Browse Blog Posts by Tags

MVP WordPress Blogs

Browse Blog Posts by Tags

Showing related tags and posts for the Blogs application. See all tags in the site

More DIRECTI

I have expressed concerned about DIRECTI in the past few posts, and I now have even more cause for concern. Paul Ferguson of TrendMicro let me know about a slew of DIRECTI registered domains which are serving up exploits. How is this for a list (all of which were registered on 22 July 2009): IP 78.47...

Posted to Spyware Sucks by sandi on Thu, Jul 23 2009
Filed under: Filed under: Vulnerabilities, viruses and exploits
ALERT: Two malvertizements seen at Spaces (not skydrive) and Hotmail...

Edit: BTW, it is Spaces and Hotmail - I haven't seen the malvert at Skydrive yet. Kimberley saw the first one, a malvertizement featuring perfectmatch.com: I have discovered another malvertizement featuring IMIN - we have seen this advert several times in recent days in different places: Details...

Posted to Spyware Sucks by sandi on Tue, Nov 18 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
Microsoft Security Intelligence Report: January through June 2008

The Microsoft Security Intelligence Report for the period covering January through June 2008 has been released. Executive Summary Full report Key findings summary The full report is a hefty 150 pages long. I have only had time to take the briefest of glances at it, and even then I have focused only on...

Posted to Spyware Sucks by sandi on Sat, Nov 1 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
SWF for malware deployment

Mea culpa: Marian is apparently male, not female. Marian Radu of the Microsoft Malware Protection Center has written about SWF being used for malware . She He states: " What I found out is that, excluding flash exploits, SWFs are mainly used as redirectors " Yep, we know this ... that is why...

Posted to Spyware Sucks by sandi on Fri, Oct 31 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
Hold fire on Fuse Kit....

Moses Gunesch, the author of Fuse Kit, has posted a comment to my blog here: http://msmvps.com/blogs/spywaresucks/archive/2008/08/17/1644872.aspx#1644983 I may have to eat an awful lot of humble-pie if I have misunderstood the capabilities and features of Fuse. I always hate, with a passion, getting...

Posted to Spyware Sucks by sandi on Mon, Aug 18 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
ALERT: Firefox with NoScript does NOT ALWAYS protect from SWF clipboard hijacks

Topic subjected edited to add the word "always". I stand by my statement that there are users out there who believe that "NoScript" will protect them from incidents like the clipboard hijack, even when they have disabled "Forbid Flash", and need to be told that this is not...

Posted to Spyware Sucks by sandi on Sat, Aug 16 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
ALERT: malvertizement at newsweek.com (hosted by washingtonpost.com)

Edit: Please review this article re Fuse: http://msmvps.com/blogs/spywaresucks/archive/2008/08/19/1644991.aspx Once again, it is a malvertizement created using Fuse Kit. Again, there are signs that the malvertizement came from the now defunct trackstarmedia. Kimberley has all the details at her forum...

Posted to Spyware Sucks by sandi on Fri, Aug 15 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
ALERT: malvertizement featuring cardstore.com

Edited to fix typos - changing cardshop to cardstore - (it had been a *long* day) I finally got a sample of the malicious advertisement featuring cardstore.com: Interesting points to bear in mind about this incident are: The malvertizement was received from the currently defunct trackstarmedia.com. The...

Posted to Spyware Sucks by sandi on Wed, Aug 13 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
ALERT: malvertizement from trackstarmedia.com (domain suspended)

I have just received word that a malvertizement featuring cardstore.com has been discovered. The distributor of the malvertizement is, according to my contact, trackstarmedia.com I'll post further information, and screenshots, as it comes to hand. Thumbnail of trackstarmedia.com page, courtesy of...

Posted to Spyware Sucks by sandi on Tue, Aug 12 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
ALERT: Watch out for new malvertizements featuring ETRADE

Edited to fix title...

Posted to Spyware Sucks by sandi on Wed, Aug 6 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
Microsoft Security Intelligence Report (July through December 2007) - Key Findings Summary (Australia, Canada, Germany, Japan, Netherlands and Norway)

Downloadable here: http://www.microsoft.com/downloads/details.aspx?familyid=671355c2-4002-4671-8619-95c96c8a897f&displaylang=en&tm The worldwide average was malware removal from 1 out of every 123 Windows-based computers in the second half of 2007. Summary - Australia During each month in the...

Posted to Spyware Sucks by sandi on Sun, Jun 22 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
New malvertizements featuring diamondharmony.com

Screenshot of diamondharmony.com malvertizement

Posted to Spyware Sucks by sandi on Fri, Jun 13 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
ALERT: Malvertizements at disney.fr

These criminals, whoever they are, have absolutely no shame. I thought that they were the scum of the earth when they impersonated Oxfam; now they are getting their malvertizements onto popular chidren's sites. As reported by Kimberley - the malvertizements have been reported to RealMedia: openad...

Posted to Spyware Sucks by sandi on Tue, Jun 10 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
ALERT: Adobe Flash Player SWF File Unspecified Remote Code Execution Vulnerability

Affected versions are 9.0.124.0 and 9.0.115.0. The best analysis that I've seen so far is at SecurityFocus: http://www.securityfocus.com/bid/29386/info The frightening thing about this alert is that the vulnerability is being actively exploited, with tens of thousands of web sites being compromised...

Posted to Spyware Sucks by sandi on Wed, May 28 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
A new look dottunes malvertizement

A new style Dot Tunes advertisement: The adopstools results are here: http://www.adopstools.net/index.asp?page=quicklink&id=r60Siyiw02bZgpaa When the SWF is displayed on a system it hits the following URLs: traveltray.com/crossdomain.xml and traveltray.com/stats.php?u={{removed}}&campaign=ofdidactic...

Posted to Spyware Sucks by sandi on Tue, May 27 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
I am NOT associated with bucksbill.com

Ok, there are a lot of people out there who are upset at being overcharged and defrauded by bucksbill.com. Just check out the comments here and here . Unfortunately, people are also emailing me directly because they (mistakenly) believe that I and/or this blog are associated with the fraudsters. For...

Posted to Spyware Sucks by sandi on Mon, May 19 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
ALERT: Malvertizement at en.f1-live.com?

A comment has been made to this blog warnin that http://en.f1-live.com/f1/en/index.shtml has been serving malvertizements during the the past week or so. We're investigating. If anybody sees anything, please let me know.

Posted to Spyware Sucks by sandi on Mon, May 19 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
ALERT: malvertizement at boston.com?

I received this alert via email: " My girlfriend was surfing boston.com last night and she landed on some nasty code that redirected her to that classic alert bos in the lower left hand corner of the screen. This time is was for XPShield which is widely known as rogue. Anyway I had known that you...

Posted to Spyware Sucks by sandi on Mon, May 19 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
Press Release: Washington Attorney General settles case with man accused of using pop-ups to hawk software

SEATTLE – A 21-year-old Scottsdale, Ariz., man accused of coercing consumers to buy software that actually turned their computers into spamming machines agreed to a settlement that substantially restricts how he markets software in the future, the Washington Attorney General’s Office announced today...

Posted to Spyware Sucks by sandi on Mon, May 19 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
Photobucket.com - an update

I am pleased to advise that one of the malvertizements that was appearing at photobucket.com, being the Tokyo Drift malvertizement being distrubted via adbureau.net, has been removed from circulation. As far as I know, the other malvertizements, hosted by atlas-ads.com, may still be in circulation. The...

Posted to Spyware Sucks by sandi on Tue, May 13 2008
Filed under: Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits

Page 1 of 12 (236 items) 1 2 3 4 5 Next > ... Last »

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.