AOL has fired three employees including their CTO in an effort to overcome their recent disclosure of user data on over 650,000 users. Maureen Govern, AOL CTO and head of the AOL department responsible for releasing user search data, and the researcher and manager were fired, according to a memo from AOL CEO Jonathan Miller. Earlier this month AOL admitted the user information was mistakenly posted on a company site research.aol.com. 

According to the latest release of Webroot’s State of Spyware report, enterprises are still continuing to get hammered by malicious software. Many corporations now are investing millions into securing their computer systems to stay ahead of the spyware offensive. Not all companies are able to stay ahead. More than 40 companies have reported security breaches just during this past quarter. This translates into a huge loss of revenue for these companies because customers lose their trust in them. The steady infection rate of big companies suggests that these companies are relying on inadequate security software such as freeware to protect themselves. Surprisingly the larger more technological companies lag behind most of the other industries in adopting security technology.

According to the latest State of Spyware released by webroot, the USA is the top country of spyware origin in the world. Over 67% of the world’s spyware originates in the United States. The next country in line is Germany with only 7.57% and then followed by England with 6.25%. Webroot believes that this is because of how easy it is to attain various internet connections in the USA. They believe this is also the cause for the raising rates in Europe.

Yahoo! is in the process of testing a new anti-phishing security service that will be available to Yahoo! users. The security service is designed to protect users from landing on sites that look like they are legitimate Yahoo! sites but are actually fraudulent sites designed for phising scams. The service lets users know if they have landed on a legitimate Yahoo sign-in Web page, preventing them from entering their Yahoo ID and password on a phishing site. Look for this service in the near future.

For those that are participating in the Microsoft Windows Vista Beta, Microsoft has released two security bulletins regarding security flaws. The flaws deal with Internet Explorer and the Windows Vista kernel. Both of these flaws allow for remote control of the PC. Microsoft has been criticized for issuing the updates because everyone knows its test software and will have problems. Microsoft decided to err on the side of caution due to the large amount of people participating in the beta. Those that are participating in the beta are urged to update.

Shortly after AOL has published search details of thousands of AOL customers, AOL is in hot water with consumer advocates over its Active Virus Shield software. The issue with the security tool has to do with its licensing agreement. The agreement allows AOL to collect and share data on how the software is being used. It also permits AOL and its affiliates to send email to its users. The worry of consumer advocates is that this agreement will allow AOL and its affiliates to send adware to the customers. AOL did say they plan on changing the licensing agreement.

Many consumers throughout the world choose to do their shopping on the internet. Many of these consumers, however may be at risk. Here are some tips to keep you safe.

·        Be suspicious of everything. If something doesn’t seem right to you, it probably isn’t.

·        Make sure the site is secure. An easy way to check this is by looking in the address bar of your web browser. If after the http there is an s (https), then the site is secure. Another hint is that the browser will have a lock or key symbol on the bottom.

·        Shoppers should research the companies they are buying from using search engines. Search for the company name along with complaints, secure, or customer service. This will let the consumer know of any problems with a particular company.

·        Try to consolidate your shopping to the least amount of internet companies as possible. This will have your credit card information out in fewer places.

The above tips should help to keep you secure while surfing the internet. In addition to the above tips, have good security software installed on your computer to prevent any other malicious problems.

As expected by security experts, there was an attack launched on Microsoft Windows. The attack did not come as a big worm but instead a small more focused bot.
The bot has been dubbed with several names by security firms, including “Graweg,” “Mocbot,” “WGAReg,” and “Cuebot.”  The vulnerability in Windows Security service, which was patched by Microsoft in its security bulletin MS06-040, was known as the most dangerous of all the vulnerabilities. Many people predicted an attack on unpatched PCs because the vulnerabilities and patches were released last week.
Security companies detected two variants of the bot. One of them enables the hacker to control AOL Instant Messenger if present on the compromised computer, The other variant linked the bot herders’ controlling systems to a pair of IP addresses in China.
Microsoft has repeatedly urged users to update their software immediately to prevent from infected with the bot. . You can update the software from Microsoft’s website or through automatic updates.

