Two Factor Authentication – What’s It All About?

Two-Factor Authentication

In today’s world of ever-increasing digital crimes, cyber-attacks, and Internet frauds, there is nothing more important than protecting your online accounts and identity. We have been using “Username” and “Password” as an integral part of computer security systems from the beginning, but they are no longer enough to thwart cybercriminals. In order to provide us better security against cyber-attacks, a new form of authentication called “two-factor authentication” (2FA) is being used by several major tech players and banks, and many others are in process of implementing it as well. 

Continue reading “Two Factor Authentication – What’s It All About?”

Why Wireless Router/Gateway Security Is So Important As Part Of Your Security System

​​wireless router security

When we talk about network security, security risks associated with routers is a major concern among users. A router, whether it’s wired or wireless, is an integral part of any home or business network. However, wireless routers or Wi-Fi routers are considered to be less secure than wired ones, but that doesn’t necessarily mean you should avoid wireless networks. In fact, wireless networks have many advantages over wired networks. If your wireless router is configured correctly, it can be virtually as secure as a wired setup.

Continue reading “Why Wireless Router/Gateway Security Is So Important As Part Of Your Security System”

How to be Safe from Phishing

​​Phishing Attacks

How to be Safe from Phishing Today!

In today’s increasingly technology-driven world, the Internet plays a large role in spreading information. There are however things that people need to be aware of when using the Internet, such as cybercriminals, who misuse the Internet to carry out their criminal phishing attacks. They set out to deceive users into revealing their sensitive information unknowingly which can result in substantial financial loss.

Phishing attacks are one of the most serious problems that users face on the Internet and has been growing at an alarming rate. According to a report[1]published by EMC Corporation, the total number of phishing attacks launched in 2012 was 59% higher than in 2011.The global financial loss from phishing attacks is estimated to be around $1.5 billion in 2012, representing a 22% increase from 2011.

Continue reading “How to be Safe from Phishing”

Is It Time To Disable Java™?


Back in January of this year, the United States Department of Homeland Security advised PC users to disable Java from their web browsers following the serious zero-day vulnerabilities discovered in Java. In response, Oracle released an emergency Java patch, but the fix was not meant to patch all the critical vulnerabilities.

Staying protected against Java exploits is a rising concern among millions of Windows®, Mac OS®, and Linux® users. What makes this exploit such a big deal is the fact that Java runs on more than 850 million personal computers and on billions of devices worldwide, including mobile devices and TVs1. 

Continue reading “Is It Time To Disable Java™?”

Fake Videos : Michael Bisping Post Fight Interview

I had a friend call me last night to tell me that his computer was infected after he did “nothing” – typical 🙂 After a little investigation I found out that he was searching for a post fight interview from UFC 100 for a fighter named “Michael Bisping” who was knocked out by Dan “Hendo” Henderson. He found a nice link on Google that led to the following series of events (don’t try this at home!):

Video site indicating they have the video….

Now just click to watch the video…..

SUPERAntiSpyware Scan after attempting to watch video….

As you can see these links are floating around Google, Yahoo and MSN. Remember, think before you click!

If you have come across these types of situations, it’s a good idea to scan with SUPERAntiSpyware to make sure your system is clean!

Fake UPS Tracking E-Mails – Pay Attention!

UPS Tracking Fake E-Mails

We are seeing an upswing in the E-Card and Fake UPS Tracking # E-Mails. Unzipping and running these will of course lead to an infection. As we receive these in our labs we install them to ensure we remove all traces and block the installers.

Always pay attention to what you are opening! We receive many support requests each day from users who fall victim to these types of e-mails.

Sample fake UPS Tracking E-Mail :

Fake UPS Tracking E-Mails

Advances in SUPERAntiSpyware’s Technology

The SUPERAntiSpyware team has been very busy the past months completing our latest round of technology for the 4.x version of SUPERAntiSpyware. We have been asked repeatedly by our users to explain what is so different about some of our new technologies, and why they are important in the removal of Malware.

To properly address this topic, we need to step back and describe some of the new forms of malware we are seeing installed on end users’ systems and what is required of today’s anti-spyware applications to properly detect and remove those threats.

What should an anti-spyware application be able to accomplish?

An anti-spyware application needs to be able to detect, remove and repair damage done by spyware infections. Although this statement is quite obvious, the technologies required to accomplish this task certainly are not. Today’s scanners need to go far beyond MD5 checksums, file name identification, and basic heuristics to defeat the new breed of threats that are here today and even tougher threats that are on the horizon.

Does scanning speed matter?

