogel — Sun, 06 Jan 2008 05:48:06 GMT

Facebook widgets try to install spyware

Facebook widgets try to install spyware - heise Security

Another reason I should remove more of them or all or shut down my FaceBook account.

Malware Hits The Mac

ericvogel — Thu, 08 Nov 2007 00:42:00 GMT

Malware Hits The Mac
CUPERTINO, Ca. - What a McAfee security expert calls a "nasty" piece of malware, Puper, has hit Apple Macintosh computers with a thud.

Michigan Technology News, the online source for Michigan's technology business

TJX Intruder Moved 80GB of Data Without Detection

ericvogel — Mon, 29 Oct 2007 15:42:31 GMT

This TJX (TJMax, Marshal's & Home Goods) mess seems to be getting bigger and bigger and I do not see this info coming out in consumer news, only computer industry news.

TJX Intruder Moved 80GB of Data Without Detection
By Evan Schuman
October 25, 2007
Federal court filings show TJX had failed to comply with nine of the 12 applicable PCI requirements.

TJX Intruder Moved 80GB of Data Without Detection

GLITR - State fixes virus slowdown in computers

ericvogel — Wed, 28 Mar 2007 17:17:47 GMT

Another fine reason to patch your Windows Installations. State of Michigan allowed 55,000 computers get infected with the Rinbot virus. Secretary of the State had to turn people away. Now I wonder if our fine state has a anti-virus / spyware solution and if it is up-to-date.

Link to Great Lakes IT Report

Spyware Sucks : GOTCHA! Winfixer and AOL

ericvogel — Tue, 27 Mar 2007 22:42:09 GMT

Internet Services Providers are not carefully screening their advertisements and these companies (WinFixer) use them to trick you into putting Spyware on your PC.

Link to Spyware Sucks : GOTCHA! Winfixer and AOL

Windows OneCare Live 2.0 Beta Testing to Begin - News and Analysis by PC Magazine

ericvogel — Wed, 07 Mar 2007 18:40:00 GMT

Beta testing to start late April, and ship in Fall 2007

New Features:

Wireless connection - Help setup secure WIFI connections.
Printer Sharing Support - Help connect printers to the local network.
Management of Startup Programs - Includes speed boot time by automatically detecting rarely used programs and removed them.
Online Backup - Dedicated to photos and requires an additional fee. (Try www.xdrive.com for 2-3 gigs free space an download the desktop app to auto-backup.
Unified Monitoring - You can track the security and maintenance status from any PC on the network.
Unified Resolution - will let an administrator correct problems on other installations.
Monthly activity report - Summarize important activities and actions for all connected installs.
New automatic tune-up features.
Parental Controls - This is optional and will be available with Windows Live! Family Safety Services comes out of beta.

Link to Windows OneCare Live 2.0 Beta Testing to Begin - News and Analysis by PC Magazine

My Wish List:
64-bit support. (Very popular request)
Backup to other services like XDrive

For Sale: Phishing Kit - Security News Analysis

ericvogel — Mon, 15 Jan 2007 14:14:26 GMT

RSA this week said it has discovered what it calls the Universal Man-in-the-Middle Phishing Kit, an all-in-one package that provides the raw materials to launch sophisticated phishing exploits that appear to be operating on legitimate Websites.

Source: Dark Reading - Desktop Security - For Sale: Phishing Kit - Security News Analysis

This is what is worse than exploits and such. People who make it easy for the average person to do.

Ben's Space: MySpace Viruses and How to Prevent Against Them (and Other Viruses)

ericvogel — Thu, 28 Dec 2006 13:56:30 GMT

More reasons to be careful on MySpace and other websites.

To Whom This May Concern:
The MySpace website (http://www.myspace.com) is filled with thousands of viruses. Many of the viruses steal people's passwords to post advertisements on their bulletins, wasting system resources, bandwidth, and disk space. Other viruses are not meant to advertise, but rather to harm ones system by deleting files, stealing credit card information, and doing so much as deleting ones system.

