Category Archives: Browsers

Defeat Internet Browser Exploits With Malwarebytes Anti-Exploit

imageCybercriminals design malware to exploit vulnerable systems without user interaction being required – on the one hand, and craft attacks that take advantage of unaware (untrained) computer users, in which user interaction is required – on the other hand.

The second part, of this two part attack approach, can only be defeated if the computer user is aware of current Internet threats. So, knowledge and experience, are critical ingredients in the never ending and escalating battle against cybercriminals.

In order to defeat attacks which rely on exploiting vulnerable systems, the preferred method to do so is – the implementation of a layered security approach. Employing layered security should (I emphasize should), lead to the swift detection of malware, before any damage occurs on the targeted system.

Let’s talk real world:

Given existing technology, no single security application is capable of providing adequate computer system protection. Gaps exist in protection capabilities in even the most sophisticated security applications.

Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing those gaps. Keep in mind however, that even the best layered protection strategy will not make up for the lack of experience, and intuitiveness, of many computer users.

So, stopping the bad guys from gaining a foothold has to be a primary objective of that layered defense strategy that I mentioned earlier. And, part of that strategy includes, raising barriers at the doorway to the system – the Internet browser.

The Modern Malware Review (March 2013), a statistical analysis performed by Palo Alto Networks which focused on malware that – “industry-leading antivirus products” failed to detect – noted a persistent trend.

From the report:

90% of unknown malware delivered via web-browsing

Given that the samples were captured by the firewall, we were able to identify the application that carried the malware. While web-browsing was found to be the leading source of malware both in terms of total malware as well as undetected malware, the application mix was very different between the two groups.

For example, SMTP accounted for 25% of the total malware, but only 2% of the fully undetected malware. Comparatively, web-browsing dominated both
categories, accounting for 68% of total malware, but over 90% of undetected samples. This clearly shows that unknown malware is disproportionally more likely to be delivered from the web as opposed to email.

Another brick in the wall:

Malwarebytes Anti-Exploit (formerly Zero Vulnerability Labs ExploitShield) – a free “install and forget” Internet browser security application (which I installed several days ago) – is designed to protect users from unknown “zero-day” vulnerability exploits aimed at Firefox, Chrome, Internet Explorer, Opera……..

As well, protection is also included for selected browser components – Java, Adobe Reader, Flash, and Shockwave. Added protection is incorporated for Microsoft Office components – Word, Excel, PowerPoint.

Fast facts:

Malwarebytes Anti-Exploit protects users where traditional security measures fail. It consists of an innovative patent-pending application shielding technology that prevents malicious exploits from compromising computers through software vulnerabilities.

Malwarebytes Anti-Exploit is free for home users and non-profit organizations. It includes all protections needed to prevent drive-by download targeted attacks originating from commercial exploit kits and other web-based exploits.

These type of attacks are used as common infection vectors for financial malware, ransomware, rogue antivirus and other types of nastiest not commonly detected by traditional blacklisting antivirus and security products.

Installation is a breeze and, on application launch, a simple and uncomplicated interface is presented.

image

Clicking on the “Shields” tab will provide you with a list of applications protected by Anti-Exploit – as shown below.

image

As a reminder that Anti-Exploit is up and running, a new Icon – as shown in the following screen shot, will appear in the system tray.

image

System requirements: Windows 8, Windows 7, Windows Vista, and Windows XP.

Download at: MajorGeeks

The good news: Each of us, in our own way, has been changed by the world of wonders that the Internet has brought to us. Twenty years on, and I’m still awestruck. I suspect that many of us will be thunderstruck by applications and projects yet to be released.

The bad news: The Internet has more than it’s fair share of criminals, scam and fraud artists, and worse. These lowlifes occupy a world that reeks of tainted search engine results, malware infected legitimate websites, drive-by downloads and bogus security software.

When travelling in this often dangerous territory, please be guided by the following: Stop – Think – Click. The bad guys – including the corrupted American government – really are out to get you.

The Modern Malware Review is a 20 page PDF file packed with data which provides a real-world perspective on malware and cybercrime. I recommend that you read it.

28 Comments

Filed under Browsers, Don't Get Hacked, downloads, Free Anti-malware Software, Freeware, Malwarebytes’ Anti-Malware

Comodo IceDragon – A More Secure Firefox?

Comodo IceDragon Browser This is not 1985 when the only thing you had to worry about was what might be on the floppy disks you exchanged with your friends. Today, your Browser is the conduit into your computer – that’s the route by which the majority of malware spreads.

