This issue of SunbeltSecurityNews contains:

Save $30 on SafeEyes Parental Controls Today Through a special offer with InternetSafety.com Sunbelt Security News Readers can get Safe Eyes Parental Controls Software for only $19.95. Safe Eyes Parental Control Software Includes: Content Controls - Flexible content control allows you to select the types of website that are appropriate. Program Controls - Control Instant Messengers, P2P File Sharing, and other harmful programs. Time Controls - Control the amount of time spent online, and the times when the internet is available. Usage Logging - Create and review logs of websites visited, programs used on the Internet, and Instant Messaging Chats. Usage Alerts - Be notified instantly via email, text message, or phone call when someone visits inappropriate websites. Get SafeEyes now for only $19.95 http://www.sunbeltsecuritynews.com/100825-SafeEyes

Editor's Dossier

Greeting SSNers,

Our new ClearCloud is creating quite a stir. I had to sit down with Curt the Product Manager and ask him a bunch more questions, which he was kind enough to answer. One thing that is really neat is that ClearCloud updates malicious sites in real-time so that is always current and there is no download to wait for, a distinct extra layer of your defense.

VIPRE was recently awarded Gold Level Certification from OESIS. That service monitors updates of signature-based security applications and enables technology vendors to check the exact update status of applications detected. Enjoy the latest issue of SunbeltSecurityNews. And remember stay safe out there.

Best,
Larry Jaffe
Editor SunbeltSecurityNews
Follow us on Twitter: @SSNtweet
SSN Forums: http://forums.sunbeltsecuritynews.com/
P.S. You can write to me at any time, I want to know how you feel about Internet security and if you have any ideas for articles or subjects you would like us to cover. Email me feedback@SunbeltSecurityNews.com

Did you know that Sunbelt Security News has three sister publications that arrive once-a-week? If you run Windows XP, subscribe to WXPnews and get the latest on keeping XP up & running, hints, tips and techniques to keep it fast and secure. You can subscribe here, and tell your friends: http://www.sunbeltsecuritynews.com/100317-WXPNews If you run Vista or Windows 7, subscribe to Win7News and get the latest on keeping Win7 up & running, hints, tips and techniques to keep it fast and secure. You can subscribe here: http://www.sunbeltsecuritynews.com/100317-Win7News Run Windows Server? WServerNews is the world's largest newsletter focused on system admin and security issues for Microsoft Windows Servers. Subscribe here, and tell your admin friends: http://www.sunbeltsecuritynews.com/100317-WServerNews

Interview with ClearCloud Product Manager Curt Larson

The interest in our ClearCloud Beta Program has been astounding and the program is still open. If you are interested, simply click on the links at the end of the interview.

SSN: If VIPRE 4.0 premium blocks websites, why would I need ClearCloud?
CL: ClearCloud is available to anyone and everyone. ClearCloud has the advantage of being updated faster than VIPRE Premium, so the latest malicious web sites are blocked before your definitions may have been updated. CL: ClearCloud is available to anyone and everyone. ClearCloud has the advantage of being updated faster than VIPRE Premium, so the latest malicious web sites are blocked before your definitions may have been updated.

SSN: Will ClearCloud be marketed as a separate product?
CL: Yes.

SSN: How much will it cost?
CL: ClearCloud is a free service to everyone.

SSN: How does ClearCloud differ from OpenDNS?
CL: OpenDNS is content filtering. It filters content based on categories of sites, such as gambling, pornography, lingerie, social networking, humor, and more. These sites may not be malicious, but they are generally considered unacceptable types of content. OpenDNS is often used in place of parental control software, and that's perhaps its best description. ClearCloud does not do content filtering. It performs security filtering. If a site is malicious, which means it's downloading a malicious file to your computer, capturing personal data, or enticing you to spend money on an illegitimate product (the software con), ClearCloud blocks it. If a gambling or porn site is not a security threat to your computer, ClearCloud won't block it. It's really that simple.

SSN: When ClearCloud goes into production, what will happen to my web browsing if the ClearCloud site goes down?
CL: The ClearCloud service is hosted at 11 locations throughout the world, at facilities that host internet services for thousands of companies, plus a back- up. In the unlikely event that all 11 locations go down simultaneously, it will be bigger problems than just ClearCloud.

SSN: Will it have a user-friendly interface like VIPRE, where I can disable it temporarily on a specific URL through a left click, etc.
CL: Yes, there is a simple little utility that enables or disables ClearCloud at the click of a button. Unfortunately however, browsers don't necessarily recognize the change immediately. Browsers will "cache," or save in memory, the most recent settings. We've found that Firefox, Chrome and Safari will "accept" the change in ClearCloud, but Internet Explorer will take as long as 45 minutes before it recognizes the change. There however, will not be a "left-click" or "right-click" option to continue to a particular site when we release for production.

To find out more about ClearCloud, visit www.ClearCloudDNS.com. To download the utility directly, go to the Setup page, www.ClearCloudDNS.com/Setup/. Be sure to post anything you find on the ClearCloud Support forum, forums.ClearCloudDNS.com

Eyes Only Your Viewpoint on Security Issues

I am surprised not to read anything about BetterPrivacy for dealing with .sol cookies, and FlashBlock for dealing with flash objects. Both of these are simple and reliable add-ons for Firefox. -- JD My bank wants me to add Rapport software as extra security against identify theft. They say it's compatible with other anti-virus software. I would like to get your opinion on this before I add any additional anti-virus software.

