Carrier IQ’s Opt-Out Data Collection Patent

ZDNet writes here about an Carrier IQ patent that outlines keylogging and ability to target individual devices . Which is interesting. But Carrier IQ owns a dozen patents, including this one, which to me is much more interesting. This patent indicates what Carrier IQ software could do—not what it does—but it is revealing nonetheless: A …

Continue reading ‘Carrier IQ’s Opt-Out Data Collection Patent’ »

Keeping the Keyloggers out of the Basement

Here’s a product about to be announced that claims to really protect users against keylogging — when bad guys capture the keystrokes you make and then transmit it back to base: StrikeForce’s WebSecure (PDF file): The basic idea, StrikeForce’s PR guy Adam Parken tells me, is that “keystrokes are encrypted at the hardware driver and …

Continue reading ‘Keeping the Keyloggers out of the Basement’ »

A New Way To Foil Keyloggers?

PC Tools has released a new version of Spyware Doctor, 3.2, with what it calls “groundbreaking Keylogger Guard technology that protects users from identity thieves”. A press release says: Existing solutions can allow keylogger threats to run undetected for weeks or months by which time the damage is already done. Spyware Doctor 3.2’s Keylogger Guard detects …

Continue reading ‘A New Way To Foil Keyloggers?’ »

The world’s biggest phishing attack?

This London bank raid seems impressive: The investigation was started last October after it was discovered that computer hackers had gained access to Sumitomo Mitsui bank’s computer system in London. They managed to infiltrate the system with keylogging software that would have enabled them to track every button pressed on computer keyboards. Of course, it’s …

Continue reading ‘The world’s biggest phishing attack?’ »

A Free Zone Alarm?

For firewalls, I always recommend Zone Alarm from ZoneLabs. To my mind it’s still the best and most intuitive firewall around. But most people only need the free version. And that’s where the problem is. Why do ZoneLabs make it so hard for ordinary users to download it? Readers and friends who have tried to …

Continue reading ‘A Free Zone Alarm?’ »

Korgo Clarified

More on Korgo; I wish I could say it was the last. But the good news is that it does not seem to be the all-in-one ‘phishing worm’ F-Secure said it was. F-Secure has clarified the situation over the Internet worm Korgo, which seems to answer some of the questions in my earlier posting. Korgo …

Continue reading ‘Korgo Clarified’ »

Korgo Spreads Its Wings

Seems like the big anti-virus boys are waking up to Korgo, the ‘phishing worm’ that F-Secure was warning about a few days ago. Symantec have just issued an advisory upgrading W32.Korgo.F, a new variant of the worm, from a Level 2 to a Level 3 threat. As Symantec says, W32.Korgo.F is a worm that attempts …

Continue reading ‘Korgo Spreads Its Wings’ »

More On Korgo

More on the phishing worm I mentioned in a previous post. Mikko H. Hypponen of F-Secure has passed on a little more information. He says it’s “pretty big, but still far away from outbreaks like Sasser or Mydoom”. So far “at least 50,000 machines are infected worldwide, possibly more”. He says Korgo does “specifically target …

Continue reading ‘More On Korgo’ »

A Phishing Worm

Welcome to the phishing worm. Korgo, a new worm that appeared last week, scans for random machines to infect and attack, using a vulnerability in Windows called the LSASS flaw which was discovered in April, according to Internet Week. Korgo, also known as Padobot, then sits on users’ computers waiting for instructions from home. Most such …

Continue reading ‘A Phishing Worm’ »

Anti Phishing Tools And The Lull Of False Security

From Buzz Bruggeman, here’s another tool that may help fend off phishing attacks (here’s an earlier post on similar software): SpoofStick, a browser extension that sits in either IE or FireFox and tells you what website you’re really visiting. It works like this: Many phishing scams conceal the real website in a link behind tricks …

Continue reading ‘Anti Phishing Tools And The Lull Of False Security’ »