Screenshot from my visit to the IE Antivirus Free Scanner Web Page:

Can you spot what’s not right with this picture?  The answer is found in the red-boxed text.

Somehow they managed to identify my Operating System as Windows, when my Browser information says I’m on Linux.

Now keep in mind that your Operating System is part of the information transmitted by your web browser when connecting to a web site.

Things that make you go H’m!

Stay tuned more to follow of this particular scam.

There has been some interesting developments with Enigma Software Group, Inc of late. First a corporate name change to City Loan, Inc; and now new developments on their web site.

Is this a simple case of hacking?

Coverage at the Certifiedbug.com Blog:
Enigma software, have they been hacked, or…
Enigma of enigma software

Coverage at Vitalsecurity.org:
Scan your entire computer to detect…..wait, what…

Enigma has a somewhat controversial past:
Enigma Software, A Mystery?
Enigma Software Group did it again?
Anti-Spyware 101: Another Site Pushing SpyHunter
SpyHunter, should this be listed as a Rogue Anti-Spyware Application?
411-spyware.com - The new forum spammers?
Spyware Help: Intent Matters Alot:Part 2
I’m on it, Get on it, The troops are on fire

EDIT: Added link to write up by PaperGhost over at Vitalsecurity.org

In May 2007, Bellvue, Wash.-based Zango, a company that makes software to serve pop-up ads and tracks users’ activities on behalf of online marketers, sued Kaspersky, charging that the company interfered with its business by removing its “adware” without first alerting the user. Kaspersky is hardly alone in classifying Zango’s software as

read more | digg story

think you can tell if you have a virus without av? think you’re smart enough to avoid viruses? you might need to think again

read more | digg story

Posted today by Chris Keroack [MSFT] at 21 Apr 2008 5:04 PM UTC on TechNet Forums

Today we are happy to announce that Windows XP Service Pack 3 (SP3) has released to manufacturing (RTM). Windows XP SP3 bits are now working their way through our manufacturing channels to be available to OEM and Enterprise customers.

We are also in the final stages of preparing for release to the web (i.e. you!) on April 29th, via Windows Update and the Microsoft Download Center. Online documentation for Windows XP SP3, such as Microsoft Knowledge Base articles and the Microsoft TechNet Windows XP TechCenter, will be updated then. For customers who use Windows XP at home, Windows XP SP3 Automatic Update distribution for users at home will begin in early summer.

Thanks to everyone here who installed the public betas – you not only gave us detailed feedback but also helped each other out with timely troubleshooting. Through the beta program we found several important issues and were able to confirm some essential fixes. We couldn’t have done this without you.

We will still be monitoring this forum during the next few weeks in case you have more feedback about the release of Windows XP SP3.

On behalf of myself, Shashank Bansal and Windows Serviceability, many thanks.

Chris Keroack
Release Manager, Windows XP Service Pack 3
Windows Serviceability

Microsoft Security Advisory (951306)

Vulnerability in Windows Could Allow Elevation of Privilege

Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run in an authenticated context, such as within Internet Information Services (IIS) and SQL Server, should review this advisory. Hosting providers may be at increased risk from this elevation of privilege vulnerability.

Currently, Microsoft is not aware of any attacks attempting to exploit the potential vulnerability. Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

General Information

Purpose of Advisory: To provide customers with the initial notification and provide additional information regarding the impact to Windows service accounts. For more information, see the Workarounds and Suggested Actions sections of the security advisory.

Advisory Status: Advisory published.

Recommendation: Review the suggested actions and configure as appropriate.

This advisory discusses the following software.

Frequently Asked Questions

Originally posted at Photo Matt

Since people are asking, this so-called alert on Security Focus appears to be completely false and has no information that an attacker or the WordPress developers could use. It is completely content-free, except for making claims that every version of WP since 2.0 is vulnerable.

Online, apparently, it’s fine for someone to run into a crowded theatre and yell “fire” and the less basis there is in fact the more people link to them. It’s not uncommon to see crying-wolf reports like the above several times in a week, and a big part of what the WP security team is sifting through things to see what’s valid or not.  [More ...]

Secunia Advisory: SA29526
Release Date: 2008-03-26
Critical: Highly critical

Description:
Some vulnerabilities and weaknesses have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user’s system.

1. An unspecified error in the handling of “XPCNativeWrappers” can lead to the execution of arbitrary Javascript code with the user’s privileges via “setTimeout()” calls.

2. Various errors in the handling of Javascript code can be exploited to conduct cross-site scripting attacks or execute arbitrary code.

3. Various errors in the layout engine can be exploited to cause a memory corruption.

4. Various errors in the Javascript engine can be exploited to cause a memory corruption.

Successful exploitation of these vulnerabilities may allow execution of arbitrary code.

