Hijack

Windows Vista & Windows 7 Kernel Bug Can Bypass UAC

Now this is not the first time Windows UAC has hit the news for being flawed, back in February 2009 it was discovered that Windows 7 UAC Vulnerable – User Mode Program Can Disable User Access Control and after that in November 2009 it was demonstrated that Windows 7 UAC (User Access Control) Ineffective Against …

Windows Vista & Windows 7 Kernel Bug Can Bypass UAC Read More »

Fake Trojan Removal Kit serves up ThinkPoint Rogue

You might want to steer clear of the following fake security program, being promoted as a “Windows Trojan Removal Kit” but actually hijacking your PC in the form of the ThinkPoint rogue with a mixed (24/43) detection rate. The file is currently being offered up by your typical “fake security scan” pages, such as microsoftwindowssecurity152(dot)com. …

Fake Trojan Removal Kit serves up ThinkPoint Rogue Read More »

Firesheep author takes backhanded pot-shot at free speech

Sophos Labs: Two weeks ago, an automatic session-hijacking plugin was released for Firefox. It was named Firesheep, and it’s been downloaded over 600,000 times so far. The decision to release Firesheep publicly is a controversial one. On the good side, it’s reminded people that some of their common web surfing habits are dangerously insecure. Many …

Firesheep author takes backhanded pot-shot at free speech Read More »

No p*rn for you, naughty boy!

There are always peculiar things malware researchers discover while analyzing new samples. VirusTotal 24/43 Let’s remember the filename as HD Porn TV for later Our victim runs it thinking they will see the latest porno in HD quality. Instead they get a new browser ‘theme’ with a Turkish flavor: Internet Explorer: Firefox: The bad guys …

No p*rn for you, naughty boy! Read More »

PCWorld links to scareware

I was reading an article on PCWorld’s website about the upcoming Google Chrome OS: So far so good. Except that I inadvertently clicked on one of their sponsored links: which ironically states “Here is all about spyware removal and even more.” After a few redirects, my browser is hijacked by one of those FakeAV scanners: …

PCWorld links to scareware Read More »

Help keep your account safe with the Gmail security checklist

Posted by Diana Phan, Gmail Support Team October is National Cyber Security Awareness month and a good time for a reminder about why hijackers do what they do and how you can protect your account. Check out the Online Security blog to learn about common hijacking techniques and security practices that will help you stay …

Help keep your account safe with the Gmail security checklist Read More »

DLL Hijacking Evolved

Back in November 2007, I’ve seen this technique used by one of the variant of Worm called W32/Drom. The technique was not to execute the malicious file or component of the worm but to prevent Antivirus Program from running.  The Worm queries the following Antivirus registries to get the Installation Path, once acquired, it creates …

DLL Hijacking Evolved Read More »

Brand new 0-day Exploit. The world is going to end! Yet again…

Sigh… The latest “exploit” that affects hundreds of programs and will be the end of the world as we currently know it is actually a well documented feature of Windows. It has actually been around since the DOS days. In the old days we used to call these Companion viruses. It worked by using a …

Brand new 0-day Exploit. The world is going to end! Yet again… Read More »