Browse by Tags

All Tags » Security, safety and privacy on the Internet (RSS)
Saturday, February 14, 2009 1:24 PM

Please do NOT advise your users to turn off automatic updates because of *one* problem update

The latest “Rollup for ActiveX Killbits for Windows” ( KB960715 ) is causing problems for some third party applications that are dependent on the disabled controls. One application that has problems, “ Office Tools Professional ”, is advising its users...
Posted by sandi | 1 comment(s)
Filed under: ,
Tuesday, February 10, 2009 4:42 PM

Lifestyles of the Rich and Infamous, and an update about the status of the FTC versus Innovative Marketing et al lawsuit

I'll include some history of events so that you can get a sense of perspective with regards to the time frame around these events.   It is especially important to note that the FTC lawsuit is not the only problem that Jain is facing. ...
Posted by sandi | 1 comment(s)
Filed under: , , ,
Monday, February 02, 2009 4:49 PM

I just knew I'd find DIRECTI in there somewhere...

Sunbelt reports that there is a new fraudware domain, being ie-security.com . Let's look at the domain details for ie-security.com: ICANN Registrar: BIZCN.COM, Inc (a name that is appearing far too often in association with malware) Date created:...
Posted by sandi | 1 comment(s)
Filed under: ,
Monday, February 02, 2009 3:54 PM

More information about Olympic Media shenanigans

Ok, when the hijack triggered via the Olympic Media supplied javascript URL that I mentioned in my previous article triggers successfully we hit: admediastats.com/ts/in.cgi?{{redacted}} From there we end up at sg12scanner.com/{{redacted}} From there to...
Posted by sandi | with no comments
Filed under: , ,
Monday, February 02, 2009 1:50 PM

Olympic Media are still active

I’ve warned about Olympic Media several times – they continue to be active. The latest reports indicate they are claiming to be operating out of Canada and are supplying javascript code referring to admin.securityclick.net as follows:     Other...
Posted by sandi | 2 comment(s)
Filed under: , ,
Tuesday, January 27, 2009 9:42 AM

DIRECTI responds re inaccurate WHOIS complaint time frames

15 days, so they say:   My response? “ This is not good enough.  The domains can be used to facilitate fraud for 15 days? At the very least, posnerpromotion.com should have been isolated before now. posnerpromotion.com redirects to posneradv...
Posted by sandi | 1 comment(s)
Filed under: ,
Monday, January 26, 2009 2:08 PM

Oh dear, oh dear, oh dear…

Its amazing what we find sometimes… WARNING: I am assuming that my readers are smart enough to *NOT* visit the victim site, or the malicious URLs, without hefty protection in place, yes?  In fact, don’t go there at all unless you are willing to reformat...
Posted by sandi | with no comments
Filed under: , ,
Thursday, January 22, 2009 10:05 PM

DIRECTI finally agree to act

  I sent an email to DIRECTI on the same day that I wrote this blog post: http://msmvps.com/blogs/spywaresucks/archive/2009/01/21/1663955.aspx The email said, essentially, the same thing that I said in that blog post. As you can see, they have initiated...
Posted by sandi | 9 comment(s)
Filed under: , ,
Wednesday, January 21, 2009 1:19 PM

DIRECTI responds to my complaint about the impersonation of domains/businesses

  As you can see from their email, DIRECTI advise that they suspended prolinar.com on 19 January for “Inaccurate whois details”.  It should be noted that I reported on 16 January that prolinar.com had already disappeared from its previous IP...
Posted by sandi | 4 comment(s)
Filed under: , ,
Monday, January 19, 2009 9:59 PM

Spotting the bad guys…

It is very important to be familiar with the traits and suspicious behaviour/signs common to domains associated with malware, fraudware and malvertizing, affiliate misbehaviour and whatnot. By studying what the bad guys are doing, and how they do it,...
Posted by sandi | 2 comment(s)
Filed under: , ,
Friday, January 16, 2009 10:42 PM

ALERT: Please treat all content from topstarmedia.net and osmedlin.com with extreme caution - do we find DIRECTI? Yes we do!