In an age when Internet threats present an ever-evolving, and increasingly sophisticated danger, to a user’s security, privacy, and identity, specialty Internet Browsers like Comodo IceDragon, are becoming much more popular.

Why should this be so – and, what’s the difference between Comodo IceDragon, and regular old Firefox?

First: You’ll notice during the installation process (screen capture shown below), you’ll have the option of choosing Comodo’s secure DNS servers. You may choose to implement this security feature system wide – or, you may choose instead to protect IceDragon only.

There’s not much point in choosing to opt out – since doing so, defeats one of the primary benefits of running with IceDragon.

While the developer points out that you may have potential issues to address, should you choose to run through a VPN – I didn’t experience any problems running through my favorite VPN – TunnelBear – free edition.

Do not be influenced by my choice (as shown below) – choose a setting that reflects your usage pattern.

image

FYI: If you’re concerned with DNS security, you do have choices over and above running with a Browser which incorporates a DNS security feature. There are a number of free, beefed-up DNS services – including  Google Public DNS.

Second: Comodo has built into the Browser, it’s Site Inspector – a feature which must be manually launched by clicking on the related Icon, as shown in the following screen capture. My Australian mate Mal C., swears by this feature.

image

A quick click (either on a link – or, while on a page), will provide the user with a report as to whether “malicious activity or malware has been detected on the site in question.”

Here’s a shot of a probe on Yahoo.

image

So, is this being overplayed – or, is this really an issue?

The very small sample of malicious sites, shown in the following screen shot, should help convince you that it is an issue.

image

So, what about my site – how’s it doing?

You’ll note in the screen capture below, that we’re free of malware or malicious activity here. Not surprising, since I use Comodo’s Web Inspector alert as a line of defense to protect this site.

image

Third: If you’re a social media site affectionado then, Comodo has you covered with the addition of a social media button. A quick click will launch a log-in page for Facebook, Twitter, or Linkedin (user selectable).

On the face of it, this feature may not seem as if it means very much. But, if it helps stop users from logging in using links contained in emails, for example – then, potentially it has substantial value.

image

So, how does it look when compared with a “regular” version of Firefox?

Running with IceDragon – no add-ons or customization – yet.

image

My regular Firefox with selected add-ons.

image

The options menus appears slightly different that that in Firefox – but, the only noteworthy difference I found was, a user has an additional opportunity to turn on/turn off – the DNS feature as described earlier.

image

Additional features:

Fully compatible with Firefox plug-ins and extensions – according to Comodo.

image

Fast facts:

Fast, easy to use and light on PC resources

Scan web-pages for malware right from the browser

Lightning fast page loads with integrated DNS service

Privacy and performance enhancements over Firefox core

Full compatibility with Firefox plug-ins

System requirements: Windows 7, Vista, – 32/64 bit. Tested on Windows 8 for this review.

Download at: Comodo

User Guide: Should you need help with CID, check out the online user guide.

You may be are aware that Comodo initially developed a version of Chromium/Chrome (Comodo Dragon), which has essentially the same features as described in this review of IceDragon.

I reviewed that version in February 2010. It’s worth noting, that substantial improvements have been made in the application since that review. Further information on this browser is available at the developer’s site, here.

8 Comments

Filed under Browsers, Comodo, Don't Get Scammed, Don't Get Hacked, downloads, Freeware

ExploitShield Browser Edition – FREE

Cybercriminals design malware to exploit vulnerable systems without user interaction being required – on the one hand, and craft attacks that take advantage of unaware computer users, in which user interaction is required – on the other hand.

The second part, of this two part attack approach, can only be defeated if the computer user is aware of current Internet threats. So, knowledge and experience, are critical ingredients in the never ending, and escalating battle, against cybercriminals.

In order to defeat attacks which rely on exploiting vulnerable systems, the preferred method to do so, is the implementation of a layered security approach. Employing layered security should (I emphasize should), ensure the swift detection of malware, before any damage occurs on the targeted system.

Let’s talk real world:

Given existing technology, no single security application is capable of providing adequate computer system protection. Gaps exist in protection capabilities in even the most sophisticated security applications.

Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing these gaps. Keep in mind however, that even the best layered protection strategy will not make up for the lack of experience, and intuitiveness, of many computer users.

So, stopping the bad guys from gaining a foothold has to be a primary objective of that layered defense strategy that I mentioned earlier. And, part of that strategy includes raising barriers at the doorway to the system – the Internet browser.

ExploitShield (brought to my attention some time ago by good friend Michael Fisher), a free Internet browser security application which is currently in Beta, seems well suited to helping raise those barriers.

