By Robin Laudanski March 5, 2006 Finally someone from Aluria has decided to respond. In a previous article I mentioned a thread at PCMag wherein some comments were made which basically suggested I was lieing about my attempts to contact Mr. Goldstone. Once again I've been called a liar, only this time it was by Rick Carlson former President/CEO of Aluria Software. The thing I find most remarkable about his entire reply is not that I'm being called a liar I expected that from Aluria and it isn't that

By Robin Laudanski March 3, 2006 Earlier today I happen to come across something at another site, which I found quite funny since the comments seemed to be an attempt to discredit CastleCops and myself, by asserting that we didn't try to contact Mr. Goldstone of Aluria until after I published the Aluria Trys To Whitewash The WhenU Fiasco article. When we publish something we do make every effort to ensure that the information provided is accurate and we also make every effort to ensure that everyone

By Robin Laudanski March 2, 2006 Some of you might remember back in October of 2004 Aluria Software delisted WhenU and Certified them as being Spyware Safe . Would it suprise you to find out it now appears Aluria is trying to cover their tracks? Isn't it wonderful the internet has such extensive resources that even when a company or individual tries to cover up something they did it is almost impossible to completely remove it. In previous articles written by CastleCops Staff on WhenU, Aluria and

Full Source Last time we wrote about a rebrand of SpyAxe called SpywareStrike , this time we alert you to SpyFalcon courtesy of Sunbelt-Software. First, if you think you're infected, read our removal tutorial on the whole SpyAxe issue. And there is an interesting twist... the webhost provider is dishing out the WMF Exploit! This domain was registered on 16-Jan-2006 by David Taylor under the guise of SunShine Ltd. It uses the "ANTISPYDNS.BIZ" domain for its DNS traffic. The domain is hosted by NetcatHosting

There is a new mass mailing worm that has been infecting many users. Going by some different names, its best known as the Blackworm or Kama Sutra. On February 3rd, this worm is scheduled to overwrite the following file types with bogus data: *.DOC *.XLS *.MDE *.MDB *.PPT *.PPS *.RAR *.PDF *.PSD *.DMP *.ZIP Feb 3rd is just the beginning, because its scheduled to activate on the 3rd of every month. Once someone is infected, the worm visits a webpage at rcn.net to increment a counter. This counter theoretically

Microsoft has just released its official patch for the WMF 0-Day . In the Microsoft Security Bulletin MS06-001 , Microsoft states in its executive summary: This update resolves a newly-discovered, public vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. Note This vulnerability is currently being exploited and was previously discussed by Microsoft in Microsoft Security Advisory 912840. If a user is logged on with administrative user rights, an

Congratulations to all the newest Microsoft MVP for Windows-Security corrine coyote daveai dvk01 ikeb jacee marianna negster22 oldfrog swandog46 taz71498 Soon to be added to: http://wiki.castlecops.com/Microsoft_MVP You all deserve it! Source

There is a lot of public information available right now on the WMF Exploit and workaround patches. This article will attempt to answer some basic questions surrounding the WMF Exploit and those patches, including why Microsoft is waiting to release their official patch on January 10th, and rumors of an early MS patch Internet leak. What is WMF? Microsoft defines WMF as the Windows Metafile, a 16 bit metafile image format contained both vector and bitmap data. What is the issue with WMF? The WMF

As you've read in the security alert concerning the WMF exploit there are very limited tools to patch or catch an exploitable computer system. Ilfak Guilfanov, the author of the Windows WMF Hotfix, has written a WMF Vulnerability Checker. Please read Ilfak's instructions on using the WMF vulnerability checker. Although a word of caution is offered: Do not use this check as a definite answer to the WMF vulnerability question. But if your system was vulnerable, it should be invulnerable after installing

There is a new danger floating around the Internet right now, a zero-day exploit taking advantage of the Windows Media Format (WMF). Its not limited to WMF files, it is taking the shape of images as well. This exploit is currently billed as the worst infection in history. It can hide rootkits, it can even hide itself. This is not a joke . Many antivirus companies can not discover this malware at present. Microsoft is not responding fast enough. There is currently no known way to detect if your system