For those interested in learning more about the anatomy of todays phishing scams, Net-Security.org has an interview with two security researchers who are speaking out about the phishing underground.

From the article:
"What started as a simple examination of phishing sites, turned into an extraordinary view of the ecosystem that supports the phishing effort that plagues modern day financial institutions and their customers."


A New Michael

by Wolfa on January 25th, 2008 in Everyday Life at Lavasoft.

What is public and private data when it comes to our online lives? How much information should your search engine be able to record about you?

Following a recent European Parliament hearing on online data protection, specific questions on Internet Protocol (IP) addresses have been raised.

According to the head of the E.U.'s group of data privacy regulators, IP addresses should be regarded as personal information, a move which would have consequences for how some search engines record data.


The Aesthetics of Malware

by Tobias on January 23rd, 2008 in Riff Raff.

Visual artist Alex Dragulescu has created a set of aesthetic, organic-looking visualizations of malware.

"For each piece of disassembled code, API calls, memory addresses and subroutines are tracked and analyzed. Their frequency, density and grouping are mapped to the inputs of an algorithm that grows a virtual 3D entity. Therefore the patterns and rhythms found in the data drive the configuration of the artificial organism."

Have a look at: http://sq.ro/malwarez.php


For those of us in the online security industry, we don't question the fact that cyber crime is a real threat to consumers.  And anyone who has been a victim of data theft can attest that security is nothing to scoff at.


Researchers predicted that Storm was on the horizon for a new spam bout in mid-February - in order to take advantage of Valentines Day - but it seems to have hit a month early.

You may enjoy seeing messages of love in your e-mail inbox, but you need to be especially cautious of their validity; Storm is now using affectionate notes to worm its way into users' computers.


The folks at Zango contacted us about our blog posting triggered from the Zango/Facebook article that was posted over at Fortinet. They are not happy with the manner in which we've handled our corporate ethics when reporting this information. We'd like to reprint their comments and give them fair space here so that you hear both sides and can make an informed decision for yourself.

[Quote]


fortinetZango, despite their best intentions, just can't seem to help themselves. They are at it again, this time using social engineering to help spread their worm that is masquerading as a secret crush on your Facebook page.

Before you can find out who the secret crush is you have to agree to download an application that allows it to:

(photo: Fortinet)


The software update to 7.0.2.6 contains some exciting new additions to Ad-Aware 2007.

First of all there have been changes made to various parts of the scanning engine, which improves the detection and removal of malware affecting LSP and NSP, a network scanning problem has been fixed, and the malware removal at Windows startup now removes folders.


Some of the most common methods of malware infection are through exploits of unpatched operating systems (like Windows), web browsers, and software programs. In spite of that, only one out every 20 users is running a fully patched Windows PC, according to recent reports.


It's not too late to commit to those New Years resolutions that you made at the end of December.

We're making it easy for you to start 2008 off right by protecting the private information on your computer; learn how to get a fresh start for your PC and find out what you should be doing to stay safe online this year in the recently released January issue of Lavasoft News.


Lunch

by Wolfa on January 4th, 2008 in Everyday Life at Lavasoft.