From the site:

ExploitShield protects users where traditional security measures fail. It consists of an innovative patent-pending application shielding technology that prevents malicious exploits from compromising computers through software vulnerabilities.

ExploitShield Browser Edition is free for home users and non-profit organizations. It includes all protections needed to prevent drive-by download targeted attacks originating from commercial exploit kits and other web-based exploits.

These type of attacks are used as common infection vectors for financial malware, ransomware, rogue antivirus and other types of nastiest not commonly detected by traditional blacklisting antivirus and security products.

Where’s the proof?

Since I’m just now getting back into application testing, following six months or so of 60+ hours a week assignments, I’ve relied (in this case) on the expert opinion of others (including Neil J. Rubenking), as to the effectiveness of ExploitShield. My apologies for that.

Installation is a breeze and, on application launch, a simple and uncomplicated interface is presented.

image

Clicking on the “Shields” tab will provide you with a list of applications protected by ExploitShield – as shown below.

image

Once loaded, ExploitShield will run as a background process (shown in the screen capture below – necessary since it provides active protection for the applications shown in the screenshot above.

image

As a reminder that ExploitShield is up and running, a new Icon – the “Z”, as shown in the following screen shot ,will appear in the system tray.

image

System requirements: Windows 8, Windows 7, Windows Vista, and Windows XP. ExploitShield runs as both 32 bit and native bit.

From the developer: This beta 0.8.1 expires March 31, 2013. Check back to download a new version once expired.

Download at: ZeroVulnerabilityLabs

It may be a new year – but, the state of Internet security is as it ever was – pathetic. The Internet is a world that is full of cybercriminals, scam and fraud artists, and worse. A world that reeks of tainted search engine results, malware infected legitimate websites, drive-by downloads and bogus security software.

Please be guided by the following: Stop – Think – Click. The bad guys really are out to get you.

15 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Browsers, Don't Get Hacked, downloads

SpywareBlaster 4.6 Released – An Important Building Block In Your Wall Against Malware

spywareblaster_largeIf there’s a lesson that an average Internet user needs to be reminded of until it becomes second nature it’s this – “prevention is worth a pound of cure”.

Just as in real life, where the public health practice of systematic inoculation has proven to prevent a wide range of serious diseases (prevention is worth a pound of cure at its best) – giving a computer a “shot” (which SpywareBlaster is designed to do), as part of a layered defense strategy, has proven benefits.

Relying on a malware removal tool, following a serious malware infection, is often a fool’s errant since there is simply no way that an average user can be absolutely sure that the infection has been contained – never mind removed. It’s no accident that a huge number of specialty malware removal tools have been developed to address this very issue. Applications which, unfortunately, are often outside the capabilities of an average user.

So, stopping the bad guys from gaining a foothold has to be a primary objective of that layered defense strategy that I mentioned earlier. And, part of that strategy includes raising barriers at the doorway to the system – the Internet browser.

SpywareBlaster, the granddaddy (in a sense), of Internet browser security applications –  which has just been updated to version 4.6 – is a free application which is well suited to helping raise those barriers.

SpywareBlaster, once installed, doesn’t use any services, or drivers, and does not use memory or processing time. You just open SpywareBlaster, set your protection, close it – you’re protected. SpywareBlaster continues to provide protection without the need for user interaction.

SpywareBlaster doesn’t scan for or clean spyware, since it’s designed to prevent installation only – so, it must be used in combination with your existing antimalware applications.

A quick walkthrough:

First – a little house cleaning. Enable all protection.

image

SpywareBlaster continues to provide protection without the need for user interaction.

image

A secondary, but equally important function offered by SpywareBlaster is its ability to block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Mozilla Firefox, Netscape, Seamonkey, Flock and other browsers.

image

A bonus feature included with SpywareBlaster is – System Snapshot. You can take a snapshot of your computer in its clean state, and later revert to this state, undoing any changes made by spyware and browser hijackers that have infected your system despite the security in place.

I recommend that you take advantage of this important feature – just in case.

image

For a more hands on approach – open the Tools menu and fiddle to your hearts content.

image

Fast facts:

Prevent the installation of ActiveX-based spyware and other potentially unwanted programs.

Block spying / tracking via cookies.

Restrict the actions of potentially unwanted or dangerous web sites.

Unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

System requirements: Windows XP, Vista, Win 7 (32 bit and 64 bit).

