It’s bad enough when regular sites get hijacked by people who want to fill your computer with all kinds of spyware and other assorted types of malware but when they start manipulating Google search results I think one could say things are getting out of control.

The team over at Sunbelt Software, developers of the Vipre security software, have a post up about just this fact. The way it works is that these malware serving sites are set up to use Google as a referrer and have massaged the served up links in search results to lead you directly to compromised sites.

Apparently one of the ways you can tell if the URL is dangerous is if you see a /?p or ?/t in it and while Google does seem to catch some of the dangerous links it doesn’t catch them all as you can see from this image courtesy of Sunbelt

The amount of search terms that can lead you into this dark world of dangerous search results is dizzying. While the security guys might like to think of it a a fun pass time it sin’t somethign for the average user to play around with.

Alex from the Sunbelt blog says that the use of search results like this is massive and points to a list of search terms used in a recent blackhat run on Google. This is only a potion of his whole list but it will give you an idea

2010 Military Pay Charts
Aileen Quinn
Amelia Earhart
Anglicanism
Arsenio Hall
Astate
Banco Del Tesoro Venezuela
Bedava Ingilizce
Bianchini .
Bitty Schram Fired
Black Parade
blackberry storm 9520
Blast Off
Bobblehead .
Bravo project runway .
Cafe World
cfnm youtube
Charlie Manuel
child stuck in balloon
Chris Cooley Blog .
Chris Mckendry
Christian Audigier
Collin Wilcox Paxton
Collin Wilcox Paxton .

As they use to say on Hill Street Blues – be careful out there.

Related posts:

1. Google wants to save content producers from malvertisements
2. Malware peddlers prey on celebrity death frenzies
3. About that Erin Andrews video that just installed a trojan

In the battle to keep computer networks safe we are use to using tools like resourcing hogging anti-virus and other malware scanning methods. The problem is that in many cases this is more like fighting a rear-guard action as malware creators change and adapt quicker than the tools we use to fight them.

This may change due to some new thinking and following one of nature’s scrappiest fighters – the common ant.

Using a concept called swarm intelligence security researchers are trying to create a digital version of those pesky little insects that have ruined more than one picnic.

“In nature, we know that ants defend against threats very successfully,” explains Professor of Computer Science Errin Fulp, an expert in security and computer networks. “They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We were trying to achieve that same framework in a computer system.”

Source: Science Daily – Ants Vs. Worms: New Computer Security Mimics Nature

The project at Pacific Northwest National Laboratory (PNNL) has already successfully used this idea of digital ants to track down a worm that they let loose into a network of 64 computers. As a result the project has been extended and two of the researchers, Wes Featherstun and Brian Williams, will be incorporating their research into their master’s theses.

This type of security isn’t something that we will probably see anytime soon on our personal computers as it is more oriented to protecting large networks like the ones at universities, governments, and large corporations.

Related posts:

1. You want cyber security hire a top notch hacker
2. Cyber security – how safe is our global data?
3. OS X’s changing security landscape

According to Steven Musil at cnet Security The New York Times is in the midst of a battle to get rid of a what they are terming “an unauthorized advertisement”.

In typical fashion the ad warns readers that their computer could be infected with some sort of virus and then redirects the reader to a site offering “antivirus software”. The site readers are being redirected to is best-virus03.com and is a hijacking site that takes over your browser and will attempt to install software.

As one cnet reader told Musil

One CNET reader described how the pop-up ad essentially hijacked his browser, preventing him from navigating away from the site.

"They took me to an ‘antivirus site,’ which kept attempting to scan my computer and install software. Using the back button kept reloading the virus page," the reader said. "It was not possible to close the page, necessitating a force quit."

At this point other than a short blurb in the newspaper’s Media & Advertising section NYT isn’t saying a whole hellva lot.

Related posts:

1. Comcast going proactive against PC infections
2. Thanks Inquisitr Readers and better load times ahead
3. The New York Times tells staff … “Please don’t use TweetDeck”

For almost as long as there has been OS wars the mantra of the penguin herders has been that the likelihood of Linux ever being vulnerable to tings like viruses and trojans was next to nil. This was something that they liked to hold over the heads of all us dumb Windows users – much like the Mac contingent does as well.

