ACS:Law facing costs over file-sharing cases

This is a story I have been following for some time and when I first heard of the letters that computer and internet users where getting in the mail so accuse them of illegal file sharing, I thought that the amount of letters being sent out was speculative.

It looks as if many of those accused may be able to recover costs.

“File-sharing lawyers ACS Law are facing a massive costs bill after a judge labelled the firm’s conduct as “chaotic and lamentable”.

The Patents County Court today handed down a judgement on whether 27 people accused of illegal file-sharing by the law firm could recover their legal costs. ACS Law and its client – pornography distributor Media CAT – dropped the cases before a crucial court hearing, prompting the defendants to apply for wasted legal costs.”

Read more: Judge: ACS Law’s conduct was “chaotic and lamentable” | News | PC Pro

BT escapes prosecution over web snooping


BT using its Phorm advertising software to monitor what the users of their services where watching and then to tailor advertisements to that viewing habit was always going to be a potential flashpoint in privacy circles.

However it looks as if BT dodges the bullet,

“BT will not be prosecuted for snooping on the web browsing habits of its customers.

The Crown Prosecution Service (CPS) has dropped a request bring charges against BT and Phorm – the firm that supplied the monitoring system.

The Webwise software used cookies to track people online and then tailored adverts to the sites they visited.

The CPS explained its decision saying that there was insufficient evidence to proceed with a prosecution.

The web tracking trials were carried out in 2006 and involved more than 16,000 BT customers. When the covert trials became public they led to calls for prosecution because BT and partner Phorm did not get the consent of customers beforehand.

This left them open to prosecution under Section 1 of the Regulation of Investigatory Powers Act which outlaws unlawful interception.”

Read the full article HERE at BBC Technology News.

Clean-up starts after the LizaMoon SQL infection


While it can never be fully assessed as to how many internet users have been duped into installing and paying for the fake security software as in “Windows Stability Center”, it does look from the initial reports as this attack as not managed to take hold as bad as it could have and in the main to very quick responses from many of the top security companies.

3113_lizamoon2_windowsstabilitycenter_jpg-550x0  The Fake Security Application “Windows Stability Center”

Sadly these fake antivirus and security applications are now looking more professional looking and with the name Windows or Microsoft on them they do to many PC users look real.

“The Lizamoon website attack seems to have ensnared relatively few victims.

The massive attack managed to inject the name of several rogue domains into hundreds of thousands of websites.

The link led to a page that carried out a fake virus scan and then recommended fake security software to clean up what it supposedly found.

But despite the huge success by the attackers, swift action by security firms looks to have limited the number of victims.”

Read the full article at BBC Technology News HERE

More information at Websense Blog HERE on what to look out for if you are accidently caught out by a faked Domains.

Rustock Spammers Sought

spam-e-mailThe Rustock spamming botnet was one of the biggest spamming nets in the world until its takedown in February of 2011, this has seen many users have slightly less spam email in their inbox than usual.

Now the authorities and companies involved with the removal of this botnet are after the creators, who that say may number in the handful.

The Rustock botnet, which sent up to 30 billion spam messages per day, might have been run by two or three people.

“It does not look like there were more than a couple of people running it to me,” said Alex Lanstein, a senior engineer at security firm FireEye, which helped with the investigation into Rustock.

That work by FireEye, Microsoft, Pfizer and others culminated on 16 February with simultaneous raids on data centres in seven US cities that seized 96 servers which had acted as the command and control (C&C) system for Rustock.

Read the full article at BBC Technology News HERE

Microsoft Update KB2524375 to Block Fraudulent Certificates

Privacy 001This update is one you will wish to make sure you have installed, its purpose is to block a set of Certificates that had the digital signature of Comodo as the Certification Authority on them, this could have lead to users going to an unsafe or spoofed website, which had been exploited.

Mozilla the makers of Firefox Browser have also updated Firefox to take into account of these fraudulent certificates, so do update that browser to the latest version.

Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.

The following domains are affected by the certificates:

  • (3 Certificates)
  • Global Trustee

You should have already been offered this update over the last few days via Windows Update, but if you have not then run Windows Update or you can visit the download site of KB2524375  – Microsoft Security Advisory: Fraudulent Digital Certificates could allow spoofing HERE (just choose your Windows version and download and double click the file to install)

Read the full text of the advisory HERE

If you wish to double check to see if you have this update already, just open up Windows Update and click Update History, then look down the list for KB2524375, if you have it then you are ok, if not go to Windows Update or download from the link posted earlier.

Windows Vulnerability in MHTML

securityBigMicrosoft have released a Security Advisory KB2501696 for Windows Operating System in which an attacker can affect Internet Explorer, and while this was release last week, I thought it maybe prudent in the light of a few news agencies now posting this information to highlight the information and workaround, until the full patch fix is released.

“The main impact of the vulnerability is unintended information disclosure. We’re aware of published information and proof-of-concept code that attempts to exploit this vulnerability, but we haven’t seen any indications of active exploitation.”

While this is a serious issue, it can be blown out of proportion by the media, when in reality its only a proof of concept and may not be exploited, however its always wise to keep your Windows version and all software fully up to date.

“The vulnerability lies in the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler, which is used by applications to render certain kinds of documents. The impact of an attack on the vulnerability would be similar to that of server-side cross-site-scripting (XSS) vulnerabilities.  For instance, an attacker could construct an HTML link designed to trigger a malicious script and somehow convince the targeted user to click it. When the user clicked that link, the malicious script would run on the user’s computer for the rest of the current Internet Explorer session.  Such a script might collect user information (eg., email), spoof content displayed in the browser, or otherwise interfere with the user’s experience.”

More info HERE

Just click the FixIt logo below to enable and disable the workaround fix.