Slashdot Mirror

An anonymous reader writes to share the findings of a recent transatlantic survey which suggests that the recession is pushing workers to be a little bit more accommodating when it comes to sharing, viewing, or stealing sensitive information from the company they work(ed) for. "Pilfering data has become endemic in our culture as 85% of people admit they know it's illegal to download corporate information from their employer but almost half couldn't stop themselves taking it with them with the majority admitting it could be useful in the future! [...] The survey entitled 'the global recession and its effect on work ethics,' carried out for a second year by Cyber-Ark – found that almost half of the respondents 48% admit that if they were fired tomorrow they would take company information with them and 39% of people would download company/competitive information if they got wind that their job was at risk. Additionally a quarter of workers said that the recession has meant that they feel less loyal towards their employer."

An anonymous reader writes "Researchers have found several security holes in popular Firefox extensions that have an estimated total of 30 million downloads from AMO (the Addons Mozilla community site). Three 0-days were also released. Mozilla doesn't have a security model for extensions and Firefox fully trusts the code of the extensions. There are no security boundaries between extensions and, to make things even worse, an extension can silently modify another extension." The affected extensions are Sage version 1.4.3, InfoRSS 1.1.4.2, and Yoono 6.1.1 (and earlier versions). Clearly the problem is larger than just these three extensions.

An anonymous reader writes "Officers from the Metropolitan Police's Central e-Crime Unit have made Europe's first arrests in the battle against the ZeuS or Zbot Trojan which threatened to compromise thousands of computers. Officers arrested a man and woman, both aged 20 years, in Manchester for offenses under the 1990 Computer Misuse Act and the 2006 Fraud Act. Both suspects were interviewed by PCeU detectives and have been bailed for further in-depth inquiries to be completed. The arrests in connection with the malware represent some of the first in the world, and the first in Europe to combat the distribution and control of ZeuS."

An anonymous reader writes "Nearly 80 percent of security products fail to perform as intended when first tested and generally require two or more cycles of testing before achieving certification, according to a new ICSA Labs report that details lessons gleaned from testing thousands of security products over 20 years. Across seven product categories core product functionality accounted for 78 percent of initial test failures. For example, an anti-virus product failing to prevent infection and for firewalls or an IPS product not filtering malicious traffic. Rounding out the top three is the startling finding that 44 percent of security products had inherent security problems. Security testing issues range from vulnerabilities that compromise the confidentiality or integrity of the system to random behavior that affects product availability."

An anonymous reader writes "Cenzic released its report revealing the most prominent types of Web application vulnerabilities for the first half of 2009. The report identified over 3,100 total vulnerabilities, which is a 10 percent increase in Web application vulnerabilities compared to the second half of 2008. Among Web browsers, Mozilla Firefox had the largest percentage of Web vulnerabilities, followed by Apple Safari, whose browser showed a vast increase in exploits, due to vulnerabilities reported in the Safari iPhone browser." It seems a bit surprising to me that this study shows that only 15% of vulnerabilities are in IE.

An anonymous reader writes "AV-Comparative recently released the results of a malware removal test in which they evaluated 16 anti-virus software solutions. The test focused only on the malware removal/cleaning capabilities, therefore all the samples used were ones that the tested anti-virus products were able to detect. The main question was if the products were able to successfully remove malware from an already infected/compromised system. None of the products performed at a level of 'very good' in malware removal or removal of leftovers, based on those 10 samples."

An anonymous reader writes with this excerpt from Wired: "In-Q-Tel, the investment arm of the CIA and the wider intelligence community, is putting cash into Visible Technologies, a software firm that specializes in monitoring social media. It's part of a larger movement within the spy services to get better at using 'open source intelligence' — information that's publicly available... Visible Technologies crawls over half a million web 2.0 sites a day, scraping more than a million posts and conversations taking place on blogs, online forums, Flickr, YouTube, Twitter and Amazon. (It doesn't touch closed social networks, like Facebook, at the moment.) Customers get customized, real-time feeds of what's being said on these sites, based on a series of keywords. 'That's kind of the basic step — get in and monitor,' says company senior vice president Blake Cahill. Then Visible 'scores' each post, labeling it as positive or negative, mixed or neutral. It examines how influential a conversation or an author is. ('Trying to determine who really matters,' as Cahill puts it.) Finally, Visible gives users a chance to tag posts, forward them to colleagues and allow them to response through a web interface."Apropos: Another anonymous reader points out an article making the point that users don't even realize how much private information they're sharing over these services.

An anonymous reader writes "Individuals are turning to P2P networks and auction sites in staggering numbers to acquire or transfer illegal software and in doing so are harming the economy whilst exposing themselves to malware, identity theft and criminal prosecution, according to a report from the Business Software Alliance. Beyond P2P and auction site piracy, the report also draws correlations between Internet piracy and the spread of malware such as viruses, trojans and spyware, which often exploit vulnerabilities in illegal software that does not benefit from security updates provided by manufacturers. Although the correlation is not universal, geographies with high instances of software piracy suffer from high instances of malware."