How many times have we heard the chant … “you want to be safe use Linux – Windoze is for losers” or some such similar childishness?

Well now Windows users can tell all those Linux lording geeks to stuff it because just as with any operating system there are weaknesses that can be exploited (usually the person behind the keyboard) and Linux is no different. Regardless of how the Tux lovers might pontificate about the security of Linux the fact is that Linux can be exploited which is exactly what a security researcher has found with the discovery of a cluster of Linux servers that is being used as a special ops kind of botnet. As well it is being used to distribute malware to unsuspecting web surfers.

Each of the infected machines examined so far is a dedicated or virtual dedicated server running a legitimate website, Denis Sinegubko, an independent researcher based in Magnitogorsk, Russia, told The Register. But in addition to running an Apache webserver to dish up benign content, they’ve also been hacked to run a second webserver known as nginx, which serves malware.

"What we see here is a long awaited botnet of zombie web servers! A group of interconnected infected web servers with [a] common control center involved in malware distribution," Sinegubko wrote here. "To make things more complex, this botnet of web servers is connected with the botnet of infected home computer(s)."

Source: The Register – Linux webserver botnet pushes malware

While it is unclear how the infection began Sinegubko suggests that it may be because on nothing more than careless administrators who had their passwords sniffed – hence my comment about the biggest security weakness being from behind the keyboard regardless of operating system. Current the network consists of about 100 nodes running the Apache webserver on different distros of Linux.

Related posts:

1. U.S. Army in the anti-malware biz – for free
2. Torvalds says Linux kernel ‘bloated and huge’
3. Google Chrome comes to Mac, Linux…sort of

There’s a lot of talk going on in the tech blogosphere about the newest release of OS X, Snow Leopard, coming to market with a built-in malware scanner. Now that it has shipped we are seeing exactly what lies behind the real thing and it turns out to be not much more than an XML styled file called XProtect.plist that at this point only contains the signature information for two trojans.

Interestingly enough the files detailed are for trojans that hit the web earlier this year, there is nothing for more current exploits. While security experts may be divided on the actual usefulness of such a limited scanning the reality is that at this point in time the Mac doesn’t need the same type of malware definition file that Windows does. This is because for the most part Mac doesn’t share the same market share or interest for malware creators.

For much of the life of the Mac computers there has been no real need to worry about things like viruses, trojans, or other types of malware because the truth of the matter is that as a platform it held no attraction for those people who create malware. This unfortunately has given Mac users a deluded point of view that Mac’s are some how immune to malware. Many a flamewar has risen over this fact with people who try to point out that Mac’s real security has been one of market share rather than true security baked into the operating system.

It isn’t just Windows users who have been trying to say this in defense of their operating system of choice but is also coming from die-hard Apple fans who use Mac systems day in and day out. Such a person is Dino Dai Zovi who has been hacking Mac’s for almost as long as he has been using computers. The winner of the PWN2OWN hacking contest in 2007 said recently that “the Mac is not magically protected from malware”.

Charlie Miller, co-author of The Mac Hacker’s Handbook with Dai Zovi,  who is a multi-year winner of the PWN2OWN hacking contests said in an interview

"I had a feeling that Mac was easier (to hack) than Windows," he said. "If I can find the Safari bug or exploit in a few days and it would take me 10 times as long for IE, why would I do that? I go after the easiest guy."

Even in light of what people like Miller and Dai Zovi are saying there is still a large contingent of Mac users who truly believe that they are invulnerable to malware by virtue of the Unix base that OS X is built on. It is also the same type of opinions held by the Linux community as well. As much as these people like to believe this they are ignoring a fundamental law of our world – whatever mankind creates someone will find some way to figure out how it works and then subvert it.

Pick any technology created by man at at some point some-one finds a way around it, a way through it or some way to break it. It is an inescapable law and just because Mac users would like to think that OS X is above all this they are living in a dream world.

