Virus writers have once again gotten the drop on anti-virus vendors and IT administrators with a new technique—virus-laden .rar attachments—that's finding early and considerable success.
Virus writers have once again gotten the drop on anti-virus vendors and IT administrators with a new technique thats finding early and considerable success.
Late last month, administrators and service providers began seeing virus-infected messages with a new type of attachment hitting their mail servers: an .rar archive. .Rar files are similar to .zip files in that they are containers used to hold one or more compressed files. The .rar format is not as widely known as .zip, but it is used for a number of tasks, including compressing very large files, such as music and video.
The emergence of .rar-packed viruses highlights the lengths to which virus writers are willing to go to evade anti-virus systems, as well as the limitations of those traditional signature-based defenses.
Experts say .rar files carrying viruses have been sailing past commercial anti-virus products and finding their way into the mailboxes of users, who are often unfamiliar with the file format. Administrators who have seen .rar-packed malware say that none of the messages have been stopped by their anti-virus defenses.
Saturday, November 29, 2008
Why Are Virus Attacks Getting Worse?
Why have we seen so many new virus attacks in recent weeks? I believe it's because there has been little effort made by law enforcement officials to find or stop the virus authors. Maybe there is more effort coming from law enforcement than I'm observing—but if that's true, what they're doing is incredibly inefficient, and it's helping to give the green light to every black-hat coder out there. Script kiddies have gone berserk, seeing that nobody is being caught or prosecuted, and they form a unique smokescreen for the more talented culprits. The scariest aspect is that these viruses and the tricks being used to infect machines are outstandingly efficient and of high quality.
To be honest—and I know this is adding to the problem—you have to feel some admiration for the latest series of attacks. PC Magazine has covered them all in detail recently in a series written by Jay Munro and others. But what hasn't been addressed is now more important than ever: the sociology of attacks. I'm amazed by the creative and tricky ways these viruses are being planted, and how the hapless user is tricked into clicking on dopey attachments when he or she absolutely should not do so. While creative virus coders could easily devise ways to simply run code in a preview window, which would initiate problems automatically, they instead sucker the poor user into clicking on something.
Two things that are at work here concern me. First, the top black hats have not seriously exploited the Microsoft Outlook preview window (which can execute code). This means they are likely saving that trick for the BIG ONE. That threat is the reason I do not use Outlook, by the way.
The second thing that concerns me is the never-ending evolution of social engineering. The best example I've seen to date is the bogus message that appears to come from the e-mail administrator of the domain you use for your e-mail. In one funny example, I recently got a memo from the mail administrator at dvorak.org. Since I'm the only person at dvorak.org, I was surprised to find I suddenly had an e-mail administrator as part of the team! I got several of these messages, telling me about various problems with my account and how I had to fix them. There was an attachment with them, which I was instructed to click on to get details. While this was laughable for me, I could imagine some new employee at General Electric or Procter and Gamble sitting at his or her desk, worried sick about getting off probation, and seeing this memo come from administrator@GE.com, or whatever.
Virus coders, if nothing else, have unique senses of humor. I found the administrator ruse to be very creative. As an aside, I want to scold Microsoft for making all file extensions disappear by default. This makes the virus coders' jobs much easier. So much for Microsoft's "security orientation." The only reason that Microsoft made hiding file extensions a default practice is because the files look more Mac-like that way. End of scolding.
So who are the virus authors? We can surmise that many of the recent attacks seem to be coming from within the United States or from a coder who speaks fluent English. I say this because we are not seeing the typical butchered English that accompanies viruses. You know, such as "Hi friend from home. Me make good game for you to tell me look at. Ok boss?" Or "Hi my girlfriend pretty VS Playmate. Tell me wat yu think." Instead, now we get: "Our main mailing server will be temporarily unavailable for the next two days. To continue receiving mail you have to configure our free auto-forwarding service. For more information see the attached file." That's one of the trick messages I got from the "Management of the dvorak.org team," with a spoofed header that said administration@dvorak.org. Wow! What a difference between that and VS Playmate.
The creative tricks from the virus authors are just going to get worse. To be honest, I don't blame anyone for getting suckered. With hundreds of millions of PCs on the Net and perhaps one percent of the users (at most) computer-savvy, the virus problem is going to get worse before it gets better. My concept of licensing users looks better all the time.
So while the law enforcement agencies and the courts go after music downloaders, the malicious code attacks continue unabated. And with each attack, the problem worsens. Between this load on the Net and the spam problem, it's a miracle that the Internet can run at all. How nice it would be if the overhead created by this nonsense would abate.
Source: PCMag
To be honest—and I know this is adding to the problem—you have to feel some admiration for the latest series of attacks. PC Magazine has covered them all in detail recently in a series written by Jay Munro and others. But what hasn't been addressed is now more important than ever: the sociology of attacks. I'm amazed by the creative and tricky ways these viruses are being planted, and how the hapless user is tricked into clicking on dopey attachments when he or she absolutely should not do so. While creative virus coders could easily devise ways to simply run code in a preview window, which would initiate problems automatically, they instead sucker the poor user into clicking on something.
