Microsoft MVP Sandi Hardmeier writes:
Mike Burgess was hopeful that Valueclick had cut ties with Winfixer.
Unfortunately I have definitive proof that this is NOT the case.
Article: http://msmvps.com/blogs/spywaresucks/archive/2007/05/31/935905.aspx
From the monthly archives:
May 2007
May 31, 2007 is the last day of full functionality for Customer Preview Program versions of Vista.
Redmond Report:
The OS will gradually shut itself down in stages, and do it in an unusual way: Starting Friday, a user can log on to the OS for two-hour sessions only. After two hours, the OS will automatically reboot, without offering a chance to save. That leaves a two-hour window to save work, transfer settings and so on to another OS. Any work not finished within that span will be lost when the machine reboots.
That cycle will last until Aug. 28, after which time the OS will shut down for good. Users of pre-release versions can upgrade to RTM versions of Vista, or do a clean install of earlier Windows versions, like XP. Vista pre-release does not offer a “roll-back” ability to return to an earlier OS.
The SPAMHAUS PROJECT- Spamhaus News.
http://www.spamhaus.org/news.lasso?article=611
On May 30, 2007 Robert Alan Soloway, one of the most persistent professional spammers, was indicted by a grand jury in Seattle, Washington, on charges that include fraud, money laundering, and identity theft. The indictment followed a years-long joint investigation by the Washington State Attorney General’s Office, the Federal Bureau of Investigation (FBI), the Federal Trade Commission (FTC), the Internal Revenue Service Department of Criminal Investigations (IRS-CI), and the U.S. Postal Inspection Service (USPIS).
Soloway has been a long term nuisance on the internet. He has been sending enormous amounts of spam for years, filling mailboxes and mail servers with unsolicited and unwanted junk email. In addition, he has fraudulently marketed his spam services to others as legitimate ‘opt-in’ services when they were anything but that, duping innocent users and then failing to provide promised customer support or refunds. Because Soloway spammed through hijacked computers and open proxies, he has repeatedly violated both the Computer Abuse and Fraud Act of 1984 and the CAN-SPAM law of 2003.
Soloway first appeared in the Spamhaus Block List (SBL) in 2001. In 2003, he was listed on Spamhaus’s Register of Known Spam Operations (ROKSO), a list of the world’s “worst of the worst” criminal spammers. Spamhaus spamtraps continued to receive spam solicitations from Soloway advertising his services through the weekend before today’s indictment.
Soloway’s violations of the U.S. CAN-SPAM law and various state anti-spam laws resulted in his being sued successfully by a number of plaintiffs, including Microsoft Corporation and Robert Braver, owner of an Oklahoma-based ISP. Both Microsoft and Braver received damage awards of millions of dollars. Soloway never paid these awards, claiming that he lived off of the proceeds of a family trust and was therefore “judgement-proof.” In September 2005 in Oklahoma City, after Soloway had fired his lawyers and then failed to appear to represent himself in court, U.S. District Judge Ralph G. Thompson issued a permanent injunction against Soloway, forbidding him to continue sending spam that violated the CAN-SPAM act. Soloway ignored this injunction as well and continued to spam.
Today, Soloway was arrested and brought before the U.S. District Court in Seattle, Washington, where he was indicted on multiple counts of money laundering, wire fraud, mail fraud, and identity theft by a federal grand jury. If convicted of all charges, he could theoretically face up to 65 years in prison. Although his custodial sentence if convicted is likely to be substantially less than 65 years, he nonetheless faces a significant stay in the U.S. federal penitentiary system.
Spamhaus commends the Seattle FBI and U.S. Attorney for ensuring that the indictment contains both spam-related and non-spam-related counts, and on preparing an indictment which shows so clearly the profile of the typical spammer’s activities, such as fraud, identity theft, and other online deception. Spamhaus recognises that a successful prosecution requires careful preparation which inevitably takes longer than the victims of the crime wish. Careful preparation is essential in cases involving CAN-SPAM violations, since the CAN-SPAM Act does not yet have extensive case-law to support it.
