protonic.blog

The advisory has been issued regarding an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE). In the advisory, Microsoft confirmed the unpatched bug in VBScript that Polish researcher Maurycy Prodeus had revealed last week.

“The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user.”

Click here to read more.

Here is yet another rogue security program that imitates a system scan and reports many false system security threats. Once installed, it will redirect its victims to vs-codec-pro.net where they will be asked to pay for a full version of the program to remove those security issues or infections.

Click here for removal instructions and more details about this fake program.

Websense has a great blog that details how a hacker can use your personal information to damage other systems or hurt you financially. Here is a quote:

Recent hacker activity highlights how insecure we are in the online world. Black hats keep focusing on collecting passwords in many different ways. Instead of breaking the computer security system or brute-forcing pass phrases, they use a variety of easier techniques to get our credentials. The ways they make us give up sensitive information include setting up fake mailing lists, forums, and social network sites to harvest logon details. Then, using this information there is a good chance that the attacker can sign in to valuable sites like social networks or even online banks with the same user name and password.

Websense Security Labs™ ThreatSeeker™ Network has detected that search terms related to the Bloom Energy and its Bloombox Fuel Cell have become the latest target for Blackhat SEO poisoning attacks. MORE

Sometimes you may want to use a smaller file such as a .jpg instead of a bitmap on your computer. To convert a huge bitmap file BMP to a JPG):

1. Open the folder (My Documents, My Pictures) where you saved the bitmap image.

2. Right click on the image and then click Open With. Click the Paint program.

3. On the Paint toolbar, click File to open the menu.

4. Click  Save As.

5. Expand the File As Type box and click on the line JPEG filter.

6. Click the Save button.

7. Close the Paint program.

8. Go back to folder with the original image and delete it.
How to make a Thumbnail photo from a Large Photo File:

1. Locate the photo file in your My Pictures folder.

2. Right click on the photo file.

3. Select OPEN WITH, then PAINT.

4. On the Paint toolbar, click on the word IMAGE to open the menu.

5. Click STRETCH / SKEW.

6. In the STRETCH box change the Horizonal and Vertical % to 10.

7. Click OK.

8. On the Toolbar, click on FILE to open the menu.

9. Click SAVE AS.

10. Give the photo a new name so you won’t overwrite the original photo.

11. Click the SAVE button.

12. Close Paint .
TO make an image appear as your desktop background (wallpaper):

1. Open the folder containing your image.

2. Click on the image you want to use.

3. Right click on the displayed image to open the menu.

4. Click on the words Set as Wallpaper.

5. Close the open folders.

Your desktop will display your image as wallpaper.

Websense Security Labs™ ThreatSeeker™ Network has detected that the ninemsn support Web site (ninemsn.com.au) has been compromised and injected with malicious code. The malicious code was identified to be part of the Gumblar mass injections, and the injected code is hidden deep within the ninemsn ad engine, served on request. The injected code leads to a site that has also been compromised by Gumblar. The compromised code is hidden specifically within the “Women’s Weekly” banner script. Other ad banners are not affected. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered a follow up attack on Zeus campaign targeting government departments. Its research shows that once again the campaign is targeting workers from government and military departments globally. MORE

When you purchase a new computer, there are certain steps you should take before connecting the computer to the Internet.

This following web site offers valuable information for new computer users and it covers a wide variety of operating systems: Click here to learn about this procedure.

“Canonical announced a few hours ago the immediate availability of a new Linux kernel security update for the following Ubuntu distributions: 6.06 LTS (Dapper Drake), 8.04 LTS (Hardy Heron), 8.10 (Intrepid Ibex), 9.04 (Jaunty Jackalope) and 9.10 (Karmic Koala).” MORE

“Adware pushers are capitalizing on the success of Firefox, packing ad serving software in with the program in an effort to increase their reach.” MORE

Websense Security Labs™ ThreatSeeker™ Network has detected that the the Web site of Bollywood Hungama (Bollywoodhungama.com) has been compromised and injected with malicious code. The malicious code was identified to be part of the Gumblar mass injections, and there are multiple injections at the site’s path level. While the main page was injected, the malicious code has been removed. A number of pages at the path level, however, still remain injected. The injected code leads to a site that has also been compromised by Gumblar. At this time, the malicious code isn’t available or reachable, but this could change at any time. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered a new Zeus campaign (a banking data stealing Trojan) which is now targeting government departments. Our research shows that the campaign has especially targeted workers from government and military departments in the UK and US: we found most victims’ email addresses end with .gov. MORE

