protonic.blog

Internet Explorer celebrates its 15th birthday on Monday. The first version of the browser, Internet Explorer 1, debuted on August 16, 1995. It was based on Mosaic, a web browser Microsoft had licensed from a company called Spyglass Inc. Starting with version 3.0, Microsoft started bundling Internet Explorer with Windows, which increased its market share dramatically and it pushed Netscape Navigator out of the market completely.

As Internet Explorer’s market dominance started to wane, Firefox, a free, open source browser was launched in 2004, which was supposed to surpass IE6. After a couple of years Microsoft improved Internet Explorer again, with IE7 launched as a big improvement on IE6 when it came to security and stability.

Internet Explorer now has a combined market share of 60.74%, Firefox is at 23.75% followed by Chrome , Safari, Opera and others.

Microsoft is preparing for the launch of Internet Explorer 9 on September 15, 2010.

The IE 9 builds Microsoft has released so far have been targeted for developers. They include the new Microsoft JavaScript engine (which is codenamed “Chakra”) and a new graphics subsystem, combined with a home page full of test sites. There is no back button and no built-in security. It’s basically the IE 9 rendering engine and early tools.

IE9 Beta needs either Windows Vista or Windows 7 (sorry…..no XP) and will also require users to forgo their current installation of Internet Explorer. Among the key features of IE9 is its support for HTML5, an improved JavaScript engine, and the ability to access a computer’s graphics chip to accelerate text and image rendering.

For those who don’t want to, or cannot install the beta, Microsoft plans to continue to offer and update its technical preview of the browser engine, which runs side-by-side with earlier versions of IE.

As a former National Security Agency (NSA) director, Retired Gen. Michael Hayden has seen first hand the realities of cyber-warfare.

During his keynote speech at the Black Hat security conference in Las Vegas, Hayden discussed those realities, underscoring the importance of clearly defining what cyber-war really is.

The question of what constitutes a cyber-attack and how the nation should respond has become an open topic of discussion during the Obama administration, which declared cyber-security a national security priority in 2009. But between reports of targeted attacks against smart grids and the disclosure of documents about the war in Afghanistan on WikiLeaks show, the line between cyber-espionage, attacks and other activities can sometimes be difficult to draw.

Click here to read more about this frightening threat.

People are still not understanding that their lives on social networks affects their ability to get a job and keep the job. Just because we CAN say anything doesn’t mean we SHOULD.
Click here to read more.

Microsoft is releasing its third “platform preview” of Internet Explorer 9, which will give web developers and designers a preview of the new technologies coming in the next version of its browser. It will be available for download on the IE9 Test Drive site, but Internet Explorer Platform Preview requires that you have Windows Vista or Windows 7 installed on your computer..

Click here to try the demos.

Are you becoming more impatient with traffic jams and slow Internet speeds?

Click here to read about this disturbing trend.

Macintosh computers are not as popular as Windows, but you might want to consider adding a Mac to your life.

Click here to read what happened to this Mac user who decided to use his wife’s Windows computer to log into his company’s bank account.

If you have copied any sensitive documents lately there is a possibility that those documents still exist on the hard drive inside the copier you used. A CBS News team bought up some used copiers; they reported all kinds of personal data stored within. The Federal Trade Commission has verified that this is a real problem for businesses.

Click here to read about the five common mistakes businesses make that compromise printer security:

Security researchers at Matousec.com have come up with an ingenious attack that can bypass every Windows security product tested and allow malicious code to make its way to your computer. As you can see the list is very long!

Click here for more information.

Gadget site uncovers simple way to force other users to follow you, even big movie and TV stars, but Twitter staffers rush out a fix to the weakness in the system. MORE

“According to various reports, in the past few days a number of websites created using WordPress have been hacked.” MORE

The problems with security and privacy on Facebook hit a new gear today with news that a site vulnerability exposed live chat sessions and other private user data. MORE

Barnaby Jack, a security researcher plans to give the talk, entitled Jackpotting Automated Teller Machines, at the Black Hat Las Vegas conference, held July 28 and 29, 2010.

