Press release
In a precedent-setting case for the Internet security industry, the 9th U.S. Circuit Court of Appeals ruled last week that Kaspersky Lab is entitled to immunity under the safe harbor provision of the Communications Decency Act from a suit claiming that its software interfered with the use of downloadable programs by customers of Zango.
The court ruled that Kaspersky Lab, which classified online media company Zango’s software as malware and “protected” users from it accordingly, could not be held liable for any actions it took to manufacture and distribute the technical means to restrict Zango software’s access to others, as Kaspersky Lab deemed it “objectionable material.”
Zango sued Kaspersky Lab to force the company to reclassify Zango’s programs as nonthreatening and to prevent Kaspersky Lab’s security software from blocking Zango’s potentially undesirable programs. In a landmark ruling for the anti-malware industry, the 9th U.S. Circuit Court of Appeals affirmed a lower court ruling that Kaspersky Lab is a provider of an “interactive computer service” as defined in the Communications Decency Act of 1996.
The court decision stated: “Kaspersky contends that Zango’s software is adware, and possibly spyware. Spyware, which is often installed on a computer without the user’s knowledge or consent, covertly monitors the user’s activities and exposes the user to the risk that his or her passwords and confidential information may be stolen… As its software qualifies, Kaspersky is entitled to Good Samaritan immunity.”
http://certifiedbug.com/blog/tag/zango/
Tags:
Zango
by certifiedbug on June 27, 2009
in Microsoft
Windows 7 is coming on October 22, 2009. Pre-order a Windows 7 Home Premium Upgrade for $49** or a Windows 7 Professional Upgrade for $99.** through participating retailers and save money.
Links here
The offer begins on June 26, 2009 and will continue while supplies last, or until July 11, 2009, whichever comes first.
Retailer pricing and conditions may vary.
Windows 7 system requirements page.
Tags:
Windows 7
by certifiedbug on June 18, 2009
in Microsoft
FireEye Malware Intelligence Lab
Atif Mushtaq “Killing the beast…Part I” kicks off the first in a series of articles about the Pushdo, Xarvester, Rustock, Koobface and Ozdok botnets.
Tags:
Botnet-
Malware-
Spam
Spammer Beatrice registered to comment my blog 13 times in a row urging a purchase of Orbasoft Antispyware.
Spammer is Alda123 here Stop Forum Spam and here http://www.botscout.com/ipcheck.htm?ip=59.98.206.238
Examples,
Orbasoft Antispyware was the answer to my computer bug problems and it was certainly worth every penny I spent to have this great antispyware to protect my PC. Not only does it work great but it cost less than many of the other scans available.
When you are searching for antispyware there is one that you can always depend on, it’s called Orbasoft Antispyware. The antispyware solution from Orbasoft can provide you with a scan that can find and clear your computer of all the same bugs that the more expensive scans can a much lower price. You can’t beat that, keep your computer running great for less. Visit their site at…
etc
I tried the free trial version on a virtual machine.
The first update did not complete. The second attempt was successful, ran a scan. Both the short and the long one produced the same results.
Any security program can and does produce false positives but this program flagged way too many items as “threats”.
Meanwhile AntiVir detected a bad file I had saved.
Web Of Trust (WOT) scorecard: http://www.mywot.com/en/scorecard/orbasoft.com
Comments at Site Advisor. http://www.siteadvisor.com/sites/orbasoft.com/
Bottom line, no spam please.
Tags:
Anti-Spyware-
Internet Security-
Spam
by certifiedbug on June 12, 2009
in Browser
Fixed in Firefox 3.0.11
Four Critical One High Two Moderate Two Low
MFSA 2009-32 JavaScript chrome privilege escalation
MFSA 2009-31 XUL scripts bypass content-policy checks
MFSA 2009-30 Incorrect principal set for file: resources loaded via location bar
MFSA 2009-29 Arbitrary code execution using event listeners attached to an element whose owner document is null
MFSA 2009-28 Race condition while accessing the private data of a NPObject JS wrapper class object
MFSA 2009-27 SSL tampering via non-200 responses to proxy CONNECT requests
MFSA 2009-26 Arbitrary domain cookie access by local file: resources
MFSA 2009-25 URL spoofing with invalid unicode characters
MFSA 2009-24 Crashes with evidence of memory corruption (rv:1.9.0.11)
Firefox v3.0.11 Download
Tags:
Internet Security-
Vulnerability
by certifiedbug on June 9, 2009
in News
Unknown hackers targeting a zero-day vulnerability in a virtualization application called HyperVM made by LXLabs were able to gain root access at UK-based Vaserv.com Sunday evening destroying data for as many as 100,000 websites.
Half of Vaserv’s customers signed up for unmanaged service, which doesn’t include data backup.
Log updates from Vaserv technicians as they worked to recover the lost data.
We have worked tirelessly through the night and over the last 48 hours to recover as many VPS as possible. However, we have now reached the end of all of our servers, and as such, if your server is not currently up, or not partly up (i.e. it is up but not working due to a configuration issue) then it is unfortunate that you will have lost your data due to this third party attack.
http://www.vaserv.com/index
The Register
http://www.theregister.co.uk/2009/06/08/webhost_attack/
The Times Of India
http://timesofindia.indiatimes.com/Bangalore/Techie-hangs-himself-in-HSR-Layout-/articleshow/4633101.cms
Web Hosting Talk
fsckvps thread, 125 pages to date.
Tags:
Hack-
Internet Security-
Vulnerability
Eset Knowledgebase
A fix for affected systems has been released as an update module. The updated module will be downloaded automatically when a virus signature database update occurs in ESET Smart Security and ESET NOD32 Antivirus.
After the update is downloaded, the entry for the Anti-Stealth module in the About window for ESET Smart Security and ESET NOD32 Antivirus 4.0 will appear as Anti-Stealth support module: 1012 (20090526). The update is also installed if your Anti-Stealth module has a newer version or release date.
Certifiedbug May 28, 2009.
Eset to Windows Vista and Windows Server 2008 SP2 end users, downgrade to Nod32 version3
Tags:
Service Packs-
Software
Spam has been back to pre-McColo levels for some time and increasing.
May 2009 MessageLabs Intelligence Report (PDF)
Report Highlights
• Spam – 90.4% in May (an increase of 5.1% since April)
• Viruses – One in 317.8 emails in May contained malware (a decrease of 0.01% since April)
• Phishing – One in 279.0 emails comprised a phishing attack (an increase of 0.11% since April)
• Malicious websites – 1,149 new sites blocked per day (a decrease of 67.7% since April)
• Spammers continue to abuse reputable domains and web-based malware more likely to be found on older domains
• Geographic location determines at what time of day you receive spam
• “Russian” spam squarely rooted in Cutwail botnet
jepyakut.cn, a domain created on 2009-06-02, has been spamming my own mailbox from different locations such as an Internet Cafe in Beijing.
The hidden links revealed by hovering a mouse over them without clicking, led to directpills, aka Canadian Pharmacy.
The 10 Worst ROKSO Spammers
#1 Canadian Pharmacy
Country: United States.
A long time running pharmacy spam operation. Uses botnet spam techniques to send tens-of-millions of spams per day. Probably uses many affiliates all over the world to spam but is probably based in Eastern Europe and hosts sites on botnets and on Chines (sic)
http://certifiedbug.com/blog/tag/spam/
Tags:
Botnet-
Spam
