[SecurityRatty] tag: windows-like

Microsoft seeds WSUS with Windows 7 Client

Wed, 20 Aug 2008 09:00:00 +0000

Microsoft adds a reference to Windows 7 Client, its upcoming replacement to Vista, in the product selection screen of Windows Server Update Services, which lets companies feed security updates to their machines.

Mac, Windows clipboards poisoned by URL attacks

Tue, 19 Aug 2008 09:00:00 +0000

In what a security researcher called a cunning attack, infected Web ads are poisoning Mac and Windows users' clipboards with URLs designed to trick people into visiting sites touting bogus security software.

A Diverse Portfolio of Fake Security Software - Part Two

Mon, 18 Aug 2008 21:51:48 +0000

With scammers continuing to introduce new typosquatted domains promoting well known brands of rogue security software that is most often found at the far end of a malware campaign, exposing yet another diverse portfolio of last week's introduced domains is what follows.

Naturally, in between taking advantage of the usual hosting services, most of the domains remain parked at the same IPs, this centralization makes it easier to locate them all, then having to go through several misconfigured malicious doorways that will anyway expose the portfolio.

antivirus2008t-pro .com - (91.203.92.64; 78.157.142.7)
antivirus2008pro-download1 .com
antivirus2008pro-download2 .com
scanner.antivir64 .com
antivirus2008t-pro .com
antivirus-2008y-pro .com

systemscanner2009 .com - (89.18.189.44; 208.88.53.114)
xpdownloadserver .com
global-advers .com
xpantivirus .com
updatesantivirus .com
windows-scannernv .com

ratemyblog1 .com - 208.88.53.114
windows-scanner2009 .com
systemscanner2009 .com
antivirus-database .com
antivirus2009professional .com
antivirus-2009pro .com
antivirus2009-scanner .com
global-advers .com
drivemedirect .com
windows-scannernv .com

webscweb-scannerfree .com - (58.65.238.106; 208.88.53.180)
freebmwx3 .com
mytube4 .com
beginner2009 .com
webscweb-scannerfree .com
antivirus2009-software .com
antivirus-database .com
purchase-anti .com

onlinescannerxp .com
virus-onlinescanner .com
spywareonlinescanner .com
xponlinescanner .com
virus-securityscanner .com
virus-securityscanner .com
webscannerfreever .com
blazervips .com
global-advers .com
xpantivirus .com
drivemedirect .com
windows-scannernv .com

mytube4 .com - 58.65.238.106
beginner2009 .com
webscweb-scannerfree .com
securityscannerfree .com
xpcleaner-online .com
streamhotvideo .com
xpcleanerpro .com
onlinescannerxp .com
online-xpcleaner .com
antispyguard-scanner .com
virus-onlinescanner .com
microsoft.browsersecuritycenter .com
fastupdateserver .com
blazervips .com
xpantivirus .com
drivemedirect .com
fastwebway .com
xpantivirussecurity .com
wordpress.firm .in
megacodec .biz
mcprivate .biz

internet-defense2009 .com - 84.16.252.73
myfreespace3 .com
greatvideo3 .com
internet-defense2009 .com
windows-defense .com
3gigabytes .com
teledisons .com
updatesantivirus .com
update-direct .com
xp-protectsoft .com

top-pc-scanner .com - (91.203.92.50; 92.62.101.43)
nortonsoft .com - (91.186.11.5)
powerantivirus-2009 .com - (91.208.0.233)
powerantivirus2009 .com - (91.208.0.233)
pwrantivirus .com - (91.208.0.231)
xp-guard .com - (92.62.101.35)
xpertantivirus .com - (91.208.0.230)
internetscanner2009 .com - (89.149.229.168)

Where's the business model here? Where it's always been, upon installation of the rogue security software, the malware campaigner earns up to 40% revenue from the rogue security software's vendor.

Related posts:
Localized Fake Security Software
Diverse Portfolio of Fake Security Software
Got Your XPShield Up and Running?
Fake PestPatrol Security Software
RBN's Fake Security Software
Lazy Summer Days at UkrTeleGroup Ltd

Aussie security company set to be bought by Symantec

Mon, 18 Aug 2008 20:00:00 +0000

Symantec has announced it has signed an agreement to acquire Australian security vendor PC Tools. The privately held PC Tools, which is headquartered in Sydney, has risen to global prominence since hitting the world stage in 2003 with its security and privacy products for Windows-based PCs.