Twitter says it has identified a scheme that uses compromised file-sharing sites to steal login info. Scammers were then able to use the data to gain access to Twitter and other sites. The main problem: 73% of people share the passwords which they use for online banking, with at least one nonfinancial website. MORE

Microsoft today issued a security advisory to acknowledge an information disclosure hole in its Internet Explorer browser and warned that an attacker could exploit the flaw to access files with an already known filename and location. MORE

To have a fighting chance against today’s rampant security threats, end users have to be informed and proactive. Here are some practical guidelines you can follow to minimize the risk of infection and attack. MORE

This nice article from TechRepublic provides great advise on practical steps we can all take to stay safe online. I do not necessarily agree with the author’s opinion  concerning free spyware scanners. I think there are plenty of great free products available.

And while on the topic of free … why not try running Linux? Chances are most (if not all) our malware worries would just go away. Running Linux from a USB flash drive for casual computing (i.e., web browsing, reading email, word processing and spreadsheet work) is even more secure. There are ways for us to stay safe. The article points some and I wanted to mention others. I wish you happy cyber-trails!

Websense Security Labs™ ThreatSeeker™ Network has discovered a new malicious spam campaign that spoofs Google job application responses. The messages look very well written and are so believable that they are probably scrapes from actual Google job application responses. Typically, spam has grammatical errors or spelling mistakes that make the messages obviously unofficial and act as red flags. The text of these messages, however, has no such mistakes, making them much more believable–especially if the target really has applied for a job with Google. MORE

Here are some sites that may provide you with inspiration, help you with projects, and increase your productivity:

http://spellcheck.net/

Copy and paste text into site for a quick online spell check

http://www.5min.com/

Five minute videos that teach a specific skill.

http://www.monkeysee.com/

Another interesting how-to site

http://www.theweek.com/home

A general information site about popular topics in the news.

http://www.howstuffworks.com/

The dependable how stuff works site is a nice resource for projects.

http://www.instructables.com/

Another site for creative people

http://www.wikihow.com/Main-Page

Probably the most popular how-to site!

http://www.shvoong.com/

This site with the unusual name is a site for summaries and reviews about a variety of subjects.

Websense Security Labs™ ThreatSeeker™ Network has discovered that the home page of the Oklahoma Tax Commission Web site has been compromised with malicious script code. The heavily obfuscated code has been injected at the bottom of the page. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered that search terms related to the forthcoming Apple Tablet announcment have already become the latest target for Blackhat SEO poisoning attacks. MORE

Microsoft warns that a malicious hacker could exploit this vulnerability to run arbitrary code in kernel mode. MORE

Websense® Security Labs™ has reports that emails linking to malicious web-based exploit code that utilizes the vulnerability CVE-2010-0249 have been sent to organizations in a targeted manner since December 2009, and the attack is still on-going. This same vulnerability was used to target Google, Adobe, and approximately 30 other companies in mid-December 2009. MORE

Microsoft confirmed that it plans to release an out-of-band security update to address a zero-day vulnerability in Internet Explorer. The update is undergoing testing now. MORE

PDF stands for Portable Document Format and creating these types of files is useful because when opened, PDF files will look exactly the same for all users no matter what hardware or operating system the computer is using. This would not be the case if the document was provided using other common formats such as Microsoft Word.

In order to open a PDF document, Adobe Reader must be installed. The current version is version 9. It is free software and it can be downloaded here.

In order to create a PDF document, the document must be first created in a separate application, like Microsoft Word, and then printed to PDF. To print to PDF we must install a PDF Printer. There are lots of different options to choose from when deciding on a PDF printer.

Cute PDF Writer can be downloaded here.

Once installed, in order to create a PDF document you simply click on File - Print and Choose the CutePDF printer rather than your printer. Choose what name you wish to call your PDF and then determine where you want to save the file. Click Save.