Browser compatibility:

Internet Explorer

Mozilla Firefox

Netscape

Seamonkey

Pale Moon

K-Meleon

and browsers that use the IE engine, including:

AOL web browser

Avant Browser

Slim Browser

Maxthon (formerly MyIE2)

Crazy Browser

GreenBrowser

Download at: Javacool Software

Need answers? Visit the SpywareBlaster Forum

SpywareBlaster is definitely low maintenance and the only thing you need to remember is – update the database which contains information on known spyware Active-X controls – regularly.

Additional free applications available from Javacool Software:

Doc Scrubber – Microsoft Word files can contain more than just text you see while editing them. Depending on the settings or features you use, they may contain all kinds of additional information that you may not want shared outside your home or company. Doc Scrubber lets you see that information, and scrub it from files before sending them to others.

EULAlyzer – Discover if the software you’re about to install displays pop-up ads, transmits personally identifiable information, uses unique identifiers to track you, or much much more. EULAlyzer can analyze license agreements in seconds, and provide a detailed listing of potentially interesting words and phrases.

10 Comments

Filed under 64 Bit Software, Browsers, downloads, Freeware, Malware Protection, New Computer User Software Tools, Software

Clean Up With Click&Clean Firefox and Chrome Extension

imageIf there’s one thing regular readers here seem to agree on it’s – CCleaner is an awesome application. You can count me in the “awesome application” appreciation group. This free system cleaner is still my “go to” application for simple system cleanup.

CCleaner users know, that running this venerable utility can help keep a system clean by emptying the Recycle Bin, Temporary Setup Files, Downloaded Program Files, Temporary Internet Files, Old Chkdsk Files, Temporary Files, Temporary Offline Files, Offline Files, and more.

image

Generally, I would run CCleaner once a day – if I could remember to do so. I’ve now discovered a “no need to remember” way to launch CCleaner automatically, whenever I close my Browsers – either Firefox, or Chrome.

Click&Clean is a free Firefox and Chrome extension which not only does a major cleanup job on Browser activity in its own right (see fast facts), but the application can be set to launch CCleaner automatically (for a deeper and more secure cleaning), on Browser shut down. Additional external applications (rather than CCleaner), which can be set to run automatically include – Wise Disk Cleaner Free, Computer Janitor, and BleachBit.

Setup is simple and straightforward. From within the options menu, you can choose which external application you wish to run.

image

For convenience, you can add an extension icon to the Browser’s navigation Toolbar, as illustrated below.

image

image

Fast facts:

Delete your browsing history
Clear records from your download history
Remove cookies and Empty cache
Delete temporary files
Remove Flash Local Shared Objects (LSO)
Delete private data when Firefox closes
Automatically close all windows/tabs
Clean up your hard drives and Free up more disk space – including secure file deletion
Launch external applications, like CCleaner, Wise Disk Cleaner etc. on Windows – or Janitor, BleachBit, etc. on Linux

System requirements: Windows XP, Vista, Win 7, Linux, Mac

Download the Firefox version at: Mozilla

Download the Chrome version at: The Chrome Web store

The Chrome version has several additional features not available in the Firefox version.

image

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

WordPress: This is your 2,407th post. Woohoo!

7 Comments

Filed under Browser add-ons, Browser Plug-ins, Browsers, Chrome Add-ons, downloads, Firefox Add-ons, Freeware, Google Chrome, Linux, Mac, Software, Ubuntu, Windows Tips and Tools

Tile Tabs 4.9 – Firefox Tabbed Horizontally, Vertically Or In A Grid

This past week, I’ve reviewed Dexpot – an application which, in the freeware version, will allow you to work with up to twenty separate and distinct virtual Desktops, as well as Slickscreen – an Internet Browser which takes advantage of high resolution displays by dividing the screen into separate windows.

In keeping with this theme, regular reader Michael Fisher recently introduced me to Tile Tabs, a very cool Firefox browser add-on which gives a user the ability to arrange tabs in a tile format – horizontally, vertically or in a grid. Additional tile control features include – re-sizing by dragging splitter bars – dragging links from one tile to another  to open in the selected tile (I found this feature very useful).

Following installation, you’ll notice a new menu has been added to the Firefox Menu Bar.

image

Additionally, you have the option of  adding a Tile Tabs button to the Toolbar by right-clicking the Toolbar and choosing “Customize”.

image

More important, at least from my perspective (as a context menu fanatic), are the new commands added to the “right click” context menu.

image

Setting your specific preferences is easy using the options menu – available through the Add-ons Manager.

image

The focused tab (currently selected tile), is bracketed by a colored border. The border color is selectable.

Tile Tabs Options

Here’s a view of Tile Tabs in action showing four opened tabs.

Click on graphic to expand to original.

image

System requirements: Firefox 3.6 – 6.

