Advertisement
  • About the Author
  • About this Blog

    • Posts Tagged: f-secure

    Other / Time to Patch14 Comments
    20
    Jul 10

    Adobe: ‘Sandbox’ Will Stave Off Reader Attacks

    Adobe Systems Inc. said today the next release of its free PDF Reader application will include new “sandbox” technology aimed at blocking the exploitation of previously unidentified security holes in its software.

    Sandboxing is an established security mechanism that runs the targeted application in a confined environment that blocks specific actions by that app, such as installing or deleting files, or modifying system information. Adobe said that in developing the sandbox technology, it relied on experts from Microsoft and Google (the latter already has incorporated sandboxing into its Chrome Web browser).

    “The idea is to run Reader in a lower-privilege mode so that even if an attacker finds an exploit or vulnerability in Reader, it runs in lower rights mode, which should block the installation of [malware], deleting things on the system, or tampering with the [Windows] registry,” said Brad Arkin, director of product security and privacy at Adobe.

    Even if only somewhat effective, the new protections would be a major advancement for one of the computing world’s most ubiquitous and oft-targeted software applications. The company is constantly shipping updates to block new attacks: Less than a month ago, Adobe rushed out a patch to plug vulnerabilities that hackers were using to break into vulnerable machines. Security vendor McAfee found that roughly 28 percent of all known software exploits in the first quarter of 2010 targeted Adobe Reader vulnerabilities. According to anti-virus maker F-Secure, Reader is now the most-exploited application for Windows.

    Continue reading →

    Other42 Comments
    29
    Mar 10

    Removing Viruses from a PC That Won’t Boot

    One of the more common questions I hear from readers with computer virus infections is, “How do I get rid of a virus if I can’t even boot up into Windows to run an anti-virus scan?” Fortunately, there are a number of free, relatively easy-to-use tools that can help on this front.

    The tools in this review are known as a “rescue CDs.” These are all free, Linux-based operating systems that one can download and burn to a CD-Rom. Once you’ve configured your PC to boot from the CD you’ve just burned, you can use the CD to scan your hard drive, and — depending on the type of rescue CD you choose — even copy files to a removable drive.

    Continue reading →

    Other39 Comments
    17
    Jan 10

    Tough Talk from Those Who Hide

    It is said that you can judge the mettle of a man by the quality of his enemies. So I guess it should be flattering when a group of individuals who appear dedicated to making misery for countless Internet users express glee at what they perceive as my misfortune.

    Since my final posting on The Washington Post‘s Security Fix blog last year, I’ve been made aware of several discussions among different shadowy online groups who were apparently celebrating the end of that blog.

    Some of those conversations I am not at liberty to point to here, but at least one of them is public: A thread on crutop.nu, a 8,000 member Russian language forum dedicated to Webmasters who specialize in high-risk Web sites, including rogue anti-virus software sales, pharmacy sites, and all manner of extreme porn (including beastiality and rape).

    The last time I got this much attention from crutop.nu was last summer, when I published the results of a lengthy investigation that traced a huge number of rogue anti-virus Web site payment processing pages back to Crutop and to Chronopay, a Russian payment processing company that also specializes in high-risk sites. Indeed, that post concluded that the same individual was responsible for running both entities, (Chronopay founder Pavel Vrublevsky, a.k.a. “Redeye” on Crutop).

    In this discussion on Crutop, members can be seen celebrating the demise of the Security Fix blog and my employment at The Washington Post, essentially saying that Santa Claus had answered their letters. Members then go on to discuss how I should be shot (among other indignities), as well as various search engine gaming schemes that might bury the rankings of my new blog at krebsonsecurity.com.

    The entire thread (or least up until today) can be read by expanding the images below, in order, and viewing a rough translation. For whatever reason, the default view when you see the full sized image may start at the center of the page. If this happens, just scroll up and start from the top. Caution: Some of the language displayed in these posts may be offensive to some readers, and certain thumbnail images may not be appropriate for viewing at work.

    PAGE 1

    PAGE 2

    PAGE 3