The site powerfulvirusremover2008 .com is reported to have been using dodgy practices in order to push their product, and really, what's new? Yet another rogue antispyware on the loose.Funny thing is though, it even has specific websites for different countries, so that they can cater to specific audiences. Here are some of the sites that they host for different countries:jp.powerfulvirusremover2008 .comOther versions include de, dk, es, fr, it, no, nl, and no.And what's the difference ...

Laptop stickers — they're very popular.Six weeks ago, we requested suggestions, hosted a couple of polls, and then picked our our favorites from the suggestions.Wing Fei, from our Kuala Lumpur Lab, placed the order and ended up giving away a bunch of stickers at Hack In The Box Security Conference 2008 — Malaysia.Last week, Wing Fei was in Helsinki for our pikkujoulu and we now have our own stack of stickers here in the Helsinki ...

One of our development teams would like you to try their beta application, Web Trail.They want feedback before moving on to the RTM version.You can download it from here. On 13/11/08 At 04:49 PM

Kudos to Brian Krebs, whose excellent investigative reporting produced some rather dramatic results.What's the story? McColo Corp. — major source of spam — was knocked offline earlier this week. And now there's a large decrease in the amount of spam being distributed.Why is that? Because McColo Corp. was hosting a large number of spam bot control and command servers. Knocking them offline has left the spam bots temporarily without masters.Unfortunately the bots themselves are still ...

We came across a rogue today called Antivirus Professional 2008 that uses GeoIP Lookup as part of its scare tactics.This site uses Flash and script to create the effect of an online scan, that then attempts to push an installer at the visitor.The NoScript extension for Mozilla Firefox is an excellent way to mitigate against this kind of garbage.But here's the interesting thing…The "antivirus online scanner" site now uses the visitor's IP address to customize ...

Newsweek has a breaking story about how both the Obama and McCain campaign computer systems were hit by targeted attacks earlier this year.At the Obama headquarters in midsummer, technology experts detected what they initially thought was a computer virus—a case of "phishing," a form of hacking often employed to steal passwords or credit-card numbers. But by the next day, both the FBI and the Secret Service came to the campaign with an ominous warning: "You ...

Not a big surprise at all that a spam run distributing malware talking about Obama being elected the new US President started this morning (US time).The email looks like this:The link points to a website that looks like it contains a video and to view it the user has to download a new flash player, adobe_flash9.exe (MD5 47c86509a78dc1edb42f2964bea86306). We detect this as Trojan-PSW:W32/Papras.CL which is a trojan that hides itself using a rootkit. The trojan ...

Mobile phone enthusiasts have discovered a method to gain Root access to the T-Mobile G1 Android mobile device.Jailbreaking phones is a popular activity. Many Apple iPhone owners choose to unlock their phones. And we have also seen methods to unlock Symbian S60 phones so that one gains full access to the device.Now there's a way to acquire full access to the G1 (which uses Google's Android) using the PTerminal application from the Android Market. The ...

As most of you likely know, Microsoft released an out-of-band update on October 23, 2008. This usually indicates a worm-capable vulnerability when there are already in-the-wild exploits. MS08-067 is very similar to MS06-040, the netapi vulnerability few years back.We've been working through the weekend, monitoring the situation around this vulnerability.We did some time line analysis on Trojan-Spy:W32/Gimmiv which exploits the vulnerability. As far as we can see, the first versions of Gimmiv were compiled around ...

It doesn't happen very often, but when it does, it's for a good reason. Yesterday, Microsoft released an out-of-band patch for a new, critical vulnerability in Windows.The patch, MS08-067, fixes a remote procedure call (RPC) issue that would, if successfully exploited, enable an attacker to remotely execute applications on a computer running all currently supported versions of Windows.This is exactly the type of vulnerability Blaster and Sasser used to infect millions of computers back in ...

Spam is still a problem.Problem is, spam still works. So it won't be going away any time soon.One spam vendor was recently spamming (yes) their own ads to a few million e-mail addresses. The message contained this PDF file:Two things worthy of noting here:First: The old e-mail spam vendors are selling mobile phone text message spam lists as well.Second: The vendor here is trying to avoid getting spammed themselves, by writing their e-mail address(which is ...