Christmas, Amazon and Zbot – it’s that time of year again – Sophos

Malware/Trojans spreading via emails linking to fake Holiday E-Cards purportedly from “your friend” or your “Online Banking Team”.

Christmas, Amazon and Zbot – it’s that time of year again – Sophos.

Google Douses Privacy Fire — InformationWeek

Google Douses Privacy Fire — InformationWeek.

Recent remarks by Google CEO Eric Schmidt in a CNBC interview have set off a firestorm among privacy advocates:

Passing on the opportunity to explain to Bartiromo the difference between trusted friends and multi-billion dollar search advertising companies, Schmidt responded, “I think judgment matters. …If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place. If you really need that kind of privacy, the reality is that search engines–including Google–do retain this information for some time. And it’s important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities.”

And the pretty much sums it up about any online company you deal with. For you Facebookers and Tweeters, and anywhere else you post or upload or download from, you’re putting it out there on a server that get’s mirrored and backed up, and probably indexed by search engines. “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place”

Potent malware link infects almost 300,000 webpages • The Register

Make sure your IE has the up-to-date patches (or switch to Firefox) and update to the latest Adobe Flash

Potent malware link infects almost 300,000 webpages • The Register.

A security researcher has identified a new attack that has infected almost 300,000 webpages with links that direct visitors to a potent cocktail of malicious exploits.

People who visit infected pages receive an invisible link that pulls code from a series of sites tied to 318x .com. The code looks for insecure versions of Adobe Flash, Internet Explorer, and several other Microsoft applications, and when they are detected it exploits them to surreptitiously install malware known as Backdoor.Win3.Buzus.croo. The rootkit-enabled program logs banking credentials and may do other nefarious bidding, Landesman said.

Another program which can help determine if you have all the latest updates and patches for your installed applications is Secunia PSI.

Savvy kids can access explicit online worlds: FTC | Reuters

Savvy kids can access explicit online worlds: FTC | Reuters.

For parents, one way to restrict access is to use the free service OpenDNS. Simply go to OpenDNS.com and sign up. Download and install the dynamicIP updater client and install to your PC. This updater gives them your IP and allows them to filter your requests as you prefer.

On the settings page, set your filter preferences:

Then configure your router DNS servers to point to those provided by OpenDNS: 208.67.222.222 and 208.67.220.220.  When a PC on your network reboots and gets an IP address from your router, it will also assign the OpenDNS servers to the PC.

And your done! You can block specific web sites or types of  websites or allow only a few websites. Of course, the child can bypass this by manually configuring their PC to use a different DNS server, but depending on their age and level of expertise, they wouldn’t be doing that. If they get to that point, it may be time to talk to your kids. If that doesn’t work, you may need to use a firewall between your cable modem and router 🙂 .

Facebook Christmas Worm Spreads Holiday Infection — InformationWeek

Facebook Christmas Worm Spreads Holiday Infection — InformationWeek.

PandaLabs, the research arm of anti-malware company Panda Security, says that a variant of the Koobface worm, Koobface.GK, is being spread through the posting of malicious links of Facebook wall pages.

Attempting to play the video or to click on the links on the page leads to an infection attempt, which will compromise the victim’s computer if successful.

The links take Facebook users to a fake embedded video player that offers a Christmas greeting, in keeping with the tendency of cybercriminals to try to exploit current or seasonal events.