Websense Security Labs™ ThreatSeeker™ Network has discovered that a popular video called “Paignton Ice Skating for Cars” has been targeted by both SEO poisoning attacks as well as Web spam. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered several spam messages on Facebook that trick the user into visiting BINSSERVICESONLINE(dot)INFO. When the link in the message is clicked, the Web site redirects the user to an online scam site similar to the one we published in the blog Google Scam Kits in mid-December. The use of Facebook to distribute links that lead to Google scam kits is fairly new, and is sure to trick some users into buying the kits. MORE

BitDefender states that spam from botnets would be the main malware threat during 2010.

 Alexandru Catalin Cosoi, Senior Anti-Spam and Anti-Phishing Researcher at BitDefender, stated that competition among cyber criminals would increase regarding the use of botnets for theft of people’s financial and other personal data, as reported by The Canadian Press during the 3rd week of December 2009.

Click here for more details.

Websense Security Labs™ ThreatSeeker™ Network has detected that the Fox Sports site has been compromised and injected with malicious code. Fox Sports is a division of the Fox Broadcasting Company. It specializes in the latest sports news and world sports updates. Fox Sports has an Alexa ranking of 330. MORE

The spread of malicious software, also known as malware or computer viruses, is a growing problem that can lead to crashed computer systems, stolen personal information, and billions of dollars in lost productivity every year. One of the most insidious types of malware is a “rootkit,” which can effectively hide the presence of other spyware or viruses from the user - allowing third parties to steal information from your computer without your knowledge. But now researchers from North Carolina State University have devised a new way to block rootkits and prevent them from taking over your computer systems.

Click here for more details.

According to an advisory from Adobe, the critical vulnerability exists in Adobe Reader and Acrobat 9.2 and earlier versions. It is being exploited in the wild. MORE

Unfortunately, an “Audio Driver Not Found” message is not something you can easily ignore. More often than not, this means you are unable to play sound from your computer system. If your monitor is in fact displaying this message, try not to get frustrated. Many people have the same problem, thus you are not alone. In this article, we will discuss the meaning of “Audio Driver Not Found,” and then we shall go over some possible solutions to this common problem.

The “Audio Driver Not Found” notification commonly appears when you try to play sound on your computer but nothing happens. It can mean one of many things. With that being said, there’s more than one solution to the problem, so you may have to perform a little trial and error before you see any results. To resolve your “Audio Driver Not Found” issues, you can try the following:

• Restart your computer.
• Install the driver off the original OS disc.
• Manually search for a new device driver.

What to Do When Faced with an “Audio Driver Not Found” Message

When you come across the “Audio Driver Not Found” message, one of the first things you should do is restart your system. Sometimes, the applications you have open, or even those running in the background, can interfere with the device driver. If that is indeed the case, a simple reboot should do the trick. Unfortunately, we all know it’s not always that easy.

In all likelihood, you will need to install a new audio driver onto your system. One way you can go about this is by installing the driver off of the operating system disc. Of course, not every computer comes with a backup OS disc. But if yours does, simply insert the disc into your CD ROM drive and try to run the set up that way. If you attempt this method and you still get the “Audio Driver Not Found” notification, keep on reading.

The other option you have is to open the Control Panel and click on the System icon. Once that page opens up, go to the Hardware tab and look for a yellow exclamation mark. If you do see one, double-click on the entry, or you can click once on the small plus sign next to it. The wizard will search for the appropriate driver and then encourage you to proceed with installation. In some cases, the wizard will inform you that you do indeed have an audio driver on the system already, but it is temporarily disabled. From there, you can just enable the software and this may resolve the issue.

When you finally get the proper driver installed, the operating system should automatically detect the new hardware. Thereafter, you will see “New Hardware Found” or “New Hardware Detected” at the bottom of your screen, test it out first before you start celebrating.

It doesn’t matter what type of sound you play—whether it’s a song, a movie, or a YouTube video—you’ll just be glad you don’t have to deal with that repetitive, and annoying, “Audio Driver Not Found” message anymore.

While still a relatively new product, Windows 7 has already proven itself to be a faster, more reliable, and usable operating system. With that said, there are still a few built-in settings that can be tweaked to fine-tune the system and optimize its overall performance. The key to this optimization is the registry.