Source: Ben's Space: MySpace Viruses and How to Prevent Against Them (and Other Viruses)

WARNING: Phishing Scam on MySpace. Test your profile themes!

ericvogel — Thu, 30 Nov 2006 04:20:00 GMT

I went to post a comment on a friends MySpace profile tonight, and I clicked the top navigation banner to go Home to my main screen. I could have chosen Mail or Bog does not matter. Instead I got re-directed to a login screen and thought it was a corny flaky MySpace server. It was not, I looked at the URL and guess what? I had been phished. And IE7's Phishing filter does not even have a clue (Nor does the latest version of FireFox.). I had to report the profile to MySpace saying I think the user did not know and I told my friend his theme is phishing people for passwords. I know my friend would not do this, so what is the point?

When you apply a theme to MySpace from a theme site, test out the MySpace links and if they try to phish someone, report them to MySpace and get your theme from another site.

How do you know if you maybe phished?
Your in the middle of doing something and your asked to login. I know MySpace does this on occasion due to a server hiccup or an expired cookie, but if Internet Explorers password fill-in does not work or just look up the the URL is www.cake.fi with a MySpace login. Immediately let the user know and go directly back to MySpace by typing www.myspace.com.

If, like me did not catch it change your password. Here is a catch, cannot be more than 10 characters long. Kinda hard to make one to remember and be secure? Why are there these limitations on services, if your gonna put one on make it 25 characters or something.

Update: The website takes your login info, runs a script on myspace and it will add the phishing info to your profile. It sticks the code at the end of your About Me section so look for foreign code and you can then remove it. Like mine I saw Cakeit in it so I deleted all that plus up to the <Style and then I saw I lost the nav bar, so I went and deleted to the next <style and it was back to normal. Please check back, I may edit / add more later.

Windows Live OneCare (v1.5) and Windows Vista set to Launch Same Day (Plus Special Deal)

ericvogel — Thu, 09 Nov 2006 02:00:13 GMT

Windows Live OneCare Team Blog: Windows Live OneCare (v1.5) and Windows Vista set to Launch Same Day

As you may have heard, Microsoft announced some big news today – the Windows Vista has now been released to manufacturing and the general availability date is set for January 30, 2007! So what does this mean for Windows Live OneCare? Quite a bit. The next generation of Windows Live OneCare (v1.5) will launch globally the same day Windows Vista rolls out to the general public. Because the new version of OneCare was designed with Windows Vista in mind, we think every homeowner and small business owner that purchases Windows Vista for their PC will like OneCare equally as much for its unified antivirus and antispyware filtering capabilities, and more backup options, not to mention the ongoing PC maintenance it provides.
If you’re already a OneCare subscriber, we encourage you to check out Windows Vista when it comes out next year, knowing that OneCare will still be there to help you with your PC care needs. And if you’re one of the lucky few who’s already running the pre-released version of Windows Vista, you can still test v1.5 of Windows Live OneCare by downloading it at http://ideas.live.com/. As the Windows Vista launch date nears, Microsoft will begin providing a special offer to Windows Live OneCare beta testers. We’ll share more details on the special offer soon.
All the best,
Gina, Lead Product Manager and OneCare team guest blogger

Source: Windows Live OneCare Team Blog: Windows Live OneCare (v1.5) and Windows Vista set to Launch Same Day

Windows Defender is out of Beta.

ericvogel — Tue, 24 Oct 2006 12:53:11 GMT

Windows Defender is now out of beta. Please update ASAP to get the latest version. Please note the beta version expired 12/31/06, so PLEASE do not let your anti-spyware expire! Still only runs on XP and Windows Server 2003.

http://www.microsoft.com:80/athome/security/spyware/software/default.mspx

Windows Live! OneCare 1.5 Beta Released!

ericvogel — Mon, 09 Oct 2006 00:58:00 GMT

New features:
- Updated interface that looks close to the standardized Windows Live! / Vista look
- Windows Vista support. (Sorry, 32-bit only)
- It now stays orange to you install a beta version of IE 7 RC1. (I think it should not happen to IE 7 goes gold)
- Also stays orange if your phishing filter is turned off. I rather have this off to. I know who to detect phishing and do not want the potential overhead IE 7 uses.
- You can have backup happen during tune-up or different schedules or to remind you
- A VERY frequently asked feature, Network and USB Storage backup! (Yes, they do listen)
- Anti-Virus scan now has its own schedule of daily (default) and can changed to a certain day. (I prefer to never have a manual scan, but no less than 4 weeks.)
- WOC can take automatic action against possible unwanted software also moderate
- Supports 17countries