Click here for more information.

Mr Jack will demonstrate several ways of attacking ATM machines, including remote, network-based attacks. He will also reveal a “multi-platform ATM rootkit,” and will discuss things that the ATM industry can do to protect itself from such attacks. Jack doesn’t say which ATMs he plans to discuss, but it could be any major vendor, according to Black Hat Director Jeff Moss. “He’s got a living room full of a lot of different brands of ATMs, and they all seem to suffer from one or the other problem,” he said.

ATMs haven’t received a lot of serious scrutiny by security researchers, so Jack’s talk will break new ground.

There are more than 28 new victims of identity theft every minute! Even worse, cases of identity theft have continued to increase dramatically year after year since 2001.

An identity thief can use your stolen identity to receive medical treatment, rent a car, lease an apartment, apply for a job…they could even commit a crime in your name!

Never post your IP address in a public place because once a hacker knows your Internet Protocol (IP) address e.g. 122.453.002.03) they can begin hacking you.

Always run your firewall and antivirus programs first. Your firewall and antivirus programs should always be running before your computer connects to the Internet. If for some reason you want to turn these programs off, make sure you have first disconnected from the Internet. It is also a very good idea to enable automatic software updates in these programs so they stay up-to-date.

When you are not using your computer, disconnect it from the Internet. One of the worst things that can happen is when a hacker breaks into your computer and you don’t even know it. To prevent unknown attacks, your computer should be disconnected from the Internet when not in use.

There are various ways to disconnect from the Internet, you could: shut down the computer, put the computer in Windows’ Standby mode (Start/Shutdown/Standby), break the Windows’ Internet connection, or power down your modem or unplug your LAN cable. Some firewalls come with a blocking function which blocks all incoming and outgoing connections to the Internet.

Using a firewall in addition to anti-virus software helps keep your computer safe from viruses AND hackers.

With the ever increasing popularity of wireless internet connections, individuals are now often connecting to unsecured Wi-Fi networks to access the Internet instead of paying for their own accounts. The person with the unsecured wi-fi connection is at risk and so is the person suing that connection.

The most effective defensive strategy against all types of hacking is to simply ensure you are never connected to a wireless network that does not have a password protection. If you are setting up your own network, enable the password protection and keep the password information in a secure place. You will need this information at a later date if you decide to access the connection with more computers in your home.

Oops, they did it again. McAfee released an update to its antivirus definitions for corporate customers that mistakenly deleted a crucial Windows XP file, sending systems into a reboot loop and requiring tedious manual repairs. It’s not the first strike for the company, either. MORE

Have you been receiving emails with this header lately?
Facebook Password Reset Confirmation! Your Support.
If so, then be sure to DELETE it right away as its a password scam specifically attacking Facebook users.

I can’t even remember the first time “I” got this email but it immediately struck me as odd. You know why? ANYTHING that talks about “passwords” is already fishy right? And this email even ask you to download something… DOUBLE FISHY!

Here’s the content of this Facebook email scam so you get familiar with it.

If you click on the document attached to the SPAM email, you open the door of your Facebook account to hackers whose sole objective is to STEAL passwords from Facebook users’ profiles, giving them access to loads of private and personal stuff on you AND your Facebook friends.

When I first got this message, I just deleted it but I started to receive like 5-10 DAILY so I zapped it with an anti-virus program. It worked but now I am getting it again and it has a different “From:” information this time. If before it the email was from “Facebook Security”, now it’s from “Facebook Messages Center”. But yes, it’s still the same bad trick so do beware!

===
Infected with malware already or want to know what to do in such an event?
Find out what you can do to uninstall malware from your PC.

World Wide Web inventor Sir Tim Berners-Lee plans to establish “web science.”

British prime minister Gordon Brown is promising £30 million to fund the establishment of a UK-based “Institute of Web Science” to be jointly run by two of the UK’s leading research universities.

Click here for more information.

