Gamers have enough trouble trying to come up with a game plan to beat pesky end bosses and single-handedly defeat armies of mutant soldiers. Saving often gives gamers an endless advantage and cheat codes can help in a pinch, but neither of these tactics will do any good against an increasing amount of real-life threats the online gaming scene.
More than just an annoyance, time spend in virtual worlds like Second Life can translate into real currency and it's attracted the attention of organized criminal gangs. According to security software vendor ESET (best known for its NOD32 Antivirus products), "high volumes of malware intended to steal passwords for online gaming and virtual worlds" have been detected since 2007, resulting in a "dramatic upsurge."
The alarming news comes courtesy of ESET's mid-yearly Global Threat Report, which focuses on broad trends in malware over the past six months. In addition to an upsurge in attacks against gamers, ESET notes that malicious software that tries to use the Windows Autorun facility to self-install from removable media continues to flourish.
On the opposite end of the spectrum, the company reports email bound malware is in "dramatic decline," at least when it comes to dirty attachments. Malicious URLs passed through email messages have taken the place of attachments.
Further reading to keep yourself (and your virtual self) protected:
MAPP provides advance notification to third-party security providers of vulnerabilities that are being addressed by Microsoft security updates, such as the ones rolled out each month on "Patch Tuesday." MAPP is designed to help stop exploits that are launched between the announcement of upcoming patches and the availability of patches. MAPP starts in October, according to eWeek.
Security providers can learn more about MAPP by downloading the fact sheet (MS Word 97-2003 format). For additional insight from a former military and government security specialist who now works for Microsoft, see Steve Adegbite's blog entry about MAPP.
The Microsoft Exploitability Index will provide ratings of how likely each vulnerability is to being successfully exploited. The index will rate each vulnerability at one of three levels:
Consistent exploit code likely
Inconsistent exploit code likely
Functioning exploit code unlikely
Microsoft's fact sheet suggests (MS Word 97-2003 format) that vulnerabilities with the "Consistent" rating should be treated as the most serious threats, followed by the others. To get more insight into the need for this index, see Microsoftie Mike Reavey's blog entry (Reavey is part of the Microsoft Security Response Center). The index will be included with each new security bulletin, also starting in October.
For your chance to sound off about Microsoft's newest security initiatives, see us after the jump.
Malware is the vile scourge of the internet. It invades your privacy, tracking where you’ve been on the internet to sell to marketing companies interested in your browsing habits. It invades your computer, sending pop-ups for products you don’t want, or it tricks users into buying some bogus program to fix nonexistent problems with their PCs. It steals resources from your computer, taking up CPU time, RAM and drive space. Being a malware programmer must rank up there with pimp-meister for jobs that you don’t tell friends and family that you do.
It used to be that you would pickup malware from ending up on a bogus site someplace, but it turns out that it is coming from almost everywhere now, according to a Websense report. About 75 percent of it comes from legitimate sites that have been compromised. That is an almost 50 percent rise over Q3 & Q4 of 2007. Of the top 100 websites on the internet 60 percent either hosted malicious content or contained a redirect to lure victims to malicious sites.
Always have your protection when surfing the internet boys and girls and not just FireFox like in the poster image below. An up to date Internet Security Suite is a must have.
You can visit the complete Websense report here for all the latest info on the filth lurking on the internet.
What do you do to protect your computer from Malware? Wrapping it in latex doesn't count.
Symantec has issued yet another warning related to a vulnerability in MS Access that was acknowledged by Microsoft last month. Symantec has warned that Internet Explorer 6 is more vulnerable to this threat than subsequent versions. It had earlier unearthed an update to the diabolical Neosploit kit that has made it easier for even neophyte hackers to exploit the chink in the MS Access armor.
There is still no news of a patch to fix the Snapshot Viewer ActiveX control that comes bundled with MS Access. This ActiveX control is being exploited by cyber interlopers to wrest control of computers. Symantec has advised users to set three kill bits for the Snapshot Viewer ActiveX control to prevent it from being activated.
Wi-Fi theft is turning into a menace of inordinate proportions and home-based wireless networks are sitting ducks for bandwidth thieves, a demographic that now also includes wily terrorists. A case that has come to light in India will insure that some of the benevolent Wi-Fi hosts will never turn off their firewalls or show vacuous disregard towards bandwidth theft.
He is fortunate that the cyber experts of the ATS bought his plea, that his Wi-Fi might have been used by the terrorists to send the e-mail without him being in the know. Of course, their preliminary investigation also seems to suggest the same, as he hasn’t been booked under any law. However, he has been told not to leave the country until further notice.
Several fear-mongers have prophesied about the threat cyber terrorism poses. This isn’t the deadly manifestation of cyber terrorism that they talk about, it is a sinister beginning all the same.