Apple though may be coming out of their dream state fugue with Snow Leopard and the inclusion of a malware scanner. For Mac security experts like Dino Dai Zovi though this initial step may not go far, or deep, enough as he recently put forth his wish list when it comes to Snow Leopard

In June, Dai Zovi reported on a new local privilege escalation vulnerability researchers had discovered that gives local root access on Mac OS X Tiger and Leopard. He offered up a wish list for Snow Leopard that included: real" ASLR; "full use of hardware-enforced Non-eXecutable memory (NX);" default 64-bit native execution for security-sensitive processes; sandbox policies for Safari, Mail.app, and third-party applications (akin to what Chrome has); and Mandatory code signing for kernel extensions.

At this point Dai Zovi also adds Leopard has a security level akin to something between Windows XP Service Pack 2 and Vista and it still remains to be seen where Snow Leopard will fall.

Right now the Mac only has about 5 percent market share worldwide with half of that being US users but it is a share that is rising, from 3.73 percent to 4.86 percent in one year. With that rise though also comes the increased visibility of OS X as a target for malware creators so the dreamland that many Mac users live in when it comes to security is in danger of crashing down around them.

As Charlie Miller said

"No computer or operating system is more or less secure when it comes to users being tricked into downloading something,"

image courtesy of Mac Magazine Brazil

Related posts:

1. Snow Leopard ships with malware blocker (Wha??)
2. No more making fun of Windows security for Mac users
3. The changing city landscape in the US

After years of lording over Windows the fact that Mac OS X doesn’t, or couldn’t get attacked by malware Apple’s next version of OS X, Snow Leopard, is being shipped with as malware blocker. Back in December of last year I got some flack over a post about OS X and how its days of not being a target for viruses, trojans, or other types of malware where numbered.

How things can change in almost a year eh. As many have always maintained Apple’s real security against these baddies was that the user base size of OS X didn’t make it worth malware developer’s time. Something must have changed if Apple has gotten to the point that they have incorporated a malware scanning engine as a part of Snow Leopard.

Ryan Narine at cnet Zero Day has this to say about the discovery

It is not yet clear how Apple is handling the package scans for signs of malicious software.

I have confirmed that Apple is not using the open-source ClamAV engine to handle these scans so it’s likely the company has entered into an agreement with a commercial anti-virus company.

This isn’t the first official acknowledgment from Apple that the Mac operating system may be susceptible to malware.  This Web page on Mac OS X security actually recommends the use of third-party anti-virus software to get “additional protection.”

All I have to say is

Related posts:

1. Apple Officially Confirms OS X 10.6 Snow Leopard Release For August 28th
2. ZFS File System Development For Future Snow Leopard OS Update “Discontinued”
3. Bitchmeme desperation leads to snow leopard silliness

While the stick yer head segment of Mac users will almost certainly find some reason to spout their typical rhetoric about Mac’s being impervious to viruses, trojans and other such evil goodies that isn’t stopping the malware writers from improving their odds of getting you to install their crap. One of the newest tricks apparently is for the website you are visiting to detect which operating system you are running and then serve you up a nasty package for that OS.

Ivan Macalintal from Trend Micro recently came across a new variant of the DNS changer trojan that checks for which operating system is behind the browser and then will offer up the appropriate Windows or Mac installer.

This follows a similar finding last month by McAfee, which spotted the same tactic being used at sites that try to trick the user into installing a browser plug-in supposedly needed to view online videos: The bogus plug-in was offered as a ".exe" file for Windows visitors, and a ".dmg" installer file for those who browsed the site with a Mac.

Meanwhile, Symantec warned last week that it had detected several blogs that were advertising free, streaming online copies of movies that were just released in the theaters. The lure is once again a fake video plug-in, followed by either a Mac- or Windows-based version of the DNS Changer Trojan.

Source: Security Fix :: Malware Writers: Will That Be OS X, or W?

Most of these new and more dangerous delivery systems are coming at us via blogs and websites that pander to those looking for video and software that they would normally have to pay for.

