File Hippo: Update Checker - The answer to keeping your workstation up to date.

File Hippo which serves pretty much every piece of software that you could ever possibly want, came out with their own update checker. This very small app looks to see what software you have installed, and determines if there is an update available and prompts you. It does this without taking control of your computer and will not install any update without your permission.
This looks to be an awesome update utility that is perfect for the newest computer user all the way to the very experienced.
The application is very small and you can install it without having it automatically start when your computer starts.
Keeping your software up to date would be my biggest tip I can ever offer someone who wants to keep their computer virus/malware free.
I highly recommend this app to anyone who does not already have a decent strategy for maintaining updates for their software.
Check it out here (LINK)

APWG: What to do if your website has been hacked by phishers.

The anti-phishing working group released a paper back in February that goes over what steps you should take if you or your website has been victim of a phishing compromise.
Check it out here.

McAfee Stop H* Commerce NBC airings.

This is the broadcasting schedule for McAfee's Stop H*commerce mini movie.
Check it out (LINK)

Google: Best practices for cleaning up a compromised site.

Yesterday, google's online security blog posted a nice informative article on what steps you should take to prevent and clean up a compromised website.
Check it out here (LINK).

The Return and Evolution of Gumblar

So the new wave of Gumblar attacks are starting to come in at an alarming rate. From where I sit, it is just as effective as any previous wave as far as the amount of new compromises I have seen due to the highly successful trend. Gumblar, using current exploitable vulnerabilities in Adobe products has made an impressive comeback from being quiet for a few weeks. Attacking web developers and site managers local workstations, the malicious software installs a credential sniffing application looking for FTP login information and forwarding this vital data to a destination of the hackers preference.
The new wave has evolved, placing the malicious java script locally on the webserver making it more illusive and difficult to detect from the conventional user. It also looks like the evolution is continuing with pointing all malicious links to legitimate websites who were infected with the malicious payload to assist with fooling the user and detection from services such as google safe browsing. This to me is a huge step in the evolution of this malicious trend. With the success of these attacks, you start to realize that this particular trend of attack is not going to disappear any time soon, Especially with new browser protection features being implemented such as the Content Security Policy.

I was going to provide a list of all recent domains that the attackers are using, however they are legitimate sites and unless i point to the actual malicious script, it would be useless.

In a quick closing, my steps to help prevent this particular type of attack still stand (LINK).

H* Commerce: October 18th on NBC right after NFL Sports Sunday

McAfee's multi part mini movie on the Business of Hacking You, is going to be shown on NBC on Sunday October 18th. This is actually a really good mini movie if you have not already seen it. I wouldn't say that it would be super informative to security professionals, but it is put together really well and worth the watch. Check it out.

McAfee Stop H* Commerce

The Software Piracy and Malware link

The latest post from Ryan Naraine and Dancho Danchev's blog Zero day on Software Piracy leading to higher malware infection rates has sparked a small thread in my thought process. For all that have ever downloaded pirated software (never myself, and never when I was in college), you can clearly understand the statistical information that is being described in the report.
The reason for taking interest in this topic was the thought of how many different avenues a victim is prone to in installing malware via downloading pirated software. As an example, I wanted to draft out a possible situation and all of the possibilities that can arise out of the situation for the possible infection of malware.

User Bob decides to download a pirated copy of Microsoft Windows. Bob knows what pirated software is, and is halfway familiar with the usual sharing tools such as torrents, limewire, irc, usenet, ect ect. Bob decides to search in google for something like "windows XP black" (a popular pirated version of windows XP). Right off the bat, within the first 3 pages of googles results are a dozen or so malicious sites that have been flagged for malicious use. Lets say bob steers clear of the malicious sites and finds himself on a popular torrent site downloading an active torrent for the software.
A couple hours later, and bob has himself a .iso that he can burn to his favorite media and start the install process. The unfortunate thing about this torrent, is that a serial was not provided. Bob steps over to his favorite keygen/serial site via his arsenal of pirated links or google, and winds up with the possibility of being compromised with malware either via the site the serial/keygen is hosted on or via the serial/keygen file itself. Lets say for shits and giggles that bob manages to steer clear of being infected with malware because, well if he is doing a new install as apposed to an upgrade, what good is malware if it is only installed for an hour or so.

As we continue, Bob is now installing his fresh new copy of Windows on to his local desktop or laptop. Another potential for malware exists with the presence of the malware in the pirated software itself, but lets say for sake of blogging that this is not the case. Now one other issue for the potential existence or installation of malware is the fact that most pirated copies of windows have Microsoft update turned off by default and will never be updated with the latest security related patches. This issue might not exist right off the bat because the installed copy could be up to date on the date of the install, but all future security related issues will pose a problem for the software installed.
Now on to my favorite, the installation of an antivirus. Antivirus are one of the most popular pirated software's out there and also one of the most prone to containing malicious software if downloaded illegally. The reason being, is that if you are downloading an anti-virus, then chances are, you do not have one installed. This is the perfect opportunity (and possibly the last opportunity) for malware to sneak in under the radar without being detected.

However way you look at it (or are infected by), downloading pirated software poses a great risk to the installation of malicious software. Any avenue that takes you into an attackers controlled domain, is setting up the potential risk of being infected. Would I advise you to not download and install pirated software, that is not my problem. However, I will always advise that if you would like to remain malware free, make sure that all of your software is legitimate and updated, and stay off of the 3rd world of the internet (Both of these are broken by downloading pirated software.) You are already at a high of enough risk from being infected from legitimate sites that have been infected.