Every Windows operating system has a registry and the new Windows 7 is no different. If you are going to shell out money on a new OS, it is crucially important to understand what it takes to not only configure the system to meet your specific needs, but maintain its health and keep it running in tiptop condition.

Accessing the Registry in Windows 7

Just like previous versions of the Windows operating system, Windows 7 allows you to edit the registry with a tool known as the Registry Editor. To fire up this tool, click on “Start,” hit “Run,” type “regedit” into the text box, and hit enter. Once you have launched the Registry Editor, you can perform the following tweaks within registry:

1.) Customize the Log-on Screen.

If you want to change the logon screen of Windows 7 to suit your personal preference, the registry is the place to make it happen. From the Registry Editor, navigate to the “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Au thentication\LogonUI” registry key. In the right pane of the editor, add a “ButtonSet” DWORD value and set the value between 0-2. The “0″ value is the default setting that corresponds to darker buttons and lighter text shadows. The “1″ value gives you lighter buttons and darker text shadows. This setting is best suited for desktop with lighter backgrounds. The “2″ value is for no text shadows and opaque buttons. This setting tends to work best with darker desktop backgrounds.

2.) Increase Desktop Speed

To boost the speed of your desktop, navigate to the “HKEY_CURRENT_USER\Control Panel\Desktop” key in the right pane of the Registry Editor and then add the following entries:

“AutoEndTasks”=”1″ - Automatically ends applications that take long periods of time to respond.

“HungAppTimeout”=”1000″ - Instantly terminates hung applications.

“MenuShowDelay”=”8″ - Increases speed of menu display.

“WaitToKillAppTimeout”=”2000″ - Increases speed of submenus.

3.) Increase PC Speed

By tuning the registry in Windows 7, you can dramatically increase speed by configuring your PC to automatically check for low disk space capacity, obsolete files and programs and much more. To do this, navigate to the following registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVe rsion\Policies\Explorer

Next, add these values:

- NoLowDiskSpaceChecks=dword:00000001
- LinkResolveIgnoreLinkInfo=dword:00000001
- NoResolveSearch=dword:00000001
- NoResolveTrack=dword:00000001
- NoInternetOpenWith=dword:00000001

An Important Word about the Registry

Windows 7 is just getting started so you can expect more, and hotter registry tips to come in the very near future. Whether you have a newer or older version of Windows, make it a priority to take care of your registry as this is one of the most vital components of the system. Keeping this area in good condition will better assure that you do not encounter errors and performance problems.

So having said that, do you think are you ready to upgrade to Windows 7?

The e-mail messages contain a link to a bogus Centers for Disease Control and Prevention site with prompts to create a user profile. During this process, a malware file gets planted on the user’s machine. MORE

Security researchers have stumbled upon a new piece of ransomware that blocks an infected computer from accessing the Internet until a fee is paid via SMS (text message). MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered that the Koobface malware campaign is now using a Christmas theme. Recent developments by Koobface have included use of Google Reader. MORE

Are you tired of wasting ink and paper printing information from a web page? Try the interesting features on PrintWhatYouLike.com

PrintWhatYouLike.com was created by Jonathan Koomjian and Cassie Schmitz, two web developers in Des Moines, Iowa who were frustrated that there was no way to print web pages without wasting reams of paper and ink.

Try it and then post a comment to this blog if you like it!

Click here to print only the text and/or images that you want.

This site works best on Firefox, IE7+, Safari, Chrome, or Opera.

Security researchers have detected a massive blackhat SEO (search engine optimization) campaign consisting of over 200, 000 compromised web sites, all redirecting to fake security software, commonly referred to as scareware.

Click here for more information.

The Internet is becoming very dangerous place because there’s the extremely  high number of legitimate Web site pages that become compromised with malware every day: Malware incidents are cropping up as often on open source-based Web sites as with sites that cater to Windows users.

Researchers at security firm Kaspersky, after employing security tools which scrutinize tweets (messages) on Twitter for possible threats, have apparently found that website is being popularly used as a platform to launch attacks.

Many of the malicious URLs apparently point to regular spam, but a large percentage of them are also linking to legitimate websites that have been compromised in mass injection attacks and are now attempting to infect visitors. Then there’s the URLs generated by worms such as Koobface, the ones used to distribute scareware and links pointing to phishing websites.

There may well have been a surge of attacks on Halloween weekend, as anti virus companies noted that Halloween-themed viruses are on the rise.

Using a variety of methods, malware creators lead people to infected websites or attachments by disguising them as spooky and fun themes on emails and social networking sites.

Here is a list of the top nine security threats of 2009 for businesses

1. Malicious Insiders

2. Malware

3. Exploited Vulnerabilities

4. Social Engineering

5. Careless Employees

6. Reduced Budgets

7. Remote Workers

8. Unstable Third Party Providers

9. Downloaded Software Including Open Source and P2P Files

Websense Security Labs™ ThreatSeeker™ Network has detected that the site media-servers.net has been compromised and injected with malicious code. The Web site belongs to a high-profile advertiser on the Internet realm. It’s important to note that media-servers.net serves advertising content from ad.media-servers.net, and that this site is clean. The injected code is part of an ongoing mass injection campaign that compromised thousands of legitimate Web sites. Websense Security labs have been tracking this campaign for months. MORE

In anticipation of the Thursday release of Windows 7, Microsoft unveiled its Compatibility Center, an online database that provides information on which products from which manufacturers will be compatible with Windows 7. The site features a drop-down menu from which you select hardware or software. Enter the name of a product and search the company’s database for information.

The site also allows consumers to search by categories, such as “music and MP3″ and “communication and Internet” under the software heading, or “media players and TV devices” in hardware. Users can also locate results by brand and compatibility, and the site provides links to drivers and software updates.

We have thousands of products listed and will continue to add thousands more over the coming months,” Mark Relph, vice president of Microsoft’s Developer & Platform Evangelism (DPE) Group, wrote in a blog post. “If you don’t see a product listed on the site, please suggest an addition.”

Windows 7 Upgrade Advisor scans your computer to determine if your system will be able to run Windows 7 without displaying the ever-popular blue screen of death. It checks to see if your PC meets the system requirements, lets you know if your processor is capable of running 64-bit versions of Windows 7 and gives guidance on your upgrade options

Click here to take a video tour of Windows 7

Websense® Security Labs™ ThreatSeeker™ Network has discovered a new wave of malicious email attacks claiming to be a password reset confirmation from Facebook. The From: address on the messages is spoofed using support@facebook.com to make the messages believable to recipients. The messages contain a .zip file attachment with an .exe file inside. The .exe file currently has a detection rate of about 30 percent on VirusTotal. Our ThreatSeeker?Network has seen up to 90,000 of these messages sent out so far today. MORE

Microsoft Outlook is the most popular mail client in the world, offering a variety of convenient ways to organize and manage your mail. Many Outlook users customize their environment by sorting incoming mail into numerous folders (some even go as far as to split the Outlook PST data file to ensure messages are properly segregated or for easier PST size handling.) What happens to these personal Outlook settings when you need to recover from a system crash or move to a new computer altogether? Read on for the answer.

As you probably already know, a considerable amount of Outlook data, such as your mail and rules, are typically stored on a server. However, your toolbar settings, folder properties and other email settings are stored locally. If you have to switch over to a new computer or reinstall the Outlook application, most of these settings will be lost. Indeed, this may not be a serious problem but that doesn’t negate from the frustration you are bound to experience.

Just imagine having to recreate an Outlook toolbar with more than 50 shortcuts. It can be a tedious venture to say the least. Worry no more because this article will show you how to save your Outlook settings for backup purposes and then transfer them over to another computer

An Alternative Outlook Backup and Transfer Method

There are actually quite a few ways to backup your Outlook settings and transfer them. You can use a backup software program to store the files onto storage media or use the integrated Files Settings and Transfer Wizard to facilitate the transfer. We will go over a method that isn’t as common yet works just the same - going through the registry.

Note: As always, we remind you that care must be taken when fiddling with the Windows registry!