The Transport Layer is a network service that provides end-to-end communications between two parties, while hiding the details of the communications network.

There is a defect in the system that allows individuals to obtain false intermediate certificates for SSL encrypted trust connections.

Click here for more information.

Websense Security Labs™ ThreatSeeker™ Network has discovered a new wave of email attacks targeting the Skype Email Toolbar this Monday. Until now, the amount of the spam is not large, but we believe it will increase. MORE

Notepad is a nice little program to view plain text files. Now, there are a lots of Notepad replacements that are very good and they also have great features.

Click here to read more.

Websense Security Lab™ ThreatSeeker™ Network has discovered that search terms related to Corey Haim have become the latest target for Blackhat SEO. MORE

A word of caution to Facebook users: be careful when clicking links on Facebook, even if they’re on your friend’s page or your favorite superstar’s page. MORE

Websense® Security Labs™ ThreatSeeker™ Network has been monitoring the latest WordPress injection attack for over 2 weeks and has found over 250,000 injections occurring in the past half month. Moreover, over 37,000 URLs in the wild are still being injected according to our observations. As the following chart shows, the daily stats go up and down a few times and always end up higher, so we believe the hackers are still continuing their attack. MORE

The advisory has been issued regarding an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE). In the advisory, Microsoft confirmed the unpatched bug in VBScript that Polish researcher Maurycy Prodeus had revealed last week.

“The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user.”

Click here to read more.

Here is yet another rogue security program that imitates a system scan and reports many false system security threats. Once installed, it will redirect its victims to vs-codec-pro.net where they will be asked to pay for a full version of the program to remove those security issues or infections.

Click here for removal instructions and more details about this fake program.

Websense has a great blog that details how a hacker can use your personal information to damage other systems or hurt you financially. Here is a quote:

Recent hacker activity highlights how insecure we are in the online world. Black hats keep focusing on collecting passwords in many different ways. Instead of breaking the computer security system or brute-forcing pass phrases, they use a variety of easier techniques to get our credentials. The ways they make us give up sensitive information include setting up fake mailing lists, forums, and social network sites to harvest logon details. Then, using this information there is a good chance that the attacker can sign in to valuable sites like social networks or even online banks with the same user name and password.

Websense Security Labs™ ThreatSeeker™ Network has detected that search terms related to the Bloom Energy and its Bloombox Fuel Cell have become the latest target for Blackhat SEO poisoning attacks. MORE

Sometimes you may want to use a smaller file such as a .jpg instead of a bitmap on your computer. To convert a huge bitmap file BMP to a JPG):

1. Open the folder (My Documents, My Pictures) where you saved the bitmap image.

2. Right click on the image and then click Open With. Click the Paint program.

3. On the Paint toolbar, click File to open the menu.

4. Click  Save As.

5. Expand the File As Type box and click on the line JPEG filter.

6. Click the Save button.

7. Close the Paint program.

8. Go back to folder with the original image and delete it.
How to make a Thumbnail photo from a Large Photo File:

1. Locate the photo file in your My Pictures folder.

2. Right click on the photo file.

3. Select OPEN WITH, then PAINT.

4. On the Paint toolbar, click on the word IMAGE to open the menu.

5. Click STRETCH / SKEW.

6. In the STRETCH box change the Horizonal and Vertical % to 10.

7. Click OK.

8. On the Toolbar, click on FILE to open the menu.

9. Click SAVE AS.

10. Give the photo a new name so you won’t overwrite the original photo.

11. Click the SAVE button.

12. Close Paint .
TO make an image appear as your desktop background (wallpaper):

1. Open the folder containing your image.

2. Click on the image you want to use.

3. Right click on the displayed image to open the menu.

4. Click on the words Set as Wallpaper.

5. Close the open folders.

Your desktop will display your image as wallpaper.

Websense Security Labs™ ThreatSeeker™ Network has detected that the ninemsn support Web site (ninemsn.com.au) has been compromised and injected with malicious code. The malicious code was identified to be part of the Gumblar mass injections, and the injected code is hidden deep within the ninemsn ad engine, served on request. The injected code leads to a site that has also been compromised by Gumblar. The compromised code is hidden specifically within the “Women’s Weekly” banner script. Other ad banners are not affected. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered a follow up attack on Zeus campaign targeting government departments. Its research shows that once again the campaign is targeting workers from government and military departments globally. MORE

“Canonical announced a few hours ago the immediate availability of a new Linux kernel security update for the following Ubuntu distributions: 6.06 LTS (Dapper Drake), 8.04 LTS (Hardy Heron), 8.10 (Intrepid Ibex), 9.04 (Jaunty Jackalope) and 9.10 (Karmic Koala).” MORE

“Adware pushers are capitalizing on the success of Firefox, packing ad serving software in with the program in an effort to increase their reach.” MORE

Websense Security Labs™ ThreatSeeker™ Network has detected that the the Web site of Bollywood Hungama (Bollywoodhungama.com) has been compromised and injected with malicious code. The malicious code was identified to be part of the Gumblar mass injections, and there are multiple injections at the site’s path level. While the main page was injected, the malicious code has been removed. A number of pages at the path level, however, still remain injected. The injected code leads to a site that has also been compromised by Gumblar. At this time, the malicious code isn’t available or reachable, but this could change at any time. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered a new Zeus campaign (a banking data stealing Trojan) which is now targeting government departments. Our research shows that the campaign has especially targeted workers from government and military departments in the UK and US: we found most victims’ email addresses end with .gov. MORE

Twitter says it has identified a scheme that uses compromised file-sharing sites to steal login info. Scammers were then able to use the data to gain access to Twitter and other sites. The main problem: 73% of people share the passwords which they use for online banking, with at least one nonfinancial website. MORE

Microsoft today issued a security advisory to acknowledge an information disclosure hole in its Internet Explorer browser and warned that an attacker could exploit the flaw to access files with an already known filename and location. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered a new malicious spam campaign that spoofs Google job application responses. The messages look very well written and are so believable that they are probably scrapes from actual Google job application responses. Typically, spam has grammatical errors or spelling mistakes that make the messages obviously unofficial and act as red flags. The text of these messages, however, has no such mistakes, making them much more believable–especially if the target really has applied for a job with Google. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered that the home page of the Oklahoma Tax Commission Web site has been compromised with malicious script code. The heavily obfuscated code has been injected at the bottom of the page. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered that search terms related to the forthcoming Apple Tablet announcment have already become the latest target for Blackhat SEO poisoning attacks. MORE

Microsoft warns that a malicious hacker could exploit this vulnerability to run arbitrary code in kernel mode. MORE

Websense® Security Labs™ has reports that emails linking to malicious web-based exploit code that utilizes the vulnerability CVE-2010-0249 have been sent to organizations in a targeted manner since December 2009, and the attack is still on-going. This same vulnerability was used to target Google, Adobe, and approximately 30 other companies in mid-December 2009. MORE

Microsoft confirmed that it plans to release an out-of-band security update to address a zero-day vulnerability in Internet Explorer. The update is undergoing testing now. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered that a popular video called “Paignton Ice Skating for Cars” has been targeted by both SEO poisoning attacks as well as Web spam. MORE

Websense Security Labs™ ThreatSeeker™ Network has discovered several spam messages on Facebook that trick the user into visiting BINSSERVICESONLINE(dot)INFO. When the link in the message is clicked, the Web site redirects the user to an online scam site similar to the one we published in the blog Google Scam Kits in mid-December. The use of Facebook to distribute links that lead to Google scam kits is fairly new, and is sure to trick some users into buying the kits. MORE

BitDefender states that spam from botnets would be the main malware threat during 2010.

 Alexandru Catalin Cosoi, Senior Anti-Spam and Anti-Phishing Researcher at BitDefender, stated that competition among cyber criminals would increase regarding the use of botnets for theft of people’s financial and other personal data, as reported by The Canadian Press during the 3rd week of December 2009.

