by certifiedbug on July 28, 2006
in Security
Vitalsecurity.org
Friday, July 28, 2006
Posted by paperghost
Zango was targetting Myspace: The Proof
An anonymous tipoff (who claims they were an affiliate of Zango, but got fed up with them emailing him all the time) recently saw the whole “Zango on Myspace” thing and was surprised to see Zango claiming they have a “hands off” policy towards Myspace. From the InformationWeek article:
“Those two test accounts were actually created by one of our developers who was exploring possible opportunities, but he didn’t realize it was Zango business practice not to target MySpace,” said Stratz. “He should not have been doing this, and we want to tell MySpace that we didn’t mean to target them.” The developer, said Stratz, would soon be deleting the profiles.
Surprised, because he claimed they sent him what appeared to be a mass-mail shot from a Zango rep, showing all these fun ways to push Zango on Myspace.
Article
Edit:
TechWeb contacted Zango for their response.
Zango spokesman Corey Magnus acknowledged that “as the e-mail clearly indicates, we had at one point looked into opportunities” on MySpace. But Magnus again said it was Zango’s policy not to target the social site.
That may be true in the letter of the law, but not the spirit, countered Boyd,
TechWeb Article
by certifiedbug on July 28, 2006
in Security
securitypronews
David Utter | Staff Writer
2006-07-27
Zango Affiliate Still Luring MySpace Users
An affiliate who had been posting Zango content on MySpace against both companies’ terms of service has switched to using a new domain, despite Zango’s public claims that such activity would result in the termination of the affiliate account.
Article
by certifiedbug on July 28, 2006
in Security
SpywareGuide
Posted by Paperghost on July 26, 2006
Gambing Site Promoted by…Gambling Bots!
The irony here is that an online gambling website is being pushed by a profile promoting illegal bots - exactly the kind of program that the gambling site would not want being used on their system. Talk about conflict of interest! Of course, if you click the link to “Red Casino”, you won’t see any Bots - just a website asking you to install the gambling software:
Article
by certifiedbug on July 22, 2006
in Security
BBC News website
By Mark Ward Technology Correspondent
“This is a criminal act,” said Hemanshu Nigam, MySpace chief security officer. “This ad is being delivered by ad networks who distribute these ads to over a thousand sites across the Internet in addition to ours.”
“We are working to have these ad networks remove this ad so that they do not appear on our site,” he said.
Chris Boyd, director of Malware research at Facetime Security Labs, said sites such as MySpace and Orkut often felt like “gated communities” and made people feel more secure than they should.
Article here
by certifiedbug on July 21, 2006
in Security
Washington Post
Security Fix
Brian Krebs writes
Hacked Ad Seen on MySpace Served Spyware to a Million
An online banner advertisement that ran on MySpace.com and other sites over the past week used a Windows security flaw to infect more than a million users with spyware when people merely browsed the sites with unpatched versions of Windows, according to data collected by iDefense, a Verisign company.
Internet Explorer users who visited a Web page containing this ad and whose IE was not equipped with the WMF patch would not get that warning. Rather, their machines would silently download a Trojan horse program that installs junk software in the PurityScan/ClickSpring family of adware.
Microsoft Security Bulletin MS06-001
Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
Published: January 5, 2006
Six months later apprantly many have still not patched. 
by certifiedbug on July 17, 2006
in Security
blog.spywareguide.com
Posted on July 17, 2006
Paperghost writes:
Now, there is talk of an exploit that relies on redirects via Flash, meaning the hacker has complete control over your profile. You can see the ripples being made here on Digg - should be interesting to see if Myspace put out some kind of “official response” to this one as it’s really caught fire.
by certifiedbug on July 14, 2006
in Security
Online social networking site MySpace.com appears to have become a target of adware/spyware makers.
MySpaceBar Installed From DollarRevenue via Regifast!
13 July 2006
WebHelper writes:
MySpace again being used by yet another adware group called Regifast.com. While rechecking a Dollarrevenue bundled installer for the Regifast.com adware: content.dollarrevenue.com/regifast.exe, I found it not only bundles Deskwizz in its own install but also I got a surprise message: “Please, enter your MySpace account information”.
More information and screenshots.
Zango Adware found on MySpace
By Gregg Keizer, TechWeb
11 July 2006
itnews
After a security researcher said Monday that MySpace users were spreading adware through the social networking service to ring up ad fees from Zango, the marketing company admitted one of its own developers had set up the MySpace profiles.
Zango, however, said the developer was acting without approval and in ignorance of the company’s “hands-off” policy regarding MySpace.
Teenagers used to push Zango on Myspace?
Sunday, July 09, 2006
Vitalsecurity
Paperghost writes:
Well, I was rattling around Myspace the other day, and had the sudden urge to start searching for Adware companies.
by certifiedbug on June 7, 2006
in Security
McAfee Avert Labs Blog
Security and Children’s Web Sites
Tuesday May 30, 2006 at 3:48 pm CST
Posted by Jimmy Kuo
Late last year, I was asked in an interview where I thought the arena of online attacks would go. My response was to look at children-friendly sites and games like Neopets, MapleStory, and Runescape. Well, my prediction was not exactly correct. None of these sites have been hit by any automated or programmatic attacks, though each suffers from its own versions of social engineering attacks (more commonly referred to by kids as “scams�?). However, shortly thereafter, worms were released on both Myspace and Xanga
It’s always a good time to discuss computer security issues with your children. Here’s some thoughts to start:
