Ad-Aware 2007 will be released worldwide on June 7.
Make sure to read "Ad-Aware 2007 Premiere" article for a
peek at what is included in the features of Ad-Aware
2007 Pro, Plus, and Free versions.
For the he latest on spyware trends and advancements
in online crime, read on. Even as law enforcement
officials try to keep up the fight against cyber crime,
it's important to stay educated on the latest threats,
so you know how to protect your PC and yourself.
Get the scoop on e-surveillance, the raging botnet
battle, and the booming business of cyber crime.
Ad-Aware 2007 Premier
features included in each
version of Ad-Aware 2007.
At Lavasoft, their mission is
to develop and deliver the
highest quality anti-spyware
solutions, in order to give
computer users the power to
control their privacy and
security. Ad-Aware 2007 is
Lavasoft’s answer to the rapidly
changing threat landscape in
today’s cyber world. The
fully redesigned Ad-Aware 2007
has a new architecture that
allows for more program
flexibility and improved malware
detection as the industry
continues to grow in
“The launch of Ad-Aware 2007
is an important step for
Lavasoft, setting the groundwork
for their focus on the next
generation of malware and
At the same time, Lavasoft
know that security does not have
to be complicated to be
effective and relevant.
Ad-Aware 2007 was developed with
direct input from computer users
representing the spectrum of
ability, and the fresh new
interface smoothly guides users
through the complexities of
detecting and removing malware,
while still providing advanced
options for experienced users.
With Ad-Aware 2007, Lavasoft
has responded to the needs of
the everyday computer user at
home as well as the IT
individual in a business
setting. Ad-Aware 2007’s
fully rebuilt engine results in
faster scanning times, and is
stocked with convenient new
additions like automatic scans
and Web updates with the
Scheduler feature, the
TrackSweep privacy tool that
erases tracks left behind from
Internet browsing with the click
of a button, and the built-in
Hosts File Editor to block
advertisement sites and reverse
browser hijack entries.
The 2007 product will be
released in three different
versions: Ad-Aware 2007 Pro,
Ad-Aware 2007 Plus, and
Ad-Aware 2007 Free
(formerly known as Personal).
Take a look at the host of new
features included in Ad-Aware
2007 Pro, Plus, and Free
While Ad-Aware 2007 will not
be Vista compatible right away,
a Vista compatible version
(32-bit) will be released at the
end of August 2007, and all
Ad-Aware users with a valid
license will immediately receive
the Vista compatible version
update upon its release.
Remember, if you have a valid
Ad-Aware SE license, you are
eligible for an update to the
new Ad-Aware 2007 version,
completely free of charge!
Cyber-Stalkers Invade Personal Spaces
It's not just remote hackers that are trying to track
your online activity and gain access to your personal
information. Read below about cyber-stalking,
e-surveillance and how to protect yourself.
You know that the world is becoming a smaller place
when it is possible to find an address and get
directions with a few clicks on a mobile device. Another
few clicks and you can find out the precise coordinates
marking your location in space. You may even keep
a record of it in time, if you were so inclined.
If it’s easy for you, think about how easy it is for
others. But why would anyone want to know your
precise whereabouts, and what could they do with that
Plenty, it turns out.
You don’t need to be a high-profile artist to be the
subject of unwanted attention. Cyber-stalking can
come from a former partner or spouse, a total stranger,
or perhaps an estranged co-worker.
The Washington Post recently reported that stalkers
with cursory computer knowledge have been able to track
the e-mail and Web activity of current or recently
divorced spouses. Stalkers can choose from an
array of spyware, GPS devices on their own or embedded
in mobile phones, and tiny cameras, to keep track of
their victims. By working in this way, they can
remain anonymous and operate anywhere from a distance of
a few blocks, to many time zones away.
The victims of cyber crime may not readily know who
is invading their privacy. This, in itself, can
make victims feel powerless. But what is worse is
that they may not know the extent of the information
that may have been compromised. The range of
possibilities, from legal documents and financial
transactions, to intimate correspondence, is enormous.
Armed with that information, a stalker can decide to
show up unannounced to track a victim. Another may
choose to send harassing e-mails, electronic junk mail,
and computer viruses. And yet another, as reported
on CNET News, could intend to use the collected
information as ammunition to help win a divorce
Whichever form they take, these tactics are meant to
induce fear. Police departments are being trained
to deal with cyber-stalking, but prosecuting these
crimes presents many challenges.
How can you protect yourself against cyber-stalking?
According to Douglas Schweitzer, an Internet security
specialist with Computer World, it is wise to be
cautious with your personal information. Follow these
guidelines to protect yourself:
your real name as your screen name or user ID.
personal information in public online spaces or give
it to strangers in e-mail or chat rooms.
personal information as part of a user profile.
that your Internet provider and any online
communities you frequent have policies that prohibit
Botnets Grow in Size and Sophistication
The battle of the botnets has begun in earnest.