Click here for more details.

Websense Security Labs™ ThreatSeeker™ Network has detected that the Fox Sports site has been compromised and injected with malicious code. Fox Sports is a division of the Fox Broadcasting Company. It specializes in the latest sports news and world sports updates. Fox Sports has an Alexa ranking of 330. MORE

The spread of malicious software, also known as malware or computer viruses, is a growing problem that can lead to crashed computer systems, stolen personal information, and billions of dollars in lost productivity every year. One of the most insidious types of malware is a “rootkit,” which can effectively hide the presence of other spyware or viruses from the user – allowing third parties to steal information from your computer without your knowledge. But now researchers from North Carolina State University have devised a new way to block rootkits and prevent them from taking over your computer systems.

Click here for more details.

According to an advisory from Adobe, the critical vulnerability exists in Adobe Reader and Acrobat 9.2 and earlier versions. It is being exploited in the wild. MORE

While still a relatively new product, Windows 7 has already proven itself to be a faster, more reliable, and usable operating system. With that said, there are still a few built-in settings that can be tweaked to fine-tune the system and optimize its overall performance. The key to this optimization is the registry.

Every Windows operating system has a registry and the new Windows 7 is no different. If you are going to shell out money on a new OS, it is crucially important to understand what it takes to not only configure the system to meet your specific needs, but maintain its health and keep it running in tiptop condition.

Accessing the Registry in Windows 7

Just like previous versions of the Windows operating system, Windows 7 allows you to edit the registry with a tool known as the Registry Editor. To fire up this tool, click on “Start,” hit “Run,” type “regedit” into the text box, and hit enter. Once you have launched the Registry Editor, you can perform the following tweaks within registry:

1.) Customize the Log-on Screen.

If you want to change the logon screen of Windows 7 to suit your personal preference, the registry is the place to make it happen. From the Registry Editor, navigate to the “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Au thentication\LogonUI” registry key. In the right pane of the editor, add a “ButtonSet” DWORD value and set the value between 0-2. The “0″ value is the default setting that corresponds to darker buttons and lighter text shadows. The “1″ value gives you lighter buttons and darker text shadows. This setting is best suited for desktop with lighter backgrounds. The “2″ value is for no text shadows and opaque buttons. This setting tends to work best with darker desktop backgrounds.

2.) Increase Desktop Speed

To boost the speed of your desktop, navigate to the “HKEY_CURRENT_USER\Control Panel\Desktop” key in the right pane of the Registry Editor and then add the following entries:

“AutoEndTasks”=”1″ – Automatically ends applications that take long periods of time to respond.

“HungAppTimeout”=”1000″ – Instantly terminates hung applications.

“MenuShowDelay”=”8″ – Increases speed of menu display.

“WaitToKillAppTimeout”=”2000″ – Increases speed of submenus.

3.) Increase PC Speed

By tuning the registry in Windows 7, you can dramatically increase speed by configuring your PC to automatically check for low disk space capacity, obsolete files and programs and much more. To do this, navigate to the following registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVe rsion\Policies\Explorer

Next, add these values:

- NoLowDiskSpaceChecks=dword:00000001
- LinkResolveIgnoreLinkInfo=dword:00000001
- NoResolveSearch=dword:00000001
- NoResolveTrack=dword:00000001
- NoInternetOpenWith=dword:00000001

An Important Word about the Registry

Windows 7 is just getting started so you can expect more, and hotter registry tips to come in the very near future. Whether you have a newer or older version of Windows, make it a priority to take care of your registry as this is one of the most vital components of the system. Keeping this area in good condition will better assure that you do not encounter errors and performance problems.

So having said that, do you think are you ready to upgrade to Windows 7?

The e-mail messages contain a link to a bogus Centers for Disease Control and Prevention site with prompts to create a user profile. During this process, a malware file gets planted on the user’s machine. MORE

Security researchers have stumbled upon a new piece of ransomware that blocks an infected computer from accessing the Internet until a fee is paid via SMS (text message). MORE