I received an email alert today reporting that topstarmedia.net is supplying JavaScript code for advertising campaigns as follows: osmedlin.com/?id=<<removed>> To quote my correspondent, topstarmedia’s approach had "ll the hallmarks-...
Posted by sandi | with no comments
Filed under: , ,
Thursday, January 15, 2009 12:49 PM

Glowing brain malvertizement – and, once again, we find DIRECTI

  Adopstools results: http://www.adopstools.net/index.asp?page=quicklink&id=26gBv5P94L5CW849   Touches the domain adclickmate.net Registrar: DIRECTI (yet again) Created 24 March 2008 NS1.ADCLICKMATE.NET NS2.ADCLICKMATE.NET IP: 212.95.37...
Posted by sandi | with no comments
Filed under: , ,
Thursday, January 15, 2009 12:03 PM

Potential malvertizement featuring the Disney movie “Bolt”

  Adopstools results: http://www.adopstools.net/index.asp?page=quicklink&id=YNgNHCUFU1pAgA94
Posted by sandi | with no comments
Filed under: , ,
Tuesday, January 13, 2009 8:09 AM

Directi Internet Solutions strikes again

I ask you – just how obvious does the impersonation of a legitimate company have to be before Directi notices and stops a site from going live *before* it can do harm??? quigley-simpson.net Registrar: DIRECTI INTERNET SOLUTIONS Created 17 December 2008...
Posted by sandi | 5 comment(s)
Filed under: , ,
Monday, January 05, 2009 8:15 AM

ALERT: traffichunter.net and traffichunters.net – spot the similarities to Olympic Media

I think it is fair to say that all content from traffichunter.net and traffichunters.net should be treated with extreme caution. First of all, I received an email warning me that there are remarkable similarities between the Olympic Media web site and...
Posted by sandi | 2 comment(s)
Filed under: , ,
Sunday, January 04, 2009 9:02 AM

Whois Data Problem Reporting System

ICANN has a web page which can be used to report domains with inaccurate (or blatantly false) WHOIS information. http://wdprs.internic.net/ Enjoy.
Posted by sandi | with no comments
Filed under:
Friday, January 02, 2009 6:33 PM

Developments in the FTC versus Innovative Marketing et al lawsuit

  Daniel Sundin, Maurice D'Souza, Innovative Marketing Inc, ByteHosting Internet Services LLC and James Reno are still unrepresented. Sam Jain is represented by Robert D Luskin and Edward S Wisneski of Patton Boggs. Marc D'Souza is represented...
Posted by sandi | 3 comment(s)
Filed under: ,
Wednesday, December 31, 2008 4:56 PM

ALERT: malicious content (including malware via security exploit) seen via MySpace chat

Kimberley reports on the incident . Userplane is a wholly owned subsidiary of AOL (yes, I have written to my contacts there), and Kimberley is getting in touch with the appropriate people at MySpace to try and get this shut down ASAP.   Some important...
Posted by sandi | 2 comment(s)
Filed under: , ,
Tuesday, December 30, 2008 8:37 PM

Is the John Sands web site cleaned up?

No. Am I surprised? No. Why haven’t they fixed the problem yet? You tell me and we’ll both know.  Maybe they *like* the fact that all of the links on their Products page are broken.  The fact that the malicious URL is not working is no excuse...
Posted by sandi | with no comments
Filed under: ,
Monday, December 29, 2008 1:41 PM

Maybe the people responsible for the John Sands web site will finally do something about the web site's vulnerabilities

It is all over the popular press - Websense have announced that they have found malicious script on the John Sands web site: http://securitylabs.websense.com/content/Alerts/3268.aspx I can only hope that WebSense, and all of the negative press that their...
Posted by sandi | with no comments
Filed under: ,
More Posts Next page »