I”ve previously warned of fake security software or scareware. Here’s a second helping. Beware of the following:

XP Security Tool 2010 is a rogue virus protection program. It reports false scan results and fake security alerts to scare you into purchasing this rogue program. XPSecurityTool2010 claims that your computer is infected with worms, trojans, adware or other malware and that you should purchase XP Security Tool 2010 to remove the infections that actually don’t even exist. Most of the time, this fake program comes from fake or infected video sites or fake online scanners. But may be also promoted on such popular sites as Facebook or MySpace.

Vista Security Tool 2010 is a rogue anti-malware program that usually comes from fake online scanners and fake video websites. While running, this fake program will run a fake system scan and report numerous spyware infections to make you think that your computer is infected with various malware. Then it will ask you to pay for a full version of the program to remove the infections which as well already know don’t even exist.

Total Win 7 Security is a fake anti-spyware program that is promoted through the use of trojans and other malicious software. Most of the time, TotalWin7Security comes from fake online scanners, fake video websites or bundled with other malware. Once installed,Total Win 7 Security will imitate a system scan and display numerous infections that can’t be removed unless you first purchase the program.

For more information on how to rid your systems of these and others of their elk, check out http://www.2-spyware.com/

Microsoft has resumed pushing out the patch connected to the recent Windows blue screens. Microsoft concluded that the system crashes with due to a rootkit [named Alureon] infecting the users computers. The company  issued a scanning tool users can run to determine whether their PCs are infected  before they attempt to download and install MS10-015. The tool doesn’t scrub Alureon from a compromised computer, but only determines whether the system is compatible with the patch.

Microsoft has not yet delivered a promised detect-and-destroy tool that will clean infected PCs. In the past, Microsoft has used its Malicious Software Removal Tool (MSRT), a free program updated each Patch Tuesday, to seek out and destroy rootkits. The next scheduled refresh of the MSRT is March 9.

Microsoft is warning users that a Trojan is masquerading as the company’s popular free Microsoft Security Essentials package.

“One of the oldest tricks used by rogue antivirus products is to use a similar name as, or have a similar look and feel to, legitimate security software,” Microsoft said in a post on the MMPC’s Threat Research & Response Blog. “So it was inevitable that the day would arrive when a rogue would masquerade as something similar to Microsoft Security Essentials.”

The masquerading rogue security tool goes by the name Security Essentials 2010, which is very similar to the actual name of Microsoft’s suite, though the real suite does not have a date in its name.

Read full story: http://www.esecurityplanet.com/features/article.php/3867556/Trojan-Pretends-to-Be-Microsoft-Security-Suite.htm

Did you hear the one about the bot that attacked the other bot and killed it? O but not before stealing your online banking credentials, that is.

Security researchers say that the relatively unknown [Spy Eye toolkit] added this functionality just a few days ago in a bid to displace its larger rival, known as Zeus.

The feature, called “Kill Zeus,” apparently removes the Zeus software from the victim’s PC, giving Spy Eye exclusive access to usernames and passwords.

Zeus and Spy Eye are both Trojan-making toolkits, designed to give criminals an easy way to set up their own “botnet” networks of password-stealing programs. These programs emerged as a major problem in 2009, with the U.S. Federal Bureau of Investigation estimating last October that they have caused $100 million in losses.

Trojans such as Zeus and Spy Eye steal online banking credentials. This information is then used to empty bank accounts by transferring funds to so-called money mules — U.S. residents with bank accounts — who then move the cash out of the country.

Read the full article

Cybercrime threats posed to targeted organizations are increasing faster than many organizations can combat them, according to the 2010 CyberSecurity Watch Survey conducted by CSO magazine, the leading resource for security professionals, and sponsored by Deloitte’s Center for Security &Privacy Solutions. Moreover, the survey suggests the threat of cybercrime is heightened by current security models that are only minimally effective against cyber criminals.

More than 500 respondents, including business and government executives, professionals and consultants, participated in the survey. The survey is a cooperative effort of CSO, the U.S. Secret Service, Software Engineering Institute CERT® Program at Carnegie Mellon University and Deloitte’s Center for Security &Privacy Solutions, a new security solutions innovation center.

Read Full Article at http://opensource.sys-con.com/node/1259111

Do you know how to guard against scareware? How about Trojan horse text messages? Or social network data harvesting? Malicious hackers are a resourceful bunch, and their methods continually evolve to target the ways we use our computers now. New attack techniques allow bad guys to stay one step ahead of security software and to get the better of even cautious and well-informed PC users.

These threats include shortened urls, scareware, rougue Wi-Fi hotspots, etc.

Don’t let that happen to you. Here are  descriptions of 11 of the most recent and most malignant security threats, as well as complete advice on how to halt them in their tracks.

Read full article at http://www.networkworld.com/news/2010/012510-stop-11-hidden-security.html?page=1

Desktop Security 2010 is the proverbial wolf in sheep’s clothing. It is a fake anti-spyware application that is promoted and installed through the use of malware , usually Trojan viruses. It is often spread through drive-by attacks. These are malware that gets downloaded to your computer just by browsing a malicious or infected website.  Google is now making an effort to warn users of these websites if these are present in search results. This particular software simulates a system scan and displays fake security alerts to make you think that your computer is infected with Trojans, worms,viruses and other forms of malware when in reality the only real threat is Desktop Security2010 itself. I too was once a victim of a previous version of this malware before I dumped my XP operating system for Ubuntu linux. Yes, it was the last straw. I don’t recommend that remedy for the light of heart however.

Desktop Security 2010 can also download additional malware to your computer which could complicate matters. It also uses quite effective self-defense methods. In some cases it blocks Task Manager so likely you won’t be able to end its processes. Then the rogue program blocks anti-virus software and block sany attempts to install a new one. The best remedy is to reboot your computer in safe mode with networking and run an anti-spyware program from there.

For more examples of fake security software, see Lavasoft’s Rogue’s Gallery.