For more info, please see the OneCare Team blog: http://windowsonecare.spaces.live.com/blog/cns!C29701F38A601141!2455.entry

Updated 1:10 PM EST

Microsoft admits WGA failures “coming up more commonly now”

ericvogel — Fri, 29 Sep 2006 16:30:00 GMT

Here is some more info about WGA issues for valid legal customers:
http://blogs.zdnet.com/Bott/?p=142&tag=nl.e540

Susan Bradley states Microsoft snuck us a WGA update without stating so or the changes:
http://msmvps.com/blogs/bradley/archive/2006/09/27/Communication-101.aspx

AOL Security Tool Raises Adware Questions

ericvogel — Fri, 18 Aug 2006 15:58:08 GMT

Consumer advocates criticize AOL's free Active Virus Shield antivirus software licensing agreement.
http://www.pcworld.com/article/id,126803-c,antivir...

Microsoft Nabs Anti-Virus Ace from Symantec

ericvogel — Thu, 17 Aug 2006 14:41:12 GMT

Symantec did a great job with Norton products till they got very bloated. I am glad to see Microsoft pull a anti-virus pro from Symantec to work with OneCare and the corporate version in the near future.

http://www.eweek.com/article2/0,1759,2004336,00.as...

Adware Offers Bogus Security Apps

ericvogel — Fri, 21 Jul 2006 18:01:00 GMT

Newly discovered adware in the wild tries to dupe users into installing fake security applications. According to Panda Software's PandaLabs, the adware program, ProtectionBar, warns users that their computers are infected with malware, and they must purchase a license for the "security app" to remove the bad code... http://www.darkreading.com/document.asp?doc_id=99483

Always best to stick with a known good program like: Microsoft Windows Defender www.microsoft.com/spywarewww.microsoft.com/spyware (Free) Ad-Aware www.lavasoftusa.comwww.lavasoftusa.com (Free & Paid) Spybot www.safer-networking.orgwww.safer-networking.org (Free (Donations Accepted)) Spy Sweeper www.webroot.comwww.webroot.com (Paid. Can get good deal at Costco or free with MSN Premium & Dial-up, or cheap or free with promo sales.)

These are the main ones I have used, and most used by the public when giving support online or offilne. (I have not tried Spy Sweeper. )

Other security companies make them too and/or include them in their ANti-Virus products. Symantec (Norton) came in the market 2 years late and am not sure if I trust them enough yet. Work Computers run Symantec Anti-virus 10.1 and Windows Defender. Panda, McAfee, CA and TrendMicro also sell them.

Microsoft Sued Over WGA Program

ericvogel — Fri, 30 Jun 2006 13:02:00 GMT

I am glad someone is fighting this buggy software that treats legal customers poorly.
http://www.betanews.com/article/Microsoft_Sued_Over_WGA_Program/1151615015

AOL To Release WOC Competitor

ericvogel — Fri, 02 Jun 2006 13:02:00 GMT

Look to the bottom. http://www.betanews.com/article/Microsoft_Debuts_Windows_Live_OneCare/1149095737

Updated:
AOL to enter security arena
http://news.com.com/AOL+to+enter+security+arena/2100-7355_3-6080800.html?tag=nefd.top

OneCare - Now Available at Retail

ericvogel — Wed, 31 May 2006 18:51:00 GMT

http://spaces.msn.com/windowsonecare/Blog/cns!C29701F38A601141!1601.entry

They released it sometime yesterday, is available today, but was supposed to be released tomorrow June 1rst. Congratulations WOC Team on releasing a superb product!

Windows Live! Safety Center releases update.

ericvogel — Wed, 31 May 2006 18:47:00 GMT

The visible changes I see are a Custom button for a custom scan under comprehensive scan and when you click on that there is a Custom button for the spyware checker which loads your drive tree to select drives/folders/files. I am sure there are more changes under the hood.