5. An error within the handling of HTTP “Referer:” headers sent with requests to URLs containing “Basic Authentication” credentials having an empty username can be exploited to bypass cross-site request forgery protections.

6. The problem is that Firefox offers a previously configured private SSL certificate when establishing connections to webservers requesting SSL Client Authentication. This can potentially be exploited to disclose sensitive information via a malicious webserver.

7. An error in the handling of the “jar:” protocol can be exploited to establish connections to arbitrary ports on the local machine.

8. An error when displaying XUL pop-up windows can be exploited to hide the window’s borders and facilitate phishing attacks.

The vulnerabilities are reported in versions prior to 2.0.0.13.

Solution:
Update to version 2.0.0.13.

Provided and/or discovered by:
1. moz_bug_r_a4
2. moz_bug_r_a4, Boris Zbarsky, and Johnny Stenback
3. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett, and Mats Palmgren
4. georgi, tgirmann, and Igor Bukanov
5, 7. Gregory Fleischer
6. Peter Brodersen and Alexander Klink
8. Chris Thomas

Original Advisory:
http://www.mozilla.org/security/announce/2008/mfsa2008-14.html
http://www.mozilla.org/security/announce/2008/mfsa2008-15.html
http://www.mozilla.org/security/announce/2008/mfsa2008-16.html
http://www.mozilla.org/security/announce/2008/mfsa2008-17.html
http://www.mozilla.org/security/announce/2008/mfsa2008-18.html
http://www.mozilla.org/security/announce/2008/mfsa2008-19.html

Other References:
SA27311: http://secunia.com/advisories/27311/

I’ve come the conclusion, that the writer’s for main stream technical publications; are just as over-the-top, as any other journalist.

Very recently, some one discovered the Microsoft article, Strong passwords: How to create and use them, published 22 March, 2006. It’s 2 years old. The article as you can imagine is about creating strong passwords. About two-thirds down the page, you encounter this: The “blank password” option.

The author of the article goes on to say at this point, “A blank password (no password at all) on your account is more secure than a weak password such as “1234″.” Whoa, wait-a-minute, what the… Then he/she clarifies that statement, be explaining what he/she means.

What’s so special about a blank password? On a computer with Windows XP or newer installed, an account without a password cannot be accessed remotely by means such as a network or the Internet.

If the default settings have not been altered by the system user.

Under very specific conditions, and somewhat rare, the use of a blank password is just fine.

• You only have one computer or you have several computers but you do not need to access information on one computer from another one
• The computer is physically secure (you trust everyone who has physical access to the computer)

The second bullet is the most difficult condition to meet.

So, this passage of the MS article has been translated into “Blank Passwords Are More Secure” by the technical media. Have you lost your minds? Get real! The average non-technical reader is going to take that as gospel, and switch to using no password at all. Which, I have no doubt that many are doing so or using something like “password1″ or “1234″.

Now here comes my thoughts of the subject:

The sheer lunacy of even suggesting using a blank password for local log-on. That’s the first thing a hacker will try, when sitting in front of a terminal.

Forcing local log-in using a strong password is meant to prevent unauthorized access to the local system; and if the system is configured properly, you’ll be locked out after x number of failed attempts. Which, means reboot and start over. Brute force attacks aren’t effective when the system in configured correctly; and a hacker won’t spend that much time trying to get into the system.

If the system is connected to a network, then Network log-on should be required, and if that is configured properly; not only are you locked out of the system after x number of failed attempts, you are locked out of the network. Until the Network Administrator resets your account and issues you a new password.

There’s been a lot of articles talking about password strength, password security, password cracking of late. None of them, absolutely none of them, with the exception of the MS article, talk about the use of pass phrases of 15 character or greater in length. Why a pass phrase 15 characters or longer? They can not be broken by existing methods. They can be captured by keyloggers.

If your password is 15 characters or longer, Windows stores the constant AAD3B435B51404EEAAD3B435B51404EE as your LM hash, which is equivalent to a null password. And since your password is obviously not null, attempts to crack that hash will fail.

These articles also fail to point out that the hacker must have access, either remotely or locally, to crack a password. If they have access to the system, then they don’t need to crack the password. There are far more reliable (quicker) methods of compromising a system, Social Engineering attacks leading the way.

The rest of the Microsoft article, Strong passwords: How to create and use them, gives very sound advice on creating strong passwords. You should read it, following the advice given on that page will go a long ways to making your online experience a safer one.

Creating strong passwords and keeping them private, is just one piece of the security puzzle; a very critical piece, but still just one piece.