Two things that are at work here concern me. First, the top black hats have not seriously exploited the Microsoft Outlook preview window (which can execute code). This means they are likely saving that trick for the BIG ONE. That threat is the reason I do not use Outlook, by the way.
The second thing that concerns me is the never-ending evolution of social engineering. The best example I've seen to date is the bogus message that appears to come from the e-mail administrator of the domain you use for your e-mail. In one funny example, I recently got a memo from the mail administrator at dvorak.org. Since I'm the only person at dvorak.org, I was surprised to find I suddenly had an e-mail administrator as part of the team! I got several of these messages, telling me about various problems with my account and how I had to fix them. There was an attachment with them, which I was instructed to click on to get details. While this was laughable for me, I could imagine some new employee at General Electric or Procter and Gamble sitting at his or her desk, worried sick about getting off probation, and seeing this memo come from administrator@GE.com, or whatever.
Virus coders, if nothing else, have unique senses of humor. I found the administrator ruse to be very creative. As an aside, I want to scold Microsoft for making all file extensions disappear by default. This makes the virus coders' jobs much easier. So much for Microsoft's "security orientation." The only reason that Microsoft made hiding file extensions a default practice is because the files look more Mac-like that way. End of scolding.
So who are the virus authors? We can surmise that many of the recent attacks seem to be coming from within the United States or from a coder who speaks fluent English. I say this because we are not seeing the typical butchered English that accompanies viruses. You know, such as "Hi friend from home. Me make good game for you to tell me look at. Ok boss?" Or "Hi my girlfriend pretty VS Playmate. Tell me wat yu think." Instead, now we get: "Our main mailing server will be temporarily unavailable for the next two days. To continue receiving mail you have to configure our free auto-forwarding service. For more information see the attached file." That's one of the trick messages I got from the "Management of the dvorak.org team," with a spoofed header that said administration@dvorak.org. Wow! What a difference between that and VS Playmate.
The creative tricks from the virus authors are just going to get worse. To be honest, I don't blame anyone for getting suckered. With hundreds of millions of PCs on the Net and perhaps one percent of the users (at most) computer-savvy, the virus problem is going to get worse before it gets better. My concept of licensing users looks better all the time.
So while the law enforcement agencies and the courts go after music downloaders, the malicious code attacks continue unabated. And with each attack, the problem worsens. Between this load on the Net and the spam problem, it's a miracle that the Internet can run at all. How nice it would be if the overhead created by this nonsense would abate.
Source: PCMag
Monday, November 3, 2008
Saturday, November 1, 2008
Spyware Removal
Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
While the term spyware suggests software that secretly monitors the user's behavior, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habit, sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software, redirecting Web browser activity, accessing websites blindly that will cause more harmful viruses, or diverting advertising revenue to a third party. Spyware can even change computer settings, resulting in slow connection speeds, different home pages, and loss of Internet or other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is captured under the term privacy-invasive software.
In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element of computer security best practices for Microsoft Windows desktop computers. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer.
While the term spyware suggests software that secretly monitors the user's behavior, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habit, sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software, redirecting Web browser activity, accessing websites blindly that will cause more harmful viruses, or diverting advertising revenue to a third party. Spyware can even change computer settings, resulting in slow connection speeds, different home pages, and loss of Internet or other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is captured under the term privacy-invasive software.
In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element of computer security best practices for Microsoft Windows desktop computers. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer.
Software FrameWork
A software framework, in computer programming, is an abstraction in which common code providing generic functionality can be selectively overridden or specialized by user code providing specific functionality.
Frameworks are similar to software libraries in that they are reuseable abstractions of code wrapped in a well-defined API. Unlike libraries, however, the overall program's flow of control is not dictated by the caller, but by the framework. This inversion of control is the distinguishing feature of software frameworks.[1]
Frameworks are similar to software libraries in that they are reuseable abstractions of code wrapped in a well-defined API. Unlike libraries, however, the overall program's flow of control is not dictated by the caller, but by the framework. This inversion of control is the distinguishing feature of software frameworks.[1]
Saturday, October 25, 2008
How to Launch a Software Application or Upgrade
How to Launch a Software Application or Upgrade
When announcing a new version of an application it is important that you convey some key items to potential users. The following is a suggested format for new product announcements.
When you announce a new product include:
1. Product Name and Version
Include the product name and version number in the announcement.
2. Description
Include a product description. A big mistake that developers often make is that they neglect to state what the software does, and simply provide the software's technical details. Developers should provide a simple one line description of the software's purpose.
3. Discuss Changes
Include a one line overview of major product changes. Discuss how the features in the new version will benefit existing users.
4. Release Notes
Provide a link to a list of release notes that detail all of the software version changes. The release notes commonly include beta version progressions, which shows the software was thoroughly tested prior to it's release.
5. Link
Provide a link to the new version product information.
6. Screen Shots
Provide links to the new screen shots. The screen shots should not just be "attractive" graphics, the user should get an idea of functionality from the software screen shots.