Data about your mail and Outlook settings are stored in a key in the Windows registry. In order to access this area, you must launch the built-in registry editor. Open the “Start” menu, click “Run” and type “regedit” in the command field. Look for the registry key “HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager.” After locating the key, right-click on it and save it with a name something like “outlook.reg”

Take note that as an alternative, you can also go through MS Outlook to save the data one account at a time. From Outlook, click “Tools”, select “Accounts, then “Export” and specify the name of the file to save the settings. Keep in mind that it is advisable to do this for each individual account.

Getting Your Outlook Settings on the New Computer

When moving to a new computer, the values for MS Outlook in the registry may look different from the old system. In this case, you would need to manually change the values actually being used. Here is a method that works:

- Take the registry file you created on your old computer and transfer it to the new PC.

- On the new computer, search for the email settings of the new Outlook application. Once you find them, you will have the new values.

- Next, open the transferred registry file with a text editor and perform a “Search and Replace”,

- Replace the old value with the new one, save the file and it should import your old Outlook settings into the new registry.

Conclusion

As we mentioned, there are several methods that can be used to transfer Outlook settings. This just happens to be one of many that works every time.

One of the symptoms of this malware is the following pop-up may suddenly appear in FireFox browser:

While the vulnerability is in an IE component, there is an attack vector for Firefox users as well. The reason is that .NET Framework 3.5 SP1 installs a “Windows Presentation Foundation” plug-in in Firefox, as shown above.

So many downloads that are related to one program or browser will affect other programs or browsers. You have to watch that you don’t end up with ad ware when you download ANY tool or toolbar add on for a browser. You have to read every screen and uncheck featuresthat you don’t want.

Click here for more information.

Websense® Security Labs™ ThreatSeeker™ Network has discovered a new wave of malicious attacks claiming to be an update for Microsoft Outlook Web Access (OWA). Victims receive a message leading to a site to apply mailbox settings which were supposedly changed due to a “security upgrade.” The especially dangerous thing about these messages is that they are very deceiving. The messages and attack pages are personalized for the To: email address to imply the message is being sent from tech support of the domain. The URL in the email looks like it leads to the company’s own OWA system. We have seen upwards of 30,000 of these messages per hour and they have low AV detection. MORE

Google Squared, the ambitious project that delivers search results as a table, has received an update that improves both the quality and quantity of the information it presents.

The changes increase the amount of data that can be displayed in a “square” from 30 facts to 120. It also ranks facts based on relevance to the query and the quality of the information Google finds. “Squared returns a ’square’ (or table) of facts, obtained from across the Internet,” wrote Noah Weiss, Associate Product Manager, and Randy Brown, Software Engineer.
“For example, if you search Squared for [US presidents], each row on the resulting table represents a particular United States President, and the columns include relevant facts about him, such as date of birth, a picture and a short description.

“At launch, your first square could include at most 30 facts. With today’s update, squares display four times as much data - up to 120 facts. For example, instead of seeing only five presidents and three categories, now you’ll see a table with 20 presidents and up to six attributes.”
Google Squared was launched June 3 and is a project of Google Labs, the company’s in-house technology incubator.

Google Squared has received an update that improves both the quality and quantity of the information it presents. The changes increase the amount of data that can be displayed in a “square” from 30 facts to 120. It also ranks facts based on relevance to the query and the quality of the information Google finds.

“Squared returns a ’square’ (or table) of facts, sourced from across the Internet,” wrote Noah Weiss, Associate Product Manager, and Randy Brown, Software Engineer, in the post. For example, if you search Squared for U.S. presidents, each row on the resulting table represents a particular United States President, and the columns include relevant facts about him, such as date of birth, a picture and a short description.

The update also adds the ability to sort data and export from a Square to a Google Spreadsheet or a CSV file. “For example, you can build a square for [African countries], add more items and columns, and examine the relationship between the literacy rate and GDP per capita. Once you’ve built your square to contain all the information you need, you can export the square to Google Spreadsheets and create a rough scatter plot.”

Google Squared is taking on a very difficult problem–collecting facts from all over the Web and presenting them in a useful form. It doesn’t quite manage that, yet, but the task is enormously complex and it is good to see progress being made.

Google says that much work needs to be done before Squared will leave the experimental stage. In its experimental stage, Squared demonstrates an important future direction in search: understanding structured data from across the web to build new tools for organizing and presenting information.”