Spamhaus is also pleased to note that Soloway’s arrest warrant recognizes that he is a serious flight risk, in light of his history of bragging that he is judgement-proof and able to move quickly to avoid prosecution.
Soloway’s ROKSO records provide a detailed picture of his spam operation, including evidence of Soloway hiring virus authors to create networks of spam zombies. Although Soloway’s public behavior has been more egregious than many spammers, his spam-related activities are similar to those of many of the world’s top spammers. Spamhaus hopes that his prosecution proves to be the first of many such prosecutions.
Ars Technica
Ken Fisher writes:
Apple embeds your account information in all songs sold on the store, not just DRM-free songs. Previously it wasn’t much of a big deal, since no one could imagine users sharing encrypted, DRMed content. But now that DRM-free music from Apple is on the loose, the hidden data is more significant since it could theoretically be used to trace shared tunes back to the original owner. It must also be kept in mind that this kind of information could be spoofed.
Windows Vista Team Blog.
Today our Windows Live team is releasing new betas for several Windows Live applications: Windows Live Messenger 8.5, Windows Live Mail and Windows Live Writer. All three are now available for download.
From Admininstrator account, open Firefox > Help > Check for Updates.
Other option:
Download v1.5.0.12: http://www.mozilla.com/en-US/firefox/all-older.html
All users are strongly encouraged to upgrade to Firefox 2.
Download v2.0.0.4: http://www.mozilla.com/en-US/firefox/all.html
Known Vulnerabilities in Mozilla Products
Brian Krebs, The Washington Post. “A New Vector For Hackers — Firefox Add-Ons”
Microsoft TechNet. May 22, 2007
Security Advisory
The update addresses the following issue:
Your system may appear to become unresponsive when Windows Update or Microsoft Update is scanning for updates that use Windows installer, and you may notice that the CPU usage for the svchost process is showing 100%.
When you try to install an update from Windows Update or from Microsoft Update, you experience the following symptoms:
- Your system may appear to become unresponsive when Windows Update or Microsoft Update is scanning for updates that use Windows Installer.
- You receive an access violation error in svchost.exe. This access violation stops the Server service and the Workstation service.
- A memory leak occurs when Windows Update or Microsoft Update is scanning for updates that use Windows Installer.
- Windows Update or Microsoft Update scans take a very long time, sometimes hours, to complete.
For more information: Microsoft Knowledge Base Article 927891.
Google Online Security Blog
Monday, May 21, 2007
Online security is an important topic for Google, our users, and anyone who uses the Internet. The related issues are complex and dynamic and we’ve been looking for a way to foster discussion on the topic and keep users informed. Thus, we’ve started this blog where we hope to periodically provide updates on recent trends, interesting findings, and efforts related to online security. Among the issues we’ll tackle is malware, which is the subject of our inaugural post.
http://googleonlinesecurity.blogspot.com/2007/05/introducing-googles-anti-malware.html
Spyware Still Cheating Merchants and Legitimate Affiliates
Spyware vendors are trying to clean up their images. For example, Zango settled a FTC investigation, then last week sued PC Tools for detecting and removing Zango software. Meanwhile, Integrated Search Technologies (makers of a variety of software previously widely installed without consent) introduced a new “Vomba” client that even received “provisional” TRUSTe Trusted Download certification.But these programs’ core designs are unchanged: They still track user behavior, still send browsing to their central servers, and still show pop-up ads — behaviors users rightly disfavor due to serious effects on privacy and productivity.
{ 0 comments }
Opera Torrent File Handling Buffer Overflow Vulnerability.
Advisory: Malicious torrent files can execute arbitrary code in Opera
Severity: Highly critical
Opera Software has released Opera 9.21 with a fix for this vulnerability.
