"The total number of what might be actual false positives found over the past year amount to only a fraction of a percent," Alex Kochis, a senior licensing manager at Microsoft, wrote on a corporate Microsoft blog this week.
About one in five of the 300 million PCs that have run WGA validations fail, according to Kochis. That is pretty much in line with industry numbers for software piracy, … Read more
More than a million MySpace users have been exposed to spyware that exploits a Windows vulnerability through a banner ad on the site, the BBC reported on Friday.
Those using Internet Explorer that has not been patched against the Windows Meta File (WMF) vulnerability could be exposed to spyware and adware.
The vulnerability in the way WMF images are handled by Windows was discovered in November 2005. In a WMF attack, exploit code is hidden within a seemingly normal image that can be spread via e-mails or instant messages, or via Web sites.
Reports suggest the advert has been running … Read more
Don't try this at home!
H. D. Moore, creator of the Metasploit hacking tool, has crafted a search engine that finds malicious software using Google queries. The new "Malware" search engine finds Web sites hosting malicious files after a person enters the name of a virus or Trojan horse.
To find the malicious software the new search tool uses a fingerprint of the executable and then searches for it using Google, according to the Web site. However, those who do try it won't find much. Google has not indexed most malware yet and the signature database … Read more
Microsoft's "get the facts" marketing blitz may have tapered off a bit, but the company's employees are still keeping track of data that could favor the Redmond, Wash., company in its battle against Linux.
Jeff Jones, senior director in Microsoft's Security Technology unit, has kept tabs on the number of vulnerabilities in Windows XP with Service Pack 2 and Windows Server 2003 versus the client and server versions of Red Hat's Linux.
Over the first six months of this year, the two Windows versions had significantly fewer security vulnerabilities than the rival offerings from … Read more
A boutique Washington, D.C.-based law firm is accusing IBM of hacking into its e-mail system and is seeking recourse.
The firm, Butera & Andrews, filed suit against IBM and is seeking unspecified damages and repayment of more than $61,000 that it paid to investigate the alleged break-in and repair its e-mail system, according to a copy of the suit, which was filed in April in U.S. District Court for the District of Columbia.
IBM has since filed papers with the court seeking to dismiss the case, arguing that the law firm failed to state a legitimate … Read more
Adware pushers are joining the MySpace.com game, and they're not trying to hide. Christopher Boyd, a researcher at security company FaceTime, found two profiles called "Zango" on the popular social networking Web site.
One of the MySpace profiles pushed a toolbar and programs designed to "protect kids from predators," Boyd wrote in a blog entry over the weekend. The other popped up an extra window prompting the visitor to accept a licence to play a video file, … Read more
A government consultant assigned to a massive overhaul of the FBI's computer systems in 2004 broke into classified components on four separate occasions and nabbed the passwords of 38,000 employees, including agency director Robert Mueller III, the Washington Post reported Thursday.
Joseph Colon, 28, then an employee of BAE Systems, was able to crack the log-ins using two free pieces of software that are readily downloadable on the Internet, according to court documents cited in the story.
The information granted him access to Witness Protection Program records and other details on secret FBI activities. After learning of the … Read more
PC World is reporting that a new Microsoft Windows worm known as Cuebot-K has been identified. The new member of the Cuebot family spreads via a program named "wgavn.exe," sent through AOL Instant Messenger (AIM) buddy lists.
That program pretends to be software connected to Microsoft's Windows Genuine Advantage, an antipiracy technology that has attracted controversy and criticism recently, the report said.
According to PC World, Cuebot-K is believed to be able to shut off firewalls, cripple software and download more malicious programs, among other things.
But despite its sneaky nature and easy mode of spreading … Read more
Andrew Mantovani, co-founder of identity theft hub Shadowcrew.com, was sentenced to two years and eight months in jail and fined $5,000 on Thursday, the Associated Press has reported.
Mantovani, 24, was one of 21 people in the U.S. arrested in October 2004 (more were nabbed overseas) when the federal government targeted Shadowcrew.com as part of a yearlong investigation. The site is believed to have contained 1.5 million stolen credit card numbers, and could be responsible for as much as $4 million in losses.
He pleaded guilty and was sentenced in Newark, N.J.