The reason for this is that by making the visitor think they need some new type of codec to view some questionable video it makes them more willing to install whatever is offered up to them. This is just taking the whole social engineering up a level or two.

image courtesy of Security Fix

Related posts:

1. Snow Leopard ships with malware blocker (Wha??)
2. Way to go Guy Kawasaki, thanks for the malware tweet
3. Google enters the Operating System market with Chrome OS

One of the biggest dangers surfers are facing on the web these days is the incredible proliferation of URL shortening services like TinyUrl, bit.ly, and countless more. While they do provide a valuable service they also can be used by cretins that want to try and trick users into going to malware type sites. It wasn’t until the increase of services like Twitter though that this potential danger really gained any ground.

Word has it today though that Twitter has turned on URL blocking that will not let shortened links that lead to malware sites to be posted. This was first noticed by security firm F-Secure and is now being widely reported throughout the blogosphere – as it should be.

As Sarah Perez over at ReadWriteWeb points out this service is probably being provided in conjunction with a third party as the cost to Twitter to maintain the needed database of constantly increasing threats would probably be more than the service could sustain.

Since the company has not made any official announcement about the new protection, it’s unknown at this time if Twitter is using a particular service to provide the lookup capabilities for the malicious URL identification or if they are managing this process in-house. If we had to bet, though, we would go with the former. Maintaining a current "block list" for malicious web sites would be a major undertaking for the startup. It’s more likely they’ve partnered with a security company of some sort to provide this service or are using a publicly available API, such as Google’s Safe Browsing API, which checks URLs against Google’s blacklist.

Source: ReadWriteWeb :: Twitter Starts Filtering Malicious URLs

The only drawback to this is that this parsing of URLs only occurs if posting from the actual Twitter page rather than third party clients. Now other than bit.ly none of the other URL shorteners provide the same kind of protection so really this ends up only being a half-measure.

But I guess a start is better than nothing. Now if the rest of the URL shortening services would climb on board.

Related posts:

1. WordTwit offers custom short URLs for WordPress blogs
2. Url shortener Tr.im saved from death, but still serves as a serious wake up call
3. Twitter Drops Canada SMS Support

Remember back the other day when Paul posted about the peep show video of ESPN hottie Erin Andrews hitting the web?

Well it appears that the malware authors have discovered it as well and now are using it as the hottest target to infect machines around the world. This is accord to a post by Tom Kelchner from Sunbelt Software, the developers of security software, where he lets folks know about what their hunt for the video could end up getting them – and it’s not pretty either.

Today isn’t a good time to go looking for that Erin Andrews “peep hole” video.

There has been a boom in malicious spam, web sites and Twitter posts advertising a “peep hole” video of ESPN reporter Erin Andrews undressing in a hotel room.

Researchers at Sunbelt Software have detected that the Trojan installers used in the scam are generating a large number of polymorphic variants. The installers change with sites each day and number around 10,000 unique hashes.

VIPRE detects one as Trojan.NSIS.DnsChanger (v). Detections for a second, Trojan-Downloader.Win32.CodecPack.2GCash.Gen, will be pushed out shortly.

At one point on Tuesday, July 21, the number-one hit in a Google search for “Erin Andrews” was just two clicks away from a site with a downloader.

Needless to say, don’t get curious about the video. A rogue anti-malware product and a key logger are among the things that are downloaded.

Like Tom says you might want to think twice about looking for the video unless of course you like having your machine infected – then by all means hunt away but consider yourself warned.

picture courtesy of Sunbelt Software

Related posts:

1. Erin Andrews Peephole Video Hits the Internet
2. Banhammer! ESPN blacklists NY Post over Erin Andrews debacle
3. Erin Andrews Hit by Foul Ball

In the wake of the internet’s biggest day since the September 11th attacks, purveyors of spam and malware have been having a field day with copious morbid web searches driving traffic to their sites.

Searches surrounding the circumstances of Michael Jackson and Farrah Fawcett’s deaths coupled with stirrings of curiousity surrounding recent celebrity deaths have given spammers and malware pushers a new in as news-hungry web surfers click on every link promising “shocking videos” and “exclusive photos.”

Infections are on the rise from unsolicited e-mails promising pictures and video and subsequently installing malware toolbars. Although most users with a lick of internet sense won’t open these kinds of e-mails, your mother might.

