Mindblown: a blog about philosophy.

Smart Russian spyware gathered info ‘unnoticed’ for 54 days. According to researchers at SecureWorks , a sophisticated trojan which spread through browser exploits, harvested sensitive data both from storage and by monitoring online activity, and uploaded this data to a server in St. Petersburg, went undetected by many AV products for over 50 days. The…

Detection failures and other issues confirmed, improvements promised. Microsoft ‘s Windows Live OneCare , hit by a series of public relations difficulties recently with failures in both VB100 and other independent testing , as well as a high-profile problem with inappropriate quarantining of email databases , suffered another blow last week with a senior spokesman…

Anti-fraud system provides avenue for reporting and stopping targeted attacks. Security firm RSA has announced a new system to block spyware and phishing fraud, by taking down sites used to spread malware and gather data. The FraudAction Anti-Trojan Service will be generally available in April. RSA ‘s scheme aims to reduce financially motivated malware attacks,…

Serious McAfee buffer overflow flaws join yet another Trend UPX issue. Several vulnerabilities have been found in McAfee ‘s ePolicy Orchestrator management tool, which could be exploited to gain remote access to systems running the software. Patches have been made available and users are advised to ensure they are applied as soon as possible. Several…

Major update release emerges in mysterious silence. Microsoft has released a new service pack for its Windows Server 2003 platform, almost entirely without warning or promotion. The release contains a swathe of fixes, including many security flaws patched since the previous service pack, and also covers the 64-bit version of Windows XP . Service packs…

APACS study records major increase in phishing fraud earnings. UK banking payments body APACS has released its latest figures for credit card and other types of banking fraud, showing a sizeable drop in straight card fraud but a similarly large rise in funds stolen via phished online banking details. The figures compared reports for 2006…

Popular free spyware-spotting tool acquired by security giant. Trend Micro has announced the acquisition of HijackThis , the popular freely available tool designed to reveal hidden spyware infections. HijackThis , which has reportedly been downloaded over 10,000,000 times, was developed by Merijn Bellekom from the Netherlands. Bellekom has produced several other anti-spyware tools including CWShredder…

Old mailbox deletion bug resurfaces, upsets users Microsoft ‘s Windows Live OneCare has been the cause of considerable frustration to its users recently, with an issue with the settings for mailbox scanning – removed from earlier versions – reappearing in the current release and leading to quarantining or even deletion of Outlook mailboxes. OneCare does…

Fact sheet on web root server bombardment published by ICANN. The Internet Corporation for Assigned Names and Numbers (ICANN), the body responsible for controlling the DNS system at the heart of the Internet, has issued a fact sheet with details of last month’s ‘massive attack’ on several of the top-level nameservers providing connection information for…

As bulk emailing is regulated in NZ, Canada hears calls for similar laws. The New Zealand government announced last week the final passing of a law to control spam originating in the country, which is expected to come into force in six months’ time. The law covers mobile phone text message and instant message spam…