I also want to thank you for mentioning Secunia PSI and Malwarebytes in your Sunbelt Security News. Both of these are outstanding additions of security to any computer. I found numerous outdated and security risk, unpatched software with Secunia PSI and I discovered 2 malware bugs on my computer which Malwarebytes quickly deleted. Many, many thanks! - NH

Editor's Note: We spoke with Sunbelt Support Engineer Nick Hallin who told us the following: "I have actually spoken with the QA manager from Trusteer. We do see issues when running Rapport alongside our Sunbelt Personal Firewall but there are no known issues running Rapport alongside VIPRE Premium. Also, I don't believe Rapport is actually an anti-virus as this customer states. I believe it's just something like an anti-key logger for use when logging onto banking websites."

Operations: What You Need To Know

GFI Software announced that its security business unit has completed certification from the OESIS OK program founded by OPSWAT, a provider of development tools that power software application manageability. This certification provides enterprise and consumer prospects and customers with independent verification that GFI VIPRE(r) Antivirus products operate seamlessly with thousands of compliance, manageability assessment and support solutions.
http://www.sunbeltsecuritynews.com/100901-PressRelease
A vulnerability has been found in Apple QuickTime (for Windows) that could be used to run arbitrary code. (Secunia advisory here: http://bit.ly/cq2vts) RealPlayer has updated its video player for all operating systems to fix a variety of vulnerabilities. Bulletin here: http://bit.ly/aVv05o Microsoft has posted an advisory that explains the "DLL preloading attacks" and offers a work-around tool that "allows customers to disable the loading of libraries from remote network or WebDAV shares. (Advisory here:
http://www.sunbeltsecuritynews.com/100901-advisory

Adobe has posted Shockwave Player version 11.5.8.612 for Windows and Mac to fix critical vulnerabilities in version 11.5.7.609 and earlier that could allow an intruder, to run malicious code on the affected system. Microsoft is warning that users who have failed to update their Java Runtime Environment (running versions up to 6 update 18) are vulnerable to drive-by downloads of Trojan Win32.TrojanDownloader.Unruy. (Microsoft's Technet blog piece here:
http://www.sunbeltsecuritynews.com/100901-advisory3

ACROS Security Company is reporting that Apple iTunes for Windows is vulnerable to a malicious dynamic linked library file that could be loaded and run from local drives, remote Windows shares or Internet shares. (Advisory here:
http://www.sunbeltsecuritynews.com/100901-advisory2
Google Chrome version 5.0.375.127 (Linux, Mac and Windows).
Adobe Reader and Acrobat versions 8.2.3 and 9.3.3.
Opera 10.61 (PCs, Mac and Linux).

This Week's Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan.Win32.Generic!SB.0: Trojan
3. MyBrowserBar: Hijacker
4. Trojan-Spy.Win32.Zbot.gen: Trojan
5. INF.Autorun (v) (fs): Trojan
6. Trojan.Win32.Generic.pak!cobra: Trojan
7. Trojan.HTML.FakeAlert.e (v): Trojan
8. Worm.Win32.Downad.Gen (v):Worm.W32
9. Trojan.HTML.FakeAlert.d (v): Trojan
10. Trojan.Win32.Bamital.c (v): Trojan

Stay on top of all the real-time threats:
http://www.sunbeltsecuritynews.com/100901-researchsunbeltsoftware

Dirty Tricks

A botnet responsible for frequent malicious spam campaigns has been reduced to a whisper. At least for now. Thanks to efforts by LastLine, makers of malware analysis tools, the Pushdo botnet has been crippled, which has resulted in the near immediate plummet in spam.
http://www.sunbeltsecuritynews.com/100901-spamplunges
A quarter of new worms this year specifically have been designed to spread through USB storage devices, researchers at Panda Security said Thursday. This malware typically is designed to copy itself to any device capable of storing information, including flash sticks, cell phones, external hard drives, DVDs, and MP3 players. The malware is highly effective and typically runs automatically when a USB device is connected to a computer, silently infecting the system. Make sure you have VIPRE set to scan devices!
http://www.sunbeltsecuritynews.com/100901-usbworms
Adobe Flash cookies are at the heart of three federal lawsuits alleging they violate your privacy and help advertisers track you across the Web
http://www.sunbeltsecuritynews.com/100901-flashcookies
Facebook on Friday afternoon was investigating what appeared to be a new spam scheme that results in users getting messages from friends over Facebook chat that has malicious links.
http://www.sunbeltsecuritynews.com/100901-facebookchat
Facebook rolled out a new feature called Places that lets you and your friends check in to locations, Foursquare-style. If you'd prefer to keep your location private, or at least stop your friends from posting it, here's how.
http://www.sunbeltsecuritynews.com/100901-facebookplaces

Zone - Cool Products & Other Stuff

I am always looking for some hot stuff to share with our readers maybe you are too. Hit me back at feedback@SunbeltSecurityNews.com.


Lemur Monitors, has come out with a trio of data port devices that can help you drive more safely and keep an eye on other drivers of the car as well.
http://www.sunbeltsecuritynews.com/100901-lemurmonitors
Green Ray Solar has a solar panel that puts out alternating current, rather than direct current as most solar photovoltaic panels do today. AC panels can be simpler to install and wire together than traditional panels, which makes a piecemeal approach easier.
http://www.sunbeltsecuritynews.com/100901-solar
In an efficient and safe effort to save us from the ill-effects of plastic waste, Akinori Ito developed a machine which converts plastic back into oil. This is -really- interesting!
http://www.sunbeltsecuritynews.com/100901-plastictooil
David Howell, Paul McGinley, Marcel Siem and Rhys Davies attempt to skim a golf ball 200 yards across a lake and hit a 9 inch gong. This is fun!
http://www.sunbeltsecuritynews.com/100901-golfshot