And web searches are not immune, either. A New York Times blog reports:

Also yesterday, scammers were using Farrah Fawcett’s death from cancer to reel in victims. Sophos discovered a Web-based attack by running a simple Google search about the star. On the first page of results was a link to a site claiming to have news, pictures and videos, but a click on the link redirected visitors to a page attempting to scam people with fake antivirus software, known by security experts as scareware.

TraceLabs posted some really obvious helpful tips to avoid getting your computer infected:

• Spam messages with outrageous headlines relating to Michael Jackson, URL links or attachments encouraging you to open to view a video or read a report. Expect to see topics such as ‘Mr. Jackson being frozen for future re-animation’ or ‘Jackson still alive, it was all a publicity stunt’.
  • If you receive messages such as this, do not open the attachment or click on the link. Go directly to a trusted or reputable news agency for your information.

• Be very cautious using search engines such as Google to find information about Farah Fawcett or Michael Jackson. Look carefully at where links in search results point to.
  • Update your browser to the latest version. Many of these malicious search link results will probably point at sites using browser vulnerabilities to automatically trigger and infect you. There is a dramatically reduced chance of this happening if you are running the latest browser versions.

• Be wary of Twitter, Facebook, MySpace updates and the like, mentioning Jackson or Fawcett. Hackers are increasingly using social networking sites and user contribution (Web 2.0) sites for malicious purposes.
  • These messages may come from people you know but you should not automatically trust them. Hackers rely on you assuming that the message is safe because of who it comes from. Resist the temptation to click on these links. Do your own investigation or go directly to your friend’s social networking page to see what they are saying rather than following the link you were sent.

• Blogs will be another popular tool for scammers. Expect to see links pointing to blog sites with wording directly related to the death of Michael Jackson or Farah Fawcett. Criminals use free blogging services to help promote links to their malicious web sites and improve search engine rankings when they are trying to manipulate their ranking on search results for a given topic. Be particularly wary of links on these topics that point to free blog hosting service websites.

Related posts:

1. Michael Jackson Death News Causes Widespread Internet Chaos
2. Study: Blogspot, Naked Female Celebs Pose Worst Malware Risks
3. Way to go Guy Kawasaki, thanks for the malware tweet

Wow, makes me almost glad that I don’t follow Mr. Kawasaki on Twitter, unlike Guy’s other 139,000 followers who were left open to a possible malware threat from one of his automated tweets. According to the report on CNet News Security blog a Twitter message sent by Kawasaki advertised a sexy video of TV star Leighton Meester of Gossip Girl. The problem was that if you clicked on the link and then tried to view the video you would find yourself the proud owner of a trojan.

Under the guise of needing to install a required codec to view the video, Kawasaki fans would instead download and install OSX/Jahlav-C for the Mac. Kawasaki has stated that his account is set up to redistribute spam updates from user generated news site NowPublic.

While Kawasaki’s account wasn’t the only one to send out the message (it also went out on less popular accounts), Guy’s popularity on Twitter means many of his messages are ReTweeted, resulting in even further promotion of the malware.

But then again it was a trojan for Macs and we all know there is no such thing so I guess this isn’t really that important so go ahead and carry on with what you were doing …………….

Related posts:

1. Malware served up based on operating system
2. Obama’s Website: Malware is coming to America
3. Malware peddlers prey on celebrity death frenzies

Word has been leaking like a sieve around the web that Microsoft is going to be soon releasing its own free anti-virus software codenamed, for now, Morro. The software is apparently being tested extensively in-house and is expected to be released soon as a “trial release”. The company has though qualified that it will be available by the end of 2009 – at the very latest.

The folks over at Neowin though have been lucky enough to have some screen shots of the program in action and wasted no time in posting them, one of which I have posted below.

As you can see it’s a pretty simple front-end for what is supposed to be based off of their Forefront Anti-Virus engine which is used in enterprise environments.

According to the post at Neowin the folks at Symantec aren’t overly concerned about Microsoft’s entry as they look at it as a stripped down AV program that will have no effect on full blown security program. They go on to say

According to Janice Chaffin, president of Symantec’s Consumer Division, "Microsoft’s free product is basically a stripped down version of the OneCare product Microsoft pulled from the shelves. A full Internet security suite is what consumers require today to stay fully protected."

