Cyber Security is Evil! F-Secure is Evil!

Posted: October 27th, 2009 | Author: | Filed under: IT Related | Tags: , , , , , , | 2 Comments »

*still waiting for my advisory to be approved.. will post some links soon*

Hahaha.. Dont get me wrong.. I didn’t mean the companies are bad.. Its the rogue security software 😉

Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing

[source: wikipedia]

Lets see some screeny:

Yo! Cyber Security in da haus!

Google search lead to rogueware

Captain Obvious to the rescue! I’m in Linux and don’t have Windows installed 😉

Moral of the story:

  • do not simply trust free stuffs
  • keep your AV up to date
  • it is worth it to have antispyware installed (Malwarebyte’s Anti-Malware is not bad)
  • find anything suspicious? keep a copy of it.. share the sample with me 😛

*still waiting for my advisory to be approved.. will post some links soon*

Exploit Shield 0.60 Beta Released

Posted: February 17th, 2009 | Author: | Filed under: IT Related | Tags: , , , , | 1 Comment »

For those who are still booting into Microsoft Windows, a new version (0.60) of our F-Secure Exploit Shield Beta is now available.

You may also remember that Microsoft patched MS08-078 around the same time. Multiple versions of Internet Explorer were affected on multiple versions of the Windows OS and exploit code was circulating at the time. Exploit Shield 0.5 was able to proactively protect against those exploits.

Exploit Shield is designed to shield Web browsers between the development of an exploit and the release of the vendor’s patch.

To sum up, Exploit Shield provides:

  • Zero Day Defense: Protects unpatched machines.
  • Patch-Equivalent Protection: Vulnerability “shield” updates.
  • Proactive Measures: Heuristic detection techniques.
  • Protects Against All Websites: Regardless if untrusted or trusted and malicious or hacked.
  • Automatic Feedback: detected exploit attempts are automatically reported to F-Secure.

Here’s the main menu:

Version 0.60 now includes 32-bit Vista support, includes more vulnerability coverage and also includes engine improvements.

Look for the download link from:

If you want or need a reason to test Exploit Shield, consider this month’s Microsoft Updates. There were two vulnerabilities in Internet Explorer 7 for Windows XP and Windows Vista that were patched last week…

Firefox isn’t completely immune either, see Mozilla’s Security Center for details on recent vulnerability patches.

[source: F-Secure Weblog]

P/S: Version 0.5 users will now see a prompt that their installation has expired. The database channel is now closed, but the existing shields and the proactive protections remain.

*** [updated on 22/2/2009] ***

F-Secure Exploit Shield proactively protected against MS09-002 (a vulnerability in Internet Explorer 7) without the need for a shield update.