As it does every year, Panda Software is publishing its annual list of those malicious codes which, although they may not have caused serious epidemics, have stood out in one way or another:

– The most moralistic. This award goes to the spyware Zcodec which, among other actions, monitors whether users access certain web pages with pornographic content. This may simply be a way of determining whether the user is a frequent visitor to these types of pages in order to send personalized advertising. On the other hand, perhaps the author of the spyware just has voyeuristic tendencies.

– The worst job applicant. The Eliles.A worm sends out CVs all over the place. It even sends them out to users’ cell phones. It would seem that it has little confidence in its own job prospects.

View: Full Story Via: Panda Software

Google Translate is a translation service provided by Google to help you translate text or web pages to the language you desire. Some of the languages supported include English, Simplified Chinese, Spanish, French, German, Korean, Japanese, etc.

If you want to translate a page from one language to another, here is the URL format:

http://www.google.com/translate?lan….websiteurl.com

where en|es is the language pair to translate from one language to the other (here it is English to Spanish), and www.websiteurl.com is the site you want to translate.

An interesting workaround to bypass your proxy server is to use Google Translate to translate the page you want to view from English to English, like this:

http://www.google.com/translate?lan….websiteurl.com

Here, since the origin language and the destination language are the same, Google Translate does not perform any translation and hence simply acts as a forwarder and forwards the page you want to view directly to you.

View: Full Story Via: O’Reilly Network

Even Santa isn’t safe from spyware and viruses.

With Christmas fast approaching, Santa Claus reached out for a little help from Stopbadware.org this week.

The consumer advocacy group said it was approached by an Incline Village, Nevada, man who has legally changed his name to Santa Claus, who asked them to help figure out why his Web site was being flagged by Google’s Web site filters.

It turned out that Santa’s Web site, Santaslink.net had been hacked.

View: Full Story Via: PCWorld

On November 30, Sophos issued its monthly report on the top ten threats reported to them in November of 2006. As a part of this, Sophos also studied Windows Vista’s vulnerability to these malware threats. I found the information and press discussion confusing, so I thought I would clarify what this really means for customers.

In order to understand what was really going on here, I asked the team to go look at the technical facts behind the story, and that started in the lab. We began by observing first-hand how these various forms of malware affect a Windows Vista system using a machine that was configured with the default settings and without any additional security software. What we found was that if you are using only the software in Windows Vista (e.g., Windows Mail and no add-on security software), then you are immune to all ten of the malware threats that Sophos cited.

If you are using Microsoft Outlook or a third-party email client that blocks execution of known executable formats, then a user running Windows Vista is not vulnerable to eight of the ten malware threats. In the case of the ninth piece of malware, Bagle-Zip, the malware is able to run because it uses the .ZIP file format which some mail programs do not block. In the case of the tenth piece of malware, Mydoom-O, the malware is sometimes able to run because it randomly chooses the file type to which to distribute its payload and sometimes that file type is an executable inside a .ZIP file, which some mail programs do not block. In both cases, this is a function of the e-mail software, not Windows Vista. That said, even when a user receives a mail infected with Bagle-Zip or Mydoom-O in the .ZIP file format, in order for the malware to affect the system, the user must first explicitly open the .ZIP file and then explicitly run the executable file that’s contained inside the .ZIP file — there is no way for this to happen without two steps of user action. If you happen run a third-party email client that does not block known executable formats, then you may also be vulnerable to Netsky-D.

View: Full Story Via: Windows Vista Blog

Computer security analysts are studying reports of a worm that may be circulating via a feature in Skype’s popular Voice over IP service.

Security vendor Websense said the worm spreads through Skype’s chat feature. Users receive a message asking them to download a file called “sp.exe.” The executable is a Trojan horse that can steal passwords. If a user runs the Trojan it triggers another set of code to spread itself.

The first infected PCs appeared in the Asia-Pacific region, particularly in Korea, Websense reported on its blog today. It said it was still investigating the issue.

