SPAM is a huge money earning business, both for the companies using it to sell products, and the companies selling products to stop it.

One of the worries of the spammer is getting caught and being prosecuted. This has been made more of a problem by new laws in many parts of the world outlawing unsolicited commercial email, though this doesn’t just relate to normal spammers, virus writers and phishing scammers use the same techniques to avoid the authorities and they are even more invasive and illegal activities.

In an effort to continue their nefarious activities, while lessoning the risks, the spammers are starting to merge or make deals with proponents of other, even worse online activities, such as cracking and virus writing. The latest trend is to use a world wide network of hacked or virus infected PC’s most of which are running one of the many recent Windows virus’s that installs a back-door into the PC (unbeknownst to their owners) to host websites that are nearly untraceable by conventional means.

Read the rest of this entry »

According to recent research by the Internet Storm Cente, if you buy a flash new computer with Windows XP, take it home, plug it in and connect to the net, you have 20 minutes before it is compromised by malicious code. The malicious code in question is usually a virus like mydoom, sasser or bagle, some of which require no user help at all to infect a PC, just being connected to the net is enough to start the process.

Twenty minutes is not long enough to even begin the process of installing all the Windows updates required to give you some degree of protection, and many people who have just bought a new PC don’t even know that they should run windows update in the first place.

So what is a hapless user to do? Well the first thing is to turn on the ICS firewall. (something that the XP Service Pack 2 now does for you, but that makes no difference to people that don’t yet have SP2.)

You can read more about the problem at isc.sans.org and you can read their “Windows XP, surviving the first day” article here (PDF).

Regards

Franki

Well, that didn’t take long did it? The first bug in IE that has come out after SP2, and that Service Pack 2 for Windows XP doesn’t fix has been found.

Secunia.com has found a new “highly critical” flaw in Internet Explorers “drag and drop” system that allows a malicious site to put an executable file onto the users file system, or as they put it:

“The vulnerability is caused due to insufficient validation of drag and drop events issued from the “Internet” zone to local resources. This can be exploited by a malicious website to e.g. plant an arbitrary executable file in a user’s startup folder, which will get executed the next time Windows starts up.
http-equiv has posted a PoC (Proof of Concept), which plants a program in the startup directory when a user drags a program masqueraded as an image.”

Read the rest of this entry »

Folks in encryption circles are probably a bit nervous with the news that MD5, SHA-0 and possibly also SHA-1 hashing algorithms have been found “crackable”. These algorithms are used for among other reasons, “signing” data or files. If the file or the data changes even a tiny bit, it no longer matches the hash and as a result you can find out when the file or data has been tampered with.

SHA-1 is considered a high end algorithm, even used in SSL connections, so the ramifications of it failing are fairly extreme. Time for the boffins to come up with something stronger. Since cracking algorithms requires lots of horsepower, one of the downsides of our ever increasing computer speed, is that breaking the algorithms becomes within reach of fairly lowtech low cost hardware. So as CPU horsepower increases, so does the need for new stronger encryption technologies.

Read the rest of this entry »

Yet another security flaw has been found in Internet Explorer (versions 5.01, 5.5 and 6). Gee, what a surprise. 🙂

This flaw is related to Phishing, which is the art of replacing the contents of a “trusted” web page with content from an untrusted source, and doing it without changing the address bar URL to reflect the new content source.

This sort of thing is used to trick people into thinking they are logging into their online banking site (for example), when instead they are handing their username and password to some nasty souls who will use it to put all your money into their pockets.

You can read about it here: Secunia. Secunia have also released a demo of the flaw that you can try here.

Read the rest of this entry »

For those of you considering upgrading to XP service pack 2, you should read this page first:
Ms knowledge base

There is a list of some of the applications that will break when you install SP2. From the look of it though, it’s not a comprehensive list, so before loading it on I’d be firing up Google and searching for the application name with “SP2” and see what comes up.

If you have a firewall, and don’t use IE/OE/Outlook, then your probably OK to wait for a while and see what people are reporting as problems with the install. I’ve seen about a dozen sites so far talking about SP2 problems, so I’m waiting till I know more before moving everyone over. (many of my clients are using XP.)
Read the rest of this entry »

Today as I was quickly scanning the 300 SPAM messages my filters had caught this morning looking for false positives, I came across a blatant child porn SPAM email.
I’ve never actually received one before, and I wanted to report it. From what I’ve been able to gather, you can’t really report the email, you have to report the site that is in it. OK, so I clicked the link. The site that came up was the most depraved disgusting thing I’ve ever seen, and having used the Internet for many many years, I’ve seen allot.

OK, so I now know that this is a legitimate illegal kiddie porn site, so what do I do now? My first step was to fire up Google and do a search for “reporting child pornography” which came back with dozens of links, none of which looked at all official. I did a whois on the IP of the hosting site and found it is located in Taiwan, which led to another question, is it illegal there? If so, where do I report it in Taiwan? Or do I report it in Australia or the US? Where in Australia or the US do I report it?

Read the rest of this entry »