Now this is where I have to step up and point out just how full of shit this kind of talk is. Simply put, in the 20 plus years I have been using computers I can count on one hand with a couple of fingers missing exactly how many times I’ve gotten hit by a virus. It’s called being smart, rather than a sucker for expensive Internet Security programs that for the most part do a lousy job. think not then just check the certified AV testing sites to see for yourself

Granted the computing landscape has gotten more dangerous and where I once might have said just being smart about what you were doing was enough I will now say you need some protection. However much of the protection you are being offered today is expensive subscription based software that does more to bog down your machines than save them from your own stupidity.

I’ve lost count of the number of machines I worked on back when I was doing more technical based stuff that had out of date AV software running, or had the AV software turned off. It wouldn’t have mattered if these people had been using the most expensive software on the market or the free editions, they would still have gotten infected because of their own stupidity.

As well you can run the best free or pay AV software you want but none of it beats common sense. If you don’t surf, deal with emails or download files knowing that there are dangers and using your head about it all then you deserve exactly what you get.

Related posts:

1. Updated info on Microsoft’s free anti-virus program – Morro
2. Microsoft readies free anti-virus software – Let the jokes commence in 1..2…3….
3. Is Microsoft setting itself up for an uproar?

If there is one thing that people have always been slamming Microsoft for is its habit of bundling things with the operating system that other companies charge for, or have built a solid business around. The biggest of these that until Windows 7 has constantly gotten the company in hot water is its browser: Internet Explorer. There have been run ins with the EU over its bundled media player which saw the company having to release of version of Windows in Europe that had Windows Media Player removed.

While that has proven to be a total waste of time as no one would buy the release it hasn’t stopped countries, and companies, crying foul every time Microsoft talks about releasing a free product that competes against already established companies. It is this kind of background that makes the news that they are working on a new – free – security product currently codenamed Morro.

Microsoft is creating a new PC security product for consumers that will be available at no cost to licensed Windows users. This new product:

• Provides high-quality protection against viruses, spyware and other malicious software;
• Is fast and functional, providing continuous protection with minimal impact on system performance;
• Is easy to download and install directly from Microsoft, with no subscriptions, renewals or credit cards required to keep your protection up-to-date.

Source: LiveSide

This new product is based on Microsoft’s Forefront technology and is meant to replace their previous security suite; OneCare, which they have announced that they are ending support of.

Now given that the computer security business is very lucrative one has to wonder how the many competitors in this area will react to Microsoft’s free offering when it comes to market. Could the company be setting itself up for another round of being made out to being the bad guy?

Should we start picking out dates on the calendar for when we’ll start hearing companies crying foul and filing complaints against Microsoft as the EU loves to do at the drop of a hat?

What do you think?

Related posts:

1. Updated info on Microsoft’s free anti-virus program – Morro
2. Microsoft readies free anti-virus software – Let the jokes commence in 1..2…3….
3. Ironic: Microsoft ordered to pay $388m over pirated code in its anti-piracy measures

The program, called Trojan.PWS,ChromeInject.A, looks like a regular Firefox plug-in once it gets into your system. In fact, it’ll show up in the browser as part of Greasemonkey, the fully legit and quite handy customization tool.

This bad boy, though, won’t do you any good. Researchers at BitDefender found the malware will automatically run every time you start Firefox, then use JavaScript to identify any of about 100 different banking and financial sites you might surf to. Bank of America, Wachovia, and even PayPal are said to be included. Once it sees you on one of those sites, it’ll snag your login info and password, then send it all to a server in Russia.

Most people are being bitten by the ChromeInject bug by either downloading a program they think is legit, or by the phenomenon known as “drive-by download,” in which an e-mail or Web site installs the program without the user’s knowledge.

Antivirus programs will likely add protection against the bug before long — BitDefender says it already has — but in the meantime, the smartest thing to do is to keep up your own safeguard. Mozilla’s official add-on site has no instances of the bug, researchers say. Mozilla has been extra vigilant in its add-on scanning since some questionable code was found in a Vietnamese language pack on its site back in May.

Related posts:

1. Mozilla Releases Firefox 3.0.6
2. Obama’s Website: Malware is coming to America
3. Mozilla Releases Firefox 3.0.9, Preps 3.5 Beta 4

If there has always been one constant in the on-going my operating system is better than yours head butting that happens between Windows and Mac users it has been over the issue of security. Mac users have loved being able to lord over us poor ol’ Windows users how they don’t need to worry about things like malware and viruses. This obnoxious attitude hasn’t been helped either by Cupertino running ads pointing out how Mac users don’t need to worry about such silly things as viruses. As Brian Krebs says in a post about this today

Just under three months ago, I asked an employee at our local Apple store whether I needed anti-virus for my MacBook, and was told not to bother, that it was not necessary. I wonder if this means Apple will stop running television ads saying Mac users don’t have to worry about malicious software?

This of course is in total contrast to a technical note that Apple has added to its support site where they say the following

“Apple encourages the widespread use of multiple anti-virus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.”

The support advisory even goes on to recommend some possible anti-virus utilities for the Mac faithful to install on their oh so secure machines

Here are some available anti-virus utilities:

· Intego VirusBarrier X5, available from the Apple Online Store
License: commercial

· Symantec Norton Anti-Virus 11 for Macintosh, available from the Apple Online Store
License: commercial

· McAfee VirusScan for Mac
License: commercial

For years Windows users have had to suffer the better than thou abuse from Mac users and now; as more than a few Windows users have said – myself included, the tables have indeed turned. So all you Windows users out there bookmark that Apple advisory. Then the next time some Mactard starts making fun of you because of things like viruses and how they don’t have to worry about such mundane things – slap them with that link.

Neener Neener – it looks good on them.

Related posts:

1. Windows Marketplace Shows Up One Day Early For AT&T Pure Users
2. Snow Leopard ships with malware blocker (Wha??)
3. AVG decides iTunes is the Small.BOG virus

The data shows more malicious messages sent in July than in any other month so far this year. The worst was on July 24, when 10 million infected e-mails went out around the world.

Google says a UPS scam accounted for much of the traffic. The e-mails had what looked like a link to package tracking information but ended up being a link to malware instead. Another offender was a fake CNN newsletter, also containing dangerous links.

For August, the team has found a shift to infected file attachments — a phenomenon that had been decreasing in recent months. The particular case cited uses encrypted RAR files.

Update: Moments after publishing this, I received a virus-linked message myself. Good timing.

Dear valued PayPal member:
Due to concerns, for the safety and integrity of the paypal
account we have issued this warning message.
It has come to our attention that your PayPal account information needs to be
updated as part of our continuing commitment to protect your account and to
reduce the instance of fraud on our website. If you could please take 5-10 minutes
out of your online experience and update your personal records you will not run into
any future problems with the online service.

However, failure to update your records will result in account suspension.
Please update your records on or before August 14, 2008.
Once you have updated your account records your paypal account
service will not be interrupted and will continue as normal.
To update your PayPal records click on the following link:

Thank You.
PayPal UPDATE TEAM

Of course, the links led to nonsense domains that had nothing to do with PayPal.

Related posts:

1. Facebook “Fan Check” not likely virus, confirmed to be annoying as all get out
2. AVG decides iTunes is the Small.BOG virus
3. The Facebook Virus is back

Sophos says Google’s free blog hosting service has more malware than any other single site on the Web, with 2 percent of all the world’s dangerous code — both in hacker-created blogs and in innocent blogs infested with malicious comments. Google says hosting any malicious code is, of course, a violation and something its staff actively works to avoid.

Another curious discovery: Messages claiming to contain naked photos of Angelina Jolie or Nicole Kidman are the most common forms of e-mail-based malware, Sophos found.

Overall, Sophos says there are now 11 million different pieces of malware floating around, with 20,000 new samples coming in daily. Engineers say they’re finding three times the amount of problematic content as they did last year.

Related posts:

1. Dropbox Blocked By Google For Malware
2. Malware peddlers prey on celebrity death frenzies
3. Angelina Jolie Three Months Pregnant?