View: Full Story Via: PC World

Notebook PC users who upgrade to Microsoft’s Windows Vista may have to disable some of the new operating system’s flashy graphics features to avoid seeing a decrease in battery life compared to when running Windows XP.

The drop will come from the extra power needed to run the high-end processors, graphics cards, and memory capacity required to support Vista. Microsoft has designed the new OS to deliver novel visual effects such as the translucent “Aero” windows on the desktop interface and to offer improved performance as a digital media hub. The business version of the OS was released last month, with the consumer version due out next month.

“Vista demands more computer resources for a given application than XP does. So you need a heavier battery, or you will have shorter battery life because of the greater demand for watts,” said Phil Hester, chief technology officer of Advanced Micro Devices, in remarks made at the company’s annual analyst day in New York last week.

View: Full Story Via: PC World

The amount of energy wasted by UK office equipment left on standby over the ten-day Christmas period would be enough to roast 4.4 million turkeys, predicts hardware maker Canon.

With offices deserted, devices left running will use 43.6 million kWh of electricity. In total, the energy wastage will cost UK businesses around £8.66m.

In environmental terms, Canon’s research suggests that around 19,000 tonnes of carbon dioxide will be produced unnecessarily – enough to fill the same number of 25-metre swimming pools.

PCs are the worst energy wasters with the prediction half of them will be left on over the Christmas holiday, using 37.8 million kWh of energy. Other equipment will contribute with all fax machines expected to be left running.

View: Full Story Via: silicon.com

Underground hackers are hawking zero-day exploits for Microsoft’s new Windows Vista operating system at $50,000 a pop, according to computer security researchers at Trend Micro.

The Windows Vista exploit—which has not been independently verified—was just one of many zero-days available for sale at an auction-style marketplace infiltrated by the Tokyo-based anti-virus vendor.

In an interview with eWEEK, Trend Micro’s chief technology officer, Raimund Genes, said prices for exploits for unpatched code execution flaws are in the $20,000 to $30,000 range, depending on the popularity of the software and the reliability of the attack code.

Bots and Trojan downloaders that typically hijack Windows machines for use in spam-spewing botnets were being sold for about $5,000, Genes said.

View: Full Story Via: eweek

With the recent release of Microsoft’s newest potential cash cows, Windows Vista and Office 2007, the company is expecting a wave of upgrades from users seeking the latest functionality. But what if you’re not looking for new bells and whistles? What if you want to keep your old operating systems, such as Windows 2000, running as long as possible?

Microsoft isn’t making it easy for you. Office 2007 and the software for the company’s much-hyped Zune music player won’t install on Windows 2000. As other new products emerge from Microsoft in 2007 and beyond, more and more of them are likely to leave Windows 2000 out of the party.
Which of these installation restrictions are caused by a real lack of capabilities in Windows 2000, however? Are any of them merely a “squeeze play” by Microsoft to convince buyers that it’s necessary to immediately upgrade all PCs to Vista and all servers to Server 2003 or the forthcoming Longhorn Server?

One example of this conundrum is Microsoft’s Windows Defender program. This antispyware program can be downloaded for free, but it will only install on Windows XP, Server 2003, and higher. The application won’t install on Windows 2000, according to Microsoft’s own product documentation.

View: Full Story Via: Information Week

Dell announced a new operating structure Tuesday that divides the company’s product business into new blocks. At the same time, several new executives are arriving at the Round Rock, Texas, company’s offices in a bid to inject some new thinking into management ranks.

Product development at Dell is now divided into two distinct groups: the Business Product Group and the Consumer Product Group. Brad Anderson, the company’s top server executive, and Jeff Clarke, Dell’s longtime PC group leader, will share responsibility for the Business Product Group. Alex Gruzen, brought into Dell from Hewlett-Packard two years ago to run the notebook operation, will head up the Consumer Product Group.

View: Full Story
News source: News.com