7. What's New
Create a brief "what's new" overview, from a benefits perspective.
7. Detailed Benefits
A paragraph detailing what the product is used for. The paragraph should expand on the basic description and include a mention of key features and functions. Include a high level overview detailing product features.
8. Download Link
Include a link to download the trial version.
9. Upgrade Details
Provide details, fees and instructions for upgrading along with any complications that upgraders can anticipate. Include a link for existing users to purchase the upgrade, along with any discount information for users interested in upgrading within a specific time period.
10. Cost
Include summary of fees to purchase the software. If any time limited discounts are being offered to promote the release, be sure to include a coupon code and the sale details.
11. Press
Include a link to the press release announcing the new version.
You might find it helpful to create a web page that details the announcement and contains all of the above information in a single location.
When announcing a new version of an application it is important that you convey some key items to potential users. The following is a suggested format for new product announcements.
When you announce a new product include:
1. Product Name and Version
Include the product name and version number in the announcement.
2. Description
Include a product description. A big mistake that developers often make is that they neglect to state what the software does, and simply provide the software's technical details. Developers should provide a simple one line description of the software's purpose.
3. Discuss Changes
Include a one line overview of major product changes. Discuss how the features in the new version will benefit existing users.
4. Release Notes
Provide a link to a list of release notes that detail all of the software version changes. The release notes commonly include beta version progressions, which shows the software was thoroughly tested prior to it's release.
5. Link
Provide a link to the new version product information.
6. Screen Shots
Provide links to the new screen shots. The screen shots should not just be "attractive" graphics, the user should get an idea of functionality from the software screen shots.
7. What's New
Create a brief "what's new" overview, from a benefits perspective.
7. Detailed Benefits
A paragraph detailing what the product is used for. The paragraph should expand on the basic description and include a mention of key features and functions. Include a high level overview detailing product features.
8. Download Link
Include a link to download the trial version.
9. Upgrade Details
Provide details, fees and instructions for upgrading along with any complications that upgraders can anticipate. Include a link for existing users to purchase the upgrade, along with any discount information for users interested in upgrading within a specific time period.
10. Cost
Include summary of fees to purchase the software. If any time limited discounts are being offered to promote the release, be sure to include a coupon code and the sale details.
11. Press
Include a link to the press release announcing the new version.
You might find it helpful to create a web page that details the announcement and contains all of the above information in a single location.
Saturday, April 26, 2008
File.Anti-Copy.v3.1
File.Anti-Copy.v3.1
Protect your file with File Anti Copy.
No body will be able to open, copy and delete your files without your permission. This guarantees the program will never lose your data. Download and try it to make sure your files is secure
http://rapidshare.com/files/107929390/File_Anti-Copy_v3.1.rar
Pass:
bb.bearslinks.info
Monday, February 11, 2008
ZoneAlarm Pro.v7.0.462.0
ZoneAlarm Pro.v7.0.462.0
Protect yourself with the best multi-layered firewall technology around. ZoneAlarmĂ‚® Pro keeps intruders out, protects your PC to the core and makes you invisible to hackers. It also destroys spyware, secures your privacy and provides real world services that monitor and repair all suspicious activity linked to your identity.
Keeps out the bad, including identity thieves
Uproots and immunizes your machine from spyware
Works perfectly with other antivirus software
Network and Program Firewall
Delivers proactive firewall protection with multiple layers of security that stop inbound, outbound, and program attacks while remaining completely invisible to hackers.
Operating System Firewall (OSFirewallâ„¢)
This additional layer of security prevents hard-to-remove spyware, including rootkits and kernel-level threats, from getting onto your PC and causing damage.
Identity Theft Protection
While ZoneAlarm continues to secure your identity information on your PC, these new Identity Theft Protection services also prevent identity theft over the Internet and even in the physical world.
:DOWNLOAD:
http://rapidshare.com/files/90725715/zap.rar.html
:PASS:
smforum.net
YouTube Downloader 2.1.6
YouTube Downloader 2.1.6
YouTube Downloader allows you to download videos from YouTube and many others and convert them to other video formats.The program is easy to use, just specify the URL for the video you want to download and click the Ok button! It also allows you to convert downloaded videos for Ipod, Iphone, PSP, Cell Phone, Windows Media, XVid and MP3.You can use YouTube Downloader to download the videos of your choice from home, at the office or in school.Download YouTube Downloader now and get started downloading your favorite videos from YouTube.
Features :
- Download videos from YouTube, Google Video, MySpaceTV and many others.
- Allows you to access YouTube videos for which you need to be 18+ years of age.
- Converts video for Ipod, Iphone, PSP, Cell Phone, Windows Media, XVid and MP3.
- Provides the ability to cut and select the output quality of converted videos.
- Uses the FFmpeg engine to convert the videos.
- Plays videos downloaded in Flash.
- Extremely easy to use.
:DOWNLOAD:
http://www.midload.com/en/file/23054/YouTube-Downloader-2-1-6-Prinks-rar.html
:PASSWORD:
Prinks
Sunday, February 10, 2008
Subscribe to:
Posts (Atom)