Google Squared is not ready to be an everyday part of most people’s lives yet. However, it is worth a look when you have a few extra moments and would like to see a unique view of your search results.

Google Squared was launched June 3 and is a project of Google Labs, the company’s in-house technology incubator.

Click here to try Google Squared.

Websense Security Labs™ ThreatSeeker Network has discovered that the official Isuzu Web site in Turkey has been injected with a malicious iframe redirector. Isuzu is one of the well-known Japanese commercial vehicle and truck manufacturing companies, particularly in the Asian and European regions. MORE

A new era of computing is on the rise and viruses, spies and malware developers are tagging along for the ride.The new playground for hackers is “the cloud,” the term for computer applications and services hosted on the Internet. Some of the devices making the cloud more popular these days are BlackBerries and other smartphones. MORE

Cyber crime gangs in China are penetrating the hard disk recovery cards on computers in Internet cafes and using a combination of zero-day flaws, rootkits and ARP spoofing techniques to steal billions of dollars worth of online gaming credentials.

According to Microsoft anti-virus researcher Chun Feng, five generations of the Win32/Dogrobot malware family have perfected the novel rootkit technique to hijack System Restore on Windows — effectively allowing the malicious file to survive even after the compromised machine is reverted to its previous clean state.

At the Virus Bulletin 2009 conference, Feng provided a fascinating look at the techniques used by Dogrobot, which is directly linked to the lucrative underground trading of online gaming assets like passwords and virtual property.

According to data presented by Feng, the Dogrobot family has caused more than USD$1.2 billion in losses to Chinese Internet cafes.

He explained that earlier Dogrobot used disk-level I/O file manipulation to penetrate System Restore but, as the malware evolved, it started using a “backdoor” that already exists in the System Restore functionality.  A third generation introduced extensive unhooking code to thwart the protection offered by security programs and avoid removal.

Along the way, Feng discovered that newer variants were tweaked to get around security software and strengthen the code’s ability to maintain persistent stealth on compromised Windows computers.

In China, Internet cafes are very popular among the online gaming crowd where the use of USB sticks with account credentials is the norm.  Dogrobot takes advantage of this, abusing the USB AutoRun functionality on older machines to propagate.

He explained that the malware author has found success exploiting zero-day ActiveX vulnerabilities and other flaws in Windows OS and third-party software — especially RealPlayer and WebThunder.

The attackers also use ARP cache poisoning to send malicious ARP packets to instruct other machines within the same LAN to download Dogrobot samples.

Because of serious eye problems that almost caused me to lose my sight, I was inspired by Dr. Lahav’s work in software development for the blind and visually impaired. In 2000, Dr. Lahav has studied the use of a diagnostic and remedial adaptive computer tool to help students with low vision decrease their spelling mistakes. The results showed a clear change in the student’s performance, from phonetic writing to process writing; a gradual evolution to automation in spelling and model word retrieval; and the central role of the computer tools in improving the student’s performance.

Dr.Orly Lahav of Tel Aviv University’s School of Education and Porter School for Environmental Studies wanted to give navigational “sight” to the blind, and so Dr. Lahav has invented a new software tool to help the blind navigate through unfamiliar places.The blind and visually impaired often rely on others to provide cues and information on navigating through their environments and Dr. Lahav’s new software tool will surely improve their quality of life!

Click here to read about this new software.

Windows XP’s share of the OS usage market fell 1.1 percentage points during August, tying its November 2008 record drop according to Preston Gralla of Computerworld.

At the same time, Vista and Windows 7 use has increased. Windows XP is still dominant, though, with 71.8 percent use, compared to 18.8 percent for Vista, and 1.2 percent for Windows 7. Mac OS X use has stalled, with 4.9 percent share. XP’s continuing dominance presents a serious problem for Microsoft. Enterprises staying with XP means they’re not paying for upgrades to Vista or Windows 7.  Windows XP users don’t buy new PCs, and so Microsoft is losing out on new sales.

Click here to read the article in PC World.

Websense Security Labs™ ThreatSeeker Network has detected that Google searches on terms related to Labor Day sales return results that lead to rogue antivirus software. Labor Day is one of the biggest holidays observed in the US each year. Retail sales events held during this weekend are some of the most anticipated throughout the country. MORE