We tend to see lots of forum posts and reviews regarding the scanning “speed” compared to other products. Some products are faster than others, but is faster necessarily better? If one scanner is faster, yet does not catch the threats, then scan time means nothing. Who is to say what an appropriate scan time is? Virus scanners are notoriously slow, but yet they do not come under the barrage of attack that the anti-spyware scanners seem to come under in regards to scanning speed; yet they both are rooting out threats on your system.

What’s all this continued fuss about rootkits? Are they for real?

Let’s consider a specific example of a form of Malware that is testing the ability of scanners to detect and to remove them from users’ systems. Rootkits are an important element and example of the malware we are seeing daily on users’ systems. Rootkits are for real and they are getting trickier as the technologies are further developed by the “bad guys.” With the huge amount of money involved in dissemination of spyware, you can be sure that the threats are getting harder to detect and remove. The “next generation” of rootkits can be so deeply hooked into the system that they are almost undetectable by the current generation of scanners. If a product simply relies on the Windows API (Windows standard interface) for accessing the file system, you can be sure they are missing many of the rootkit style infections that are already in circulation today.

These “next generation” rootkits can silently monitor your system, log keystrokes, send data right under your firewall’s nose, and yet show no signs of infection on the user’s system. You may scan your system with several scanners and “appear” clean, but all the while your system and and your personal information are being compromised.

How we have addressed the problem

One of the major technologies we have developed in our research laboratories to address the “next generation” rootkit infections is our DDA (Direct Disk Access) technology. This technology was developed over a 2 year period and included exhaustive testing to fine tune it. Now the technology allows SUPERAntiSpyware to “see around’ these rootkits by directly parsing (reading) the hard disk so the threats no longer can block our ability to detect their existence. In addition, the DDA technology is required to remove these threats because they are hooked so deeply into the system that they “start” long before most drivers are even loaded; no matter how early we try to get “hooked in,” the rootkits seem to find ways to hook in earlier Thus there is the need to develop another proprietary method to remove the “heart” of these infections.

Can a single product detect everything? (Does this mean SUPERAntiSpyware catches everything?)

No matter how good any company’s technology is, no single product can detect and remove every threat on a given day as there are simply too many threats coming out daily to be able to catch everything no matter how many resources are dedicated to the problem.

However, our aim is to Remove ALL the Spyware, NOT just the Easy Ones!

You might wonder why we can make this claim. In today’s world of spyware, adware and malware, the landscape changes on a daily basis as new variants of the harmful applications are created and deployed. We realize this fact and therefore have created special diagnostic tools to quickly locate these new variants on user’s systems. The pertinent information is supplied directly to our malware research staff so they can update our detection and removal rules immediately and thus remove the new variant from user’s systems. That is why you may see more than a single update of our definitions on a given day.

What’s next?

Although the Direct Disk Access technology is a major step forward in the detection and removal of difficult to remove malware, we are already developing the next generation technology beyond Direct Disk Access that will be required to remove the threats of the future.

Developers – Fill out that version information and watch where you put your files!

Fill out that version information and watch where you put your files!

During our daily research and quest to locate harmful software, we come across many types of applications and application components. Our current database has literally millions of file samples from users with potentially infected systems. Part of any researcher’s duty is to look at the various properties of a file, such as its installed location, its internal version information, its linked libraries and other items that can provide “clues” about what the software actually does and if it represents a potential threat. Many times we have files that are not in their native environment, meaning that we have a few samples of the file, but not the entire system configuration in which they were originally installed. This can make it difficult to properly differentiate between harmful and legitimate software components.

Spyware/Malware applications often try to disguise themselves as legitimate software components by using the same name as a windows component, but place themselves in a different folder. Classic and often used examples of this are the SVCHOST.EXE variants. The real SVCHOST.EXE file is used by Windows to host services and executes from the system folder of Windows. The file is typically located in C:WindowsSystem32 for most users. We find variations of this file such as SVOHOST.EXE, SVSHOST.EXE or files with Unicode characters that make them appear as “SVCHOST.EXE” when viewed through Windows Explorer.


We are trying to encourage developers to start fully filling out their version information within their files with legitimate information such as product name, copyrights, websites from which to download the software and possibly listing MD5, or other “hashes” for verification of legitimate components. Naming components with recognizable names is also good practice. This would assist and make the researcher’s job easier and more accurate and help prevent “false positives.” A false positive is when a legitimate file looks and acts like a potentially harmful piece of software and incorrectly ends up in a spyware or virus database to be blocked. Developers should also avoid installing anything in the Windows folder unless absolutely required. Items with random looking names with no version information are immediate red flags to any spyware or virus researcher!

With the number of harmful applications appearing at an alarming rate today, developers should do everything they can to make ensure that their applications are not flagged as harmful applications due to non-standard programming practices, installation and naming conventions! In this way, the number of “false positives can be materially reduced to the benefit of all users.