MySpace and Facebook users now have bigger worries than whether Wordscraper will stay online: two new worms, known as the Koobface family, are attacking Windows users of these popular social networking (or "Notworking" sites, as our friends at The Inquirer call them). These new worms pose a threat to the peace of mind of people like Zac Koobface (a real Facebook user, by the way).
Kapersky Labs was the first to detect these worms: Net-Worm.Win32.Koobface.a (targets MySpace) and Net-Worm.Win32.Koobface.b (targets Facebook). McAfee refers to both worms as W32/Koobface.worm, while Symantec uses the terms W32.Koobface.A and W32.Koobface.B.
Both worms send comments or messages to other users of the service. The messages or comments contain alleged links to humorous YouTube files (such as "Paris Hilton Tosses Dwarf On The Street"). When the user clicks on the link, the link redirects to a website that displays an error message claiming the user needs an updated codec to enable the Adobe Flash player to play the video. The alleged Flash player update (codecsetup.exe) contain the worm.
When the Koobface.A worm runs, it configures itself to run automatically when the system starts, checks for MySpace cookies, and if it finds them, modifies the user's profile by adding links to malicious sites that contain the worm. To learn more about Koobface.A and Koobface.B, check the McAfee and Symantec links earlier in this article.
If you use Kapersky, McAfee, or Symantec antivirus, the latest virus definitions will detect and stop these worms. If you use other antivirus or anti-malware programs, check for updates daily - and don't click on funny video links from other MySpace or Facebook users. The results just aren't very funny.
Been bugged by these or other social-networking worms? Tell us your story after the jump!
Homeland Security is once again drawing criticism, this time over a newly disclosed policy that has apparently existed for some time. According to the Washington Post, U.S. agents have (and have had) the authority to seize and retain laptops indefinitely, which as resulted in some travelers reporting not getting them back. And not just laptops, but all kinds of electronic devices, like cell phones, music players, portable hard drives, and more.
While the policy isn't new, it's only now being stated publicly and the contents of the DHS document has civil rights activists and lawmakers up in arms. Not only does it appear that government officials have the power to seize electronic devices, but according to U.S. Senator Russ Feingold, customs agents are allowed to analyze the contents of laptops without any suspicion of wrongdoing.
"The policies that have been disclosed are truly alarming," Feingold wrote in a statement.
Not surprisingly, malware infections are at an all-time high, but what's shocking is just how fast the infection rate has risen. According to antivirus vendor Sophos, the company says it detects one webpage containing malicious content every 5 seconds, a rate that represents a whopping 300 percent jump from 2007.
That breaks down to over 16,000 malicious sites each day, most of which are victims of SQL-injection attacks. One of the more common tricks entails using SQL-injection to place a dirty 1x1 pixel element on an infected page. And because many of the sites are legitimate, security vendors are having a tough time keeping up with blocking the sites.
There also exists a fair number of illegitimate sites, and Sophos claims Google-owned Blogger accounts for nearly 2 percent of all malware hosts, making it an unflattering number one offender.
Responding to the report, a spokesperson for Google said "Google takes the security of our users very seriously, and we work hard to protect them from malware. Using Blogger, or any Google product, to serve or host malware is a violation of our product policies. We actively work to detect and remove sites that serve malware from our network."
Here is a product for those that use Carpool Kenny (for security purposes of course) or timers on lights, and is more eco friendly that leaving your TV on. Enter FakeTV, a computer controlled, super-bright multi-color LED lamp with light output equivalent to a typical 27" HDTV LCD television, but it consumes fifty times less power than an actual TV. It creates the effect of a TV that is on, minus sound of course.
This is an item that is sure to land on one of those “as seen on TV” commercials, although it won’t become anywhere near as popular as The Clapper. While FakeTV is sound in principle it’s only going to work as well as the crook casing your house is smart. Leaving the TV on is an old trick, and a TV without sound is only going to fool the most novice of burglars. It’s creepy in a way I can’t quite put my finger on. Oddly enough even Carpool Kenny looks cooler than this thing.
Wikipedia is famous for being the free online encyclopedia that anyone can edit. Unfortunately, there are numerous examples of so-called "Wikipedia vandalism," where the reputations of people past and present have been blackened by bogus entries in their Wikipedia pages. To help reduce vandalism, Wikipedia is now experimenting with flagged revisions on its German Wikipedia site, which is apparently a hotbed of vandalism. When pages are changed, a checker must sign off on the changes to a page before they are posted.
How big a problem is Wikipedia vandalism? How do we know that the checkers who approve pages can be trusted? And what do Wikipedia fans think about all of this? To find out more, join us after the jump.