14501038
submission
SnugglesTheBear writes:
'The browser, which is based on version 3.6 of Firefox, comes with Adobe Reader and Flash plug-ins, as well as the ability to create 'white' and 'black' lists of the processes that may be started during web surfing as well as the sites that can be visited.
"Limiting browser use to specific sites can control usage and protect from cross-site scripting attacks. By specifying which sites are to be blocked, it makes it easy to keep users away from known bad sites, and thereby limit their exposure to attacks," Dell said.' Coupled with the malware shipped in Dell's motherboards, you will still have an infected machine, but perhaps this can help..
14438924
submission
SnugglesTheBear writes:
"Bot herders and the crimeware gangs behind banker Trojans have had a lot of success in the last few years with using bulletproof hosting providers as their main base of operations. But more and more, they're finding that social networks such as Twitter and Facebook are offering even more fertile and convenient grounds for controlling their malicious creations.
New research from RSA shows that the gangs behind some of the targeted banker Trojans that are such a huge problem in some countries, especially Brazil and other South American nations, are moving quietly and quickly to using social networks as the command-and-control mechanisms for their malware. The company's anti-fraud researchers recently stumbled upon one such attack in progress and watched as it unfolded."
14240850
submission
SnugglesTheBear writes:
"A hacker claims to have cracked the Skype’s proprietary encryption protocols that protect the VoIP company’s intellectual property.
The Luxembourg IP telephony company has zealously guarded its protocol but a hacker going by the name of ‘Sean O’Neil’ claims that he’s broken through the protection. On his blog, he praised Skype’s protection and explained the difficulty involved in breaking it. “'For over 10 years, Skype enjoyed selling the world security by obscurity. We must admit, really good obscurity. I mean, really really good obscurity. So good that almost no one has been able to reverse engineer it out of the numerous Skype binaries. Those who could, didn’t dare to publish their code, as it most certainly looked scarier than Frankenstein.'"
Though most sites were taken down almost immediately, there is still a cache of the original post.
14054050
submission
SnugglesTheBear writes:
A new trojan has been spotted that acts as an antivirus update then utilizes the Windows input method editor (IME) to inject a system, technology that normally creates a means for users to enter characters not supported with their input device such as inputting Chinese characters etc. The fake IME file is really a DLL. The article details the steps the trojan takes.
13838030
submission
SnugglesTheBear writes:
"New research pours scorn on the comforting but erroneous belief that Windows surfers who avoid smut and wares on the web are likely to avoid exposure to malware.
A study by free anti-virus firm Avast found 99 infected legitimate domains for every infected adult web site. In the UK, Avast found that more infected domains contained the word "London" (such as the blog section of http://kensington-london-hotels.co.uk/ than the word "sex". Among the domains labelled as infected by Avast was the smart phones section of the Vodafone UK website. The mobile phone operator's site contained a malicious JavaScript redirect script that attempted to take advantage of an unpatched Windows Help and Support Centre flaw (CVE-2010-1885) to infect the machines of visiting surfers."
