Monthly Archives: January 2008

RealPlayer is badware

Posted on January 29, 2008 by Maxim Weinstein

StopBadware has released an alert identifying RealPlayer as badware. See our press release here and the complete alert here. Interestingly, RealPlayer 10.5 and RealPlayer 11, both of which are distributed widely, both violate our badware guidelines, but in different ways. … Continue reading →

Tagged badware, realplayer, stopbadware | Comments Off

Yet another attack method

Posted on January 28, 2008 by Maxim Weinstein

The bad guys who spread badware for fun and/or profit have a new way to infect your computer: load badware onto digital photo frames, hard drives, and other devices that you’re likely to take home and plug into your PC. … Continue reading →

Comments Off

Sun Java Update

Posted on January 23, 2008 by Maxim Weinstein

Brian Krebs at the Washington Post points out an update available to Sun Java, which many PC users have installed, even if they don’t realize it. The update reportedly includes a number of security fixes. Brian’s post provides instructions on … Continue reading →

Tagged java, stopbadware, update | Comments Off

Secure your router

Posted on January 23, 2008 by Maxim Weinstein

Many home and small business users have a wired or wireless router that allows them to share their high-speed internet connection and that helps to protect their network. According to a report from security vendor Symantec, failing to secure your … Continue reading →

Tagged router, stopbadware, vulnerability | Comments Off

Half of malware-distributing websites have been hacked

Posted on January 22, 2008 by Erica George

Security vendor Websense has released a report showing that half of the malware-distributing websites it examined in the second part of 2007 were otherwise legitimate sites that had been hacked. The report points to unpatched software vulnerabilities and problems on … Continue reading →

Tagged community, hacking | Comments Off

Watch out for rogue anti-spyware (even on the Mac!)

Posted on January 16, 2008 by Erica George

According to security vendor F-Secure, MacSweeper is a new player to avoid in the rogue security software game, and is likely the first fraudulent anti-spyware product targeted to Mac users. Rogue security software coerces users into downloading supposedly beneficial software … Continue reading →

Tagged apple, fraud, mac, rogueantispyware, socialengineering | Comments Off

Tracing an ad attack

Posted on January 10, 2008 by Erica George

The folks at MacHouse have posted a nicely detailed analysis of the steps they went through to track down the origins of a malicious banner ad they found on their own website. MacHouse traced a malicious flash ad through a … Continue reading →

Tagged adnetworks, ads, thirdpartycontent | Comments Off

My SHC Community report released

Posted on January 8, 2008 by Maxim Weinstein

We have just released a report identifying as badware the My SHC Community tracking application that we mentioned here a few days ago. The finding of badware was due to inadequate disclosure of extensive tracking and data collection and to … Continue reading →

Tagged report, sears, stopbadware | Comments Off

My SHC Community

Posted on January 4, 2008 by Maxim Weinstein

Sears Holding Corporation (SHC), the parent company of Sears & K-Mart KMart [updated 01/07/08] stores, has recently come under fire regarding their My SHC Community application, developed by VoiceFive, a subsidiary of comScore. The concerns are focused around whether users … Continue reading →

Tagged comscore, disclosure, sears, stopbadware | Comments Off