Securelist / Blog
Securelist / Blog
  • Adobe Incubates Flash Runtime for Firefox

    The Adobe AIR and Adobe Flash Player Incubator program updated their Flash Platform runtime beta program to version 5, delivered as Flash Player version 11.2.300.130. It includes a "sandboxed" version of the 32-bit Flash Player they are calling "Protected Mode for Mozilla Firefox on Windows 7 and Windows Vista systems". It has been over a year since Adobe discussed the Internet Explorer ActiveX Protected Mode version release on their ASSET blog, and the version running on Google Chrome was sandboxed too.

    Adobe is building on the successes that they have seen in their Adobe Reader X software. Its sandbox technology has substantially raised the bar for driving up the costs of "offensive research", resulting in a dearth of Itw exploits on Reader X. As in "none" in 2011. This trend reflects 2011 targeted attack activity that we’ve observed. 2011 APT related attacks nailed outdated versions of Adobe Flash software delivered as "authplay.dll" in Adobe Reader v8.x and v9.x and the general Flash component "NPSWF32.dll" used by older versions of Microsoft Office and other applications. Adobe X just wasn't hit. IE Protected Mode wasn't hit. Chrome sandboxed Flash wasn't hit. If there are incident handlers out there that saw a different story, please let me know.

  • Malicious ads on security websites
        Perhaps the worst possible scenario is when a bank website is hosting malicious ads: you never know what can be installed and when on your computer if you click on the ad banners. Something similar happens with security websites hosting malicious ads. They are supposed to be for security information. The people browsing such sites trust the content to be safe, but in actual fact because of the ad banners the resources may be anything but trustworthy.

  • Will Google Bouncer definitely remove all malware from the Android Market?
    Will the Bouncer be effective in addressing the malware problems with Android apps? First of all, this is a good and really necessary move Google is taking, however the solution will be only partial. Based on the public information around this service, all apps will be scanned for known malware. Basically that means a multi-scanner or something similar will be used, so the quality of malware detection will depend greatly on what AV engines Google will use to analyze apps. Not all AV engines have the same quality, so there is a possibility some malicious apps won't be detected as malicious. The second step offered by Google is emulation. It's a good approach, however it can also be cheated by anti-emulation tricks or a malicious app can be programmed to behave differently once an emulation is detected, making the app appear to be non-threatening.  So, basically the same malware tricks used to bypass Windows security can be implemented now on Android.
    Is it still a good idea to use a mobile security program for protection even with Bouncer in place? Yes, for sure it's a good idea. The situation is many people download apps not only from the official Android Market, but also from third-party sources.  Nobody knows for certain what kind of apps are out there on private market stores, run by people not affiliated with Google. Additionally as we mentioned if Google's multi-scanner won't count on all AV engines but only some of them, it's certainly good to use AV detection on your phone as a second opinion for anything that might have slipped past Google’s scanner.
    Are there ways for hackers to sneak infected apps into the store despite Bouncer? Yes and one of them is by hacking well known and trustful developers accounts. In fact I believe that will happen in the near feature. I say this because of Google says it will check all new developers account. If a developer is already known and trusted by Google, that developer account will be a prime target for cybercriminals. Also, even though we haven’t seen it happen yet, we know cybercriminals can start developing apps that work differently in specific geographic zones. For example, an app could be designed to only behave maliciously if it detects a Latin American carrier…if the same app is used by a US carrier, no malicious behavior will be detected. That's also an anti-emulation trick which can be exploited by cybercriminals in order to avoid Bouncer detection.
 
SpywareGuide Articles
Articles on Spyware, Adware, Malware and privacy in general
SpywareGuide Articles
  • DATA-THEFT WORM TARGETING GOOGLE'S ORKUT
    FaceTime Security Labs announced the discovery of a worm that steals users? banking details, usernames and passwords. The worm, known as MW.Orc, is propagating through Orkut, Google?s social networking site, as users launch an executable file disguised as a JPEG. Google has a temporary fix in place
  • The Digital Underground: Interview with RinCe
    This is Part TWO of a series of write-ups focusing on the recent threat to E-Commerce systems via potential IM (Instant Messaging) attack vectors and more besides, by way of a remotely installed administration tool and custom-built scripts, designed to find vulnerabilities in third-party payment sys
  • Property Values, Satellite Maps and Zillow
    A new service called Zillow allows you to easily access the value of your home...and your neighbors and even their neighbors. SpywareGuide articles are sponsored by FaceTime Communications, providing solutions for securing and controlling IM, P2P and Spyware Greynets.
Computer Security - Tips For Safe Public PC Use PDF Print E-mail
User Rating: / 0
PoorBest 

Submitted By: Deepesh Agarwal

In the new computer age, We don't always log on from home where our PC's are thoroughly protected. (You took care of that already, right?) Cyber cafes, libraries, airports, hotels and other places offer use of a public terminal for those on the go. But, unfortunately, those computers may not always get secured well nor checked regularly. And, since others use them, they can get infected only minutes before it's your turn.

Here are a few tips for how to protect your information while using a public computer.

Most of the email clients nowadays allow you to forward email from one account to another, just as you forward your phone calls. Take advantage of this feature to enhance your security.

If you plan to be away from home for a few days - but aren't using your regular computer or laptop - try to forward your email to an account you set up especially for the trip. This helps protect your information a lot.

Both the account and the password are much less likely to be known to scam artists. Yet, you can retrieve any email sent while you're away from your regular PC. Also, if the userid and password do get cracked, your ongoing risk is low, since you'll be abandoning this temporary account shortly.

If you have to log in to a public computer with one of your regular username change the password the first time you use it away from home. Then change it back when you get back home, This limits your exposure time.

Public computers can contain a specific kind of spyware/trojan called 'a key-logger' that records your every keystroke. Apart from getting your logins and passwords, that also allows the thief to access anything else you typed in during your session. So, you must avoid making credit-card transactions online or accessing your online banking and credit-card accounts.

Before you go to any site that would require a username and/or password, disable any auto-complete or password storing feature. If you can because some public computers have these features locked down by the administrator.

Avoid unfamiliar sites, if practical, while you are away. Most online hacks come from auto-downloads of spyware, viruses, etc. Few of the sites you visit regularly are likely to have those. Just as you would avoid talking to unsavory strangers while on a trip, avoid dicey websites.

Defer clicking on ads while you're away from home. Those can lead to just the kinds of sites mentioned above.

Once you are done using the public computer, erase - if you can - here again administrators may not allow you to access the feature - any Temporary Internet files, cookies, etc. This helps protect not only you, but leaves the computer in a better state for the next user.

Needless to say, don't leave any downloaded files on the computer and never allow anyone to look over your shoulder while you are typing in a password or other sensitive information.

Paranoia isn't needed. But a little awareness and sound judgment while using a public computer will help keep your information secure - then and after you get back home.

One last tip would be to use a better secure browser like Firefox or Opera while surfing on your home PC as well as a public computer.

About the Author
Deepesh Agarwal is author of several award-wining software's, most of them being distributed under free ware software license. You can download his best free software at Quality Free Software Download Website

Published At: www.Isnare.com
Permanent Link: http://www.isnare.com/?aid=114738&ca=Internet
 
 

Latest Virus Threats

Recent Posts

Article Archives