A security vulnerability in Yahoo! Mail can expose private mailboxes to hackers. A test conducted by an Israeli security company found the vulnerability. All it takes for hackers to get into private mailboxes is by sending the victim a malicious email message allowing them to gain access. The malicious code in the email comes as an html attachment which does not have to be individually opened for it to work. The code creates a cookie file which the hacker can use to gain unrestricted and unlimited access to the victims account. Yahoo! has stated that they have already created a fix to this problem and are in the process of distributing it worldwide.

Paretologic has just announced the release of Xoftspy Portable Anti-spyware product. This is the first portable anti-spyware product released. The program operates directly from a U3 smart drive. The program licensed for multiple computers and is built to protect roaming users accessing any PC they touch, including those belonging to co-workers, friends, parents, libraries or Internet cafes.  With the threat of malware constantly rising, XOFTspy Portable provides protection for roaming users, ensuring that the computer they are about to use is free of spyware, Trojans, keyloggers and adware without having to download and install anti-spyware applications on the local computer. In addition to ensuring the security of the host computer, XOFTspy Portable also protects the smart drive by securing its data and programs, even in cases where the host computer has lost Internet connectivity.

Almost all computer users know that surfing on the internet can be a very risky thing. They can become a victim to spyware, adware, phising threats, or viruses. Consumer Reports is now saying that one out of every three computer users become victim to malware. The only good part about this is that the risk this year is the same as last year. This means that the efforts to stop cyber crime are having an impact. Consumer Reports also said that there has been a decline in the number of viruses and spyware since 2005, but both are still epidemics.

Microsoft has released today 12 new security patches. Seven of the patches are considered critical and two are critical for Microsoft Office. Microsoft has fixed over twenty vulnerabilities with these new patches. The critical Windows updates address several vulnerabilities in the Windows Server and DNS services along with, flaws in Internet Explorer and Outlook Express, a vulnerability in the Microsoft Management Console, an issue with HTML Help, and several vulnerabilities in the Windows kernel. For Microsoft Office, they fixed a vulnerability in Visual Basic for Applications that could allow remote code execution. It also corrected two vulnerabilities in PowerPoint which allowed for a Trojan Dropper to modify the file Explorer.Exe. Microsoft urges Windows and Office users to update their software immediately. It is common that malicious hackers create exploits once the security patches have been released to get users that have not updated yet. 

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA06-220A

Microsoft Windows, Office, and Internet Explorer Vulnerabilities

Original release date: August 08, 2006
Last revised: –
Source: US-CERT

Systems Affected

* Microsoft Windows
* Microsoft Office (Windows and Mac)
* Microsoft Internet Explorer

Overview

Microsoft has released updates th…

Read more at checksum.org…

According to the State of the Net survey by Consumer Reports of over 2000 households with internet access, it projects that American consumers lost more than $8 billion over the last two years to viruses, spyware and various internet schemes. Also, computer users have one in three chance of becoming a victim of malware which is the same chance as last year. According to the survey, computer users lost over $630 million to email scams just over the past two years. The nation has also spent over $7.8 billion in computer repairs caused by viruses or other malware.

Google is now beginning to warn users of websites containing malware. This is a common this for security software such as the software by McAfee or Norton. Never before has a search engine warned users of this. Search results are still presented by the search engine in a familiar way and do not include information whether a site may include malware such as spyware and Trojans. Instead, Google chose to warn users once they click on the link before entering the website. Google sends a message to the user saying that the website they are about to visit may harm their computer. The user can still navigate to the site if they choose to or they can return to the search page. Another search engine, Scandoo.com is also starting to warn users of malware. Scandoo evaluates the search results and marks the individual results with a logo saying the site may contain malware.