Mac, Windows clipboards poisoned by URL attacks

Mon, 18 Aug 2008 20:00:00 +0000

Infected Web ads are poisoning Mac and Windows users' clipboards with URLs, researchers said Tuesday, in a "very cunning" attack designed to trick people into visiting sites touting bogus security software.

Microsoft Puts Out 11 Fixes, Pulls Another

Mon, 18 Aug 2008 03:30:35 +0000

Microsoft released its largest batch of security fixes since February 2007: 11 software updates designed to plug 26 holes in Windows, Office and other products.

Zero-day Microsoft Windows NSlookup.exe Vulnerability Exploited In The Wild

Fri, 15 Aug 2008 19:07:46 +0000

According to SecurityFocus, a new public zero-day Windows vulnerability is being exploited in the wild. Microsoft Windows is prone to a remote code-execution vulnerability due to an unspecified error in ‘NSlookup.exe’. Successfully exploiting this issue would allow the attacker to execute arbitrary code on an affected computer. Failed attacks will cause denial-of-service conditions. Microsoft Windows [...]

Follow Windows 7 Engineering

Thu, 14 Aug 2008 16:54:49 +0000

Seeking to promote "an open and honest, and two-way, discussion about how we balance all of these interests and deliver software on the scale of Windows," Microsoft has launched the Engineering Windows 7 blog, hosted by two senior Microsoft stars, Jon DeVaan and Steven Sinofsky. A two-way discussion probably doesn't mean they are taking orders for features, but they will listen to concerns of the technical community and respond to them publicly. They specifically ask for topic suggestions (I've already sent one in). Not too many years ago this sort of thing was unthinkable at Microsoft, but it's been moving steadily in this direction.

Security is bigger than finding and fixing bugs

Thu, 14 Aug 2008 16:09:00 +0000

I’ve been catching up on various security-related articles that I’ve been meaning to read, and the following article was on the list http://www.itnews.com.au/News/73635,google-shares-its-security-secrets.aspx about Google’s “security secrets.”

Quoting from the article:

“In order to keep its products safe, Google has adopted a philosophy of 'security as a cultural value'. The programme includes mandatory security training for developers, a set of in-house security libraries, and code reviews both by Google developers and outside security researchers."

I think it is great that Google has a security program they are willing to talk about and I could not agree more with the ‘security as a cultural value’ philosophy. But isn’t there something really fundamental missing here? Design? There is a lot more to software engineering other than coding and testing.

The SDL has a very large set of implementation-related requirements, but there are many design-related requirements also.

Computer security experts have known since the early 1970s that you have to get the design right; and our experiences with the SDL over the last 5 years have taught us that you need to consider security and privacy (but remember, you have to ship too!) very early in the design phase and have a consistent end-to-end process if you truly hope to reduce vulnerabilities and create more secure software. This is how the SDL is helping to create ‘security as a cultural value’ at Microsoft.

We’ve seen a general trend downward in security vulnerabilities in Microsoft products, and the IBM X-Force 2008 mid-year report backs the assertion that we’re making progress; according to the report Microsoft’s share of total vulnerabilities decreased from 3.7% in 2007 (1st place) to 2.5% (that’s 2.5% for all Microsoft products; a more appropriate comparison might be Windows vs Linux vs Mac OSX, or SQL Server vs Oracle vs DB2) in the first 6 months of 2008 (3rd place.) This is an encouraging signal that the SDL is working on a large scale… of course, it might also show that vulnerability researchers are moving to easier targets, which, to me shows the SDL is working too.

What do you think?

Hotmail users need to read this ASAP

Tue, 12 Aug 2008 21:14:31 +0000

Read this post and dont fall for it folks.

clipped from www.nirmaltv.com

Windows Live Hotmail Accounts Phishing Scam- Users Beware

A new phishing scam on Windows Live Hotmail Account is in progress and all users are warned by Microsoft not to respond to this mail. The phishing mail sent from @hotmail says that its from Hotmail team and asks users to verify the Hotmail account. Microsoft says that this phishing scam is intended to hijack accounts. Emails with the subject “Hotmail Warning (Verify Your Hotmail Account Now to Avoid it Closed)” are not generated by Microsoft, and are just designed to fool unsuspecting users into handing over their sensitive data to attackers.