An anonymous reader writes "Help Net Security is running an interview with Rafal Rohozinski, a founder and principal investigator of the OpenNet Initiative, which investigates, exposes and analyzes Internet filtering and surveillance practices all over the world. Rafal provides insight on the process of assessing the state of surveillance and filtering in a particular country and discusses differences related to these issues in several regions, touching especially the United States and Europe. In the US, censorship is more difficult to implement if for no other reason than the court systems offer greater protections for freedom of speech. However, in both places surveillance is on the rise particularly as law-enforcement agencies become more adept at working in the cyber domain."

An anonymous reader tips news that the US Dept. of Commerce has signed an agreement with ICANN to end their current oversight responsibilities and allow more input from the global community. "The move comes after European regulators and other critics have said the US government could wield too much influence over a system used by hundreds of millions of people worldwide. Those critics have complained, among other things, about the slow rollout of Internet addresses entirely in languages other than English." The US will still be involved; every three years, ICANN's work will be evaluated by a committee, one member of which will be from the Dept. of Commerce.

An anonymous reader writes with this excerpt from Help Net Security: "In the never-ending battle to protect computer networks from intruders, security experts are deploying a new defense modeled after one of nature's hardiest creatures — the ant. Unlike traditional security devices, which are static, these 'digital ants' wander through computer networks looking for threats ... When a digital ant detects a threat, it doesn't take long for an army of ants to converge at that location, drawing the attention of human operators who step in to investigate. 'Our idea is to deploy 3,000 different types of digital ants, each looking for evidence of a threat,' [says Wake Forest Professor of Computer Science Errin Fulp.] 'As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection.'"

An anonymous reader writes "MessageLabs unveiled a list of the top US spammed states, with surprising results — the spam capital of the US is Idaho, with 93.8 percent of spam, far exceeding the global spam rate for September 2009 of 86.4 percent. Idaho has jumped 43 spots since 2008 when it was ranked the 44th most spammed state. The difference can be attributed to the resilient and aggressive botnet market as well as a higher volume of global spam that has ensued since the beginning of the credit crisis toward the end of 2008."

An anonymous reader writes "BRS Labs has created a technology it calls Behavioral Analytics which uses cognitive reasoning, much like the human brain, to process visual data and to identify criminal and terroristic activities. Built on a framework of cognitive learning engines and computer vision, AISight, provides an automated and scalable surveillance solution that analyzes behavioral patterns, activities and scene content without the need for human training, setup, or programming."

yahoi writes "Companies around the world are leaving themselves wide open to Web- and client-side attacks, according to a new report released today by the SANS Institute that includes real attack data gathered from multiple sources. SANS found that most organizations are focusing their patching efforts and vulnerability scanning on the operating system, but they're missing the boat: 60 percent of the total number of attacks occur on Web applications, and many attacks are aimed at third-party applications such as Microsoft Office, and Adobe Flash and other tools. Exacerbating the problem, they're taking twice as long to patch Microsoft Office and other applications than to patch their operating systems."

An anonymous reader writes "ETSI has published a multi-part standard that will facilitate secure paperless business transactions throughout Europe, in conformance with European legislation. The standard defines a series of profiles for PAdES — Advanced Electronic Signatures for PDF documents — that meet the requirements of the European Directive on a Community framework for electronic signatures (Directive 1999/93/EC)."

An anonymous reader writes "Dutch company Frame4 group is offering subscriptions for the Malware Distribution Project, a large security archive with a massive collection of downloadable malware and computer underground related information for the purposes of analysis, testing, research and development. Help Net Security has talked with the founder of the project and several other security researchers to get more details on this unique service."

An anonymous reader writes "The AirMagnet Intrusion Research Team has uncovered a new wireless vulnerability and potential exploit associated with Cisco wireless LAN infrastructure. The vulnerability involves Cisco's Over-the-Air-Provisioning (OTAP) feature found in its wireless access points. The potential exploit, dubbed SkyJack by AirMagnet, creates a situation whereby control of a Cisco AP can be obtained, whether intentionally or unintentionally, to gain access to a customer's wireless LAN."

An anonymous reader writes "While spam levels globally remain at a two-year high of approximately 90 percent, some European countries are seeing levels of over 95%. According to a new MessageLabs report (PDF here), countries such as Germany, France and the Netherlands are being heavily targeted by spammers with automated spam translation techniques. The use of automated translation services enables multiple-language spam runs and is responsible for a 13% increase in spam levels in these countries since May."

An anonymous reader writes "RSA Conference released the results of a recent survey of security professionals regarding the critical security threats and infrastructure issues they currently face, including those exacerbated by the current economic climate. The