Download at: Mozilla

You might not need this add-on every time you surf the Net. Still, just having it available for those times when it could come in handy, seems like a smart move.

I must admit, I’ve found it very useful, these last few nights, as I watched the Stanley Cup Finals hockey games (streaming live), in a tiled tab – as I continued with my regular work on the Net. Thank you Michael!

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

3 Comments

Filed under Browser add-ons, Browsers, downloads, Firefox, Firefox Add-ons, Freeware, Software, Windows Tips and Tools

Take Advantage Of Your High Def Computer Display With Slickscreen

It’s always seemed to me that there’s not much point in having a wide screen LCD display when surfing the Net – not when I have a ton of wasted space on either side of the web page I’m viewing.

Here’s what I mean:

In this screen shot (click to expand), I’ve got Internet Explorer open on a 22 inch monitor set at 1680×1050  – notice the amount of wasted screen real estate on either side of the Web page.

image

So, for the past few days I’ve been testing Slickscreen – an Internet Browser which takes advantage of high resolution displays by dividing the screen into separate windows.

In the following screen capture (click to expand), you’ll notice that I have three Web sites open – plus a running application (Windows Live Writer), which I’m using to write this post.

In fact, you can even run your regular Browser inside Slickscreen, if you wish, so that you have access to your personal configuration specific to that Browser.

image

The bad news (sort of):

The configuration options in the free version are far too restrictive in my view. At least two selectable startup web sites would be more appropriate, so that the full value of the application can be properly assessed.

image

Having to deal with the developer’s pre-selected sites, and then having to manually gain access to my sites, is less than ideal. Actually, it’s annoying as hell.

Click on graphic to expand to the original.

image

Fast facts (pro version):

  • Maximize your screen real estate with Slickscreen’s unique non-overlapping interface.
  • Capture Windows applications into our unique interface.
  • Compare and work with web sites side by side with ease.
  • Save multi-panel layouts, Slickscreen’s multi-panel bookmarks.
  • Drag and drop links from one panel to another for the ultimate in web productivity.
  • New:  Every Slickscreen panel can add ‘traditional’ web browsing ‘tabs’.
  • Leverages Microsoft’s Internet Explorer rendering engine for performance, privacy and security.
  • Lightweight – We keep it simple for fast web browsing.
  • Integrates – doesn’t try to replace – your default browser (Firefox, Chrome, Internet Explorer)
  • Panels can auto-refresh and auto-rotate at user defined intervals.  A great solution for corporate lobbies, break rooms or operational dashboards (requires a corporate license to use).
  • Skins:  Customize the look and feel.
  • Hosted on Amazon.com cloud infrastructure.  Get Updates fast and reliably.
  • No advertisements.  We don’t do ad-ware at Slickscreen.

System requirements: Windows XP, Vista, Win 7 (Microsoft .NET Framework 4.0 Client Profile – installed automatically if not present).

Download at: Developer’s site

User comments at CNET:

Pros: – Simple Download
– Great user preferences
– Drag and Drop features
– See multiple applications in 1 interface

Cons: – Some applications may function differently in Slickscreen

Pros: The ability to have VLC player, Outlook, Facebook and a work window, all in one interface is very helpful.

Cons: The new App Capture feature is a little glitchy at times. Understandable I suppose because.

Summary: Very nice application. Free version gives you more than enough functionality.

Pros: Ability to layout your screen with web and traditional apps in a non-overlapping fashion so apps/web sites don’t get hidden or clipped.
Dragging and dropping content from panel to panel is very useful.

Cons: You need a good sized screen or high resolution display. Minimum display resolution is probably 1200 pixels wide.

Summary: Great application for people with good screens.

Note: Since this is not a full review (after only two days running with the free version of this app, I’m reserving judgment), but instead, an informational post only – you may find the comments from CNET users valuable.

Initial impression: I’m leaning toward the professional version since the free version’s restrictions are annoying. On the other hand, at less than $5.00 for the pro version, I think there’s good value here.

From the developer:

Slickscreen Professional is a one time fee for home users.  Corporate purchases of 5 or more licenses will be good for two years from the purchase date, at which time, an upgrade fee may be required for continued use.

Home users can install Slickscreen Profressional on all of their personal PC’s.   Corporate users are restricted to 1 computer per license.

If you’re interested in this type of application, then I suggest you view the short video on the developers product information page, here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

1 Comment

Filed under Antimalware Suites, Browsers, Desktop Toys, downloads, Freeware, Geek Software and Tools, Multimedia Tools, Multiple Monitors, Software, Windows Tips and Tools