Spammers Abusing Trust in US .Gov Domains

Spammers are abusing ill-configured U.S. dot-gov domains and link shorteners to promote spammy sites that are hidden behind short links ending in””. Spam purveyors are taking advantage of so-called “open redirects” on several U.S. state Web sites to hide the true destination to which users will be taken if they click the link.  Open redirects are potentially … Читать далее

Privacy 101: Skype Leaks Your Location

The events of the past week reminded me of a privacy topic I’ve been meaning to revisit: That voice-over-IP telephony service Skype constantly exposes your Internet address to the entire world, and that there are now numerous free and commercial tools that can be used to link Skype user account names to numeric Internet addresses. A … Читать далее

PSI 3.0: Auto-Patching for Dummies

A new version of the Personal Software Inspector (PSI) tool from vulnerability management firm Secunia automates the updating of third-party programs that don’t already have auto-updaters built-in. The new version is a welcome development for the sort of Internet users who occasionally still search their keyboards for the “any” key, but experienced PSI users will … Читать далее

Rogue Antivirus Via Skype Phone Call?

A few readers have written, saying that they recently received Skype phone calls urging them to download and install a system update for Microsoft Windows. Users who visit the recommended site are bombarded with the same old scareware prompts that try to frighten them into purchasing worthless security software. Scareware scams are nothing new to … Читать далее

‘Evilgrade’ Gets an Upgrade

“Evilgrade,” a toolkit that makes it simple for attackers to install malicious software by exploiting weaknesses in the auto-update feature of many popular software titles, recently received an upgrade of its own and is now capable of hijacking the update process of more than 60 legitimate programs. Evilgrade’s creator, Francisco Amato of InfoByte Security Research, … Читать далее