Botnets have become a leading player in the world of
Botnets, networks of thousands of computers
used to spread malware, have become the
hottest commodity of cyber criminals.
Malicious code, as dangerous as it is, has
taken a back seat to the means to deliver
it. As a result, hackers and spammers
are no longer the sole leading figures
responsible for perpetrating cyber crime.
Botnet controllers are responsible for
pulling the strings of an increasingly
professional and sophisticated cyber crime
community. Emerging as a new serious
brand of player, they are threatening the
very openness of the Internet that we have
come to take for granted.
Botnets have the ability to attack the
Internet en masse. As a result, the
frequency and complexity of attacks is
escalating. Another contributing
factor is the professionalism displayed by
the cyber criminals.
An example of this was recently reported
on PC World. Security firm Panda
Software discovered an innovative
application called Zunker, which was used to
control and monitor botnet computers in as
many as 54 countries. The tool had
been designed to be easy to use and allowed
the owner the ability to tune the
performance of the network.
As another sign of sophistication,
security researchers have found that a
growing number of botnets are being used
only once. The botnet controller rents
the network to the highest bidder and, once
an attack is completed, abandons it.
This strategy makes it more difficult for
law enforcement to track the botnet
controllers, or ‘bot herders’ as they are
Bringing those criminals to justice,
though difficult, is not impossible.
Witness the sentencing of Jeanson Ancheta,
21, of California to a term of 57 months in
a federal prison. Ancheta, a bot
herder, controlled and rented 400,000
computers to other cyber criminals who used
the network to launch security attacks.
Contributing to the problem is the large
number of home users whose computers do not
have adequate protection and are easy prey
for botnet operators. It is critical
that home users install up-to-date firewalls
and security software, in addition to
practicing caution when going online.
Notwithstanding all the challenges ahead,
security experts remain optimistic that the
botnet threat can be mitigated without
having to alter how we currently use the
Internet. The prospect of a closed
Internet is not something that would benefit
anyone, cyber criminals included.
Cyber Criminals: Savvy, Professional and Organized
Malware suppliers are tailoring their techniques, using
personalisation schemes and even embracing their
competition, all for the pursuit of profits.
Malware goes mainstream.
Think service contracts, personalisation,
and upgrades. It’s all there.
Suppliers of malware have become quite
sophisticated in their offerings. Their
motivation? Think one simple word:
Malware suppliers have adopted many of
the same business practices used by leading
software providers. But they are going
one step further. By embracing
their competitors, malware suppliers are
becoming more like a consortium in their
ability to strategically deliver customised
offerings, to tap into synergies, and,
significantly, to share market intelligence.
Large enterprises may continue to be the
most visible of the victims of cyber crime,
but they are no longer its main focus.
Small to medium-sized firms provide much
more viable targets. But how do
malware suppliers find the right targets?
One thing is for sure: they are not
reinventing the wheel.
Malware suppliers are borrowing market
research concepts and turning them into
tools that can gather relevant information
about potential targets. Armed with
treasures such as browser version, operating
system software, IP address, and level of
security patch, malware writers have a ready
end-user profile at hand.
The Internet Security Systems X-Force
team at IBM, headed by Gunter Ollman has
been actively researching the methods used
by cyber criminals. In a recent Info
World article, Ollman states that the most
sophisticated of these cyber criminals are
trading information such as IP addresses to
ensure that their latest work is not
Though they may not have face-to-face
meetings or send e-mail correspondence,
these cyber criminals have other means of
communicating with each other. Whether
through chat rooms or bulletin boards, they
collaborate in ways that help extend the
reach of their malicious code.
There is strength in numbers.
As recently reported in Info World,
McAfee’s latest research report shows that
criminals are connecting in greater volume
than ever before. Dave Marcus, a
security research manager at McAfee’s Avert
Labs believes that the criminals are doing a
better job at communicating than the
security industry itself.
Countries like Russia and China, which do
not participate in worldwide groups that
fight malware use, have become hotbeds for
cyber criminals. With no
shortage of outlets for the distribution of
their malicious code, their activity is
expected to flourish in 2007.
VoIP systems are expected to see
an increased volume of threats, as are
mobile devices like smart-phones.
Threats in the form of phishing attacks,
spyware, and mobile spam will become more
What’s an end-user to do? Natalie
Lambert, of Forrester Research, recommends
using a multi-layer approach to safeguard
yourself. Having a single security
measure, such as an anti-virus program, is
no longer enough and can’t protect against
specific, targeted attacks, the type that
are becoming de rigueur for sophisticated
Top Computer Crimes of 2007
U.S. News & World Report
Only halfway through the year, 2007 is already proving
to be an impressive year for cyber criminals in America.
Take a look at the top cyber crimes for the year's first
quarter, pulled together from the U.S. Justice
Department's Computer Crime Section, the FBI, and
Immigration and Customs Enforcement.
Lavasoft News has compiled a list of "security shorts" -
summaries of other online security stories making news
around the world this past month.
Security Bill Takes on Botnet Battle
A new bill introduced in the United States
Congress, the Cyber Security Enhancement
Act, is aiming to widen penalties for cyber
crime, including creating criminal penalties
for botnet attacks used to aid in identity
theft, denial-of-service attacks, and the
spread of spam and spyware. The
legislation would also allow prosecutors to
pursue racketeering charges against cyber
criminal groups, expand sentencing
guidelines for cyber crime, and add $30
million U.S. a year to the budgets of
federal agencies combating cyber crime.
Cyber Security Bill Targets Botnets
Cyber Security Enhancement Act seeks
criminal penalties for botnet attacks used
to aid identity theft, enial-of-service
attacks, and the spread of spam and spyware.
Tuesday, May 15, 2007 9:00 AM PDT
A tech trade group and a leading
cybersecurity vendor applauded new
legislation introduced in the U.S. Congress
that would broaden penalties for cybercrime,
including first-time penalties for botnet
The Cyber Security Enhancement Act,
introduced Monday, would create for the
first time criminal penalties for botnet
attacks often used to aid identity theft,
denial-of-service attacks and the spread of
spam and spyware. Botnets are groups of
compromised computers that hackers can
The bill, introduced by Representatives Adam
Schiff, a California Democrat, and Steve
Chabot, an Ohio Republican, would also allow
prosecutors to pursue racketeering charges
against cybercriminal groups, would expand
sentencing guidelines for cybercrime by
allowing the forfeiture of property used to
commit the crime, and would add US$30
million a year to the budgets of federal
agencies fighting cybercrime.
The Business Software Alliance (BSA), a
trade group, and Symantec Corp., a security
vendor, both offered support for the
legislation. BSA and other tech trade groups
have pushed Congress to pass tougher
cybersecurity legislation, and BSA said its
member company CEOs will push for passage of
the bill when they meet in Washington, D.C.,
"For too long. cyber criminals have taken
advantage of legal blind spots and an
under-resourced law enforcement community to
brazenly threaten online confidence and
security," BSA President and CEO Robert
Holleyman said in a statement. "This
legislation will give law enforcement
updated and improved tools to combat what
has become a growing, organized criminal
Symantec, in a statement, cheered the
cosponsors effort to target botnets. The
sophistication of cybercrimes, particularly
botnets, "far outstrips the laws on the
books," said John Thompson, the company's
chairman and CEO. The bill shows Congress is
"truly serious" about combating cybercrime,
The bill would also broaden the definition
of electronic data theft related to
interstate or foreign communication, and
expand the cyber extortion statute.
Google Warns of Web Malware
The sheer volume of malware being hosted on
websites was revealed through a Google study
based on a year-long scan of over 4.5
million sites. “The Ghost in the Browser”
study reports that one in 10 web pages are
laced with malicious code. Of the sites the
Google research team analyzed, 450,000 were
capable of launching drive-by-downloads to
install malicious code, like spyware and
Trojans, onto users’ computers. Another
700,000 web pages were found to contain code
that could compromise PCs.
Google searches web's dark side
Malicious programs are installed by visits
to a booby-trapped site
One in 10 web pages scrutinised by search
giant Google contained malicious code that
could infect a user's PC.
Researchers from the firm surveyed billions
of sites, subjecting 4.5 million pages to
About 450,000 were capable of launching
so-called "drive-by downloads", sites that
install malicious code, such as spyware,
without a user's knowledge.
A further 700,000 pages were thought to
contain code that could compromise a user's
computer, the team report.
To address the problem, the researchers say
the company has "started an effort to
identify all web pages on the internet that
could be malicious".
Drive-by downloads are an increasingly
common way to infect a computer or steal
They usually consist of malicious programs
that automatically install when a potential
victim visits a booby-trapped website.
"To entice users to install malware,
adversaries employ social engineering,"
wrote Google researcher Niels Provos and his
colleagues in a paper titled The Ghost In
Finding all the web-based infection vectors
is a significant challenge and requires
almost complete knowledge of the web
Hi-tech crime unit
"The user is presented with links that
promise access to 'interesting' pages with
explicit pornographic content, copyrighted
software or media. A common example are
sites that display thumbnails to adult
The vast majority exploit vulnerabilities in
Microsoft's Internet Explorer browser to
Some downloads, such as those that alter
bookmarks, install unwanted toolbars or
change the start page of a browser, are an
annoyance. But increasingly, criminals are
using drive-bys to install keyloggers that
steal login and password information.
Other pieces of malicious code hijack a
computer turning it into a "bot", a remotely
Drive-by downloads represent a shift away
from traditional methods of infecting a
computer, such as spam and email
As well as characterising the scale of the
problem on the net, the Google study
analysed the main methods by which criminals
inject malicious code on to innocent web
Spam e-mails are a common way to infect a
It found that the code was often contained
in those parts of the website not designed
or controlled by the website owner, such as
banner adverts and widgets.
Widgets are small programs that may, for
example, display a calendar on a webpage or
a web traffic counter. These are often
downloaded from third-party sites.
The rise of web 2.0 and user-generated
content gave criminals other channels, or
vectors, of attack, it found.
For example, postings in blogs and forums
that contain links to images or other
content could unwittingly infect a user.
The study also found that gangs were able to
hijack web servers, effectively taking over
and infecting all of the web pages hosted on
In a test, the researchers' computer was
infected with 50 different pieces of malware
by visiting a web page hosted on a hijacked
The firm is now in the process of mapping
the malware threat.
Google, part of the StopBadware coalition,
already warns users if they are about to
visit a potentially harmful website,
displaying a message that reads "this site
may harm your computer" next to the search
"Marking pages with a label allows users to
avoid exposure to such sites and results in
fewer users being infected," the researchers
However, the task will not be easy, they
"Finding all the web-based infection vectors
is a significant challenge and requires
almost complete knowledge of the web as a
whole," they wrote.
Mobile Phone Threats
Continue to Climb
By the end of 2007, the number
of mobile phone viruses is
expected to double, a McAfee
official recently told Reuters.
Spyware and virus threats on
phones have risen as mobile
malware writers find new ways to
break into the cell phone
software market. Security firm
F-Secure reported that two new
spying tools are now facing
mobile devices running Windows
Mobile and Symbian S60 3 rd
edition operating systems.
A component of Windows Update is
being used to stealthily get
malicious code downloads past
firewalls, researchers at
Symantec have reported. Hackers
are taking advantage of the
Background Intelligent Transfer
Service (BITS), a Windows
component that allows files to
be transferred between machines,
to bypass local firewalls in
order to sneak in malicious
Top Threat: Memory
Removable media devices are
viewed as the top security
concern for corporations,
according to a new study from
Centennial Software. Nearly 40
percent of IT managers surveyed
responded that removable media
devices like USB memory sticks
and MP3 players are the biggest
security threat for their
companies. While recognizing the
risk, according to the report,
80 percent of firms do not have
protection measures in place.
New Targets in Detection (May 2007)
Protect your privacy with a complete list of new targets
for May 2007.
If you want to go behind the walls of Lavasoft, hear
what we are up to, what we are thinking and what is
happening in the industry, the Lavasoft Company Blog is
the place to go for regular, up-to-date information.
|Enhance computer Privacy
Lavasoft Ad-aware SE Plus
Lavasoft Ad-aware SE Professional.
Computer users are safety savvy when it comes to
understanding potential threats coming in through their
e-mail inboxes, like phishing, viruses, and malware.
Results from an E-mail Sender and Provider Coalition
survey show that over 80 percent of
users recognize and report spam through functions in
their e-mail service. Yet, it only takes one
e-mail user in 10,000 to buy something from a
spammer to keep them in business.
Source: Network World
Term of the Month
is a type of web feed format used
to publish constantly updated web-based content like
blogs and news feeds. RSS stands for Really Simple
Syndication, and can also refer to Rich Site Summary or
RDF Site Summary. RSS delivers information as an XML
file called an RSS feed or webfeed. By subscribing to a
website's RSS feed, new content from that site is
retrieved and presented to the computer user through
their feed reader or feed aggregator program.
It can be difficult and time consuming to keep track of
all the news available on the web. Sign up for RSS feeds
to stay up-to-date with news from your favorite
websites. RSS is a convenient way to distribute news,
plus it allows you to control the amount of data you
receive online and decrease your online traffic, saving
you time by not having to visit individual sites. To use
RSS feeds, simply choose an RSS reader tool and then
load RSS feeds into your reader from the sites you are
Lavasoft's Company Blog and the
News from Research
blog have RSS feeds up and
running. By subscribing to the News from Research blog,
you will be notified whenever a new Definitions File is
is a "neighborhood watch" group
dedicated to fighting badware - spyware, malware and
deceptive adware. Educate yourself by reading their
in-depth reports on applications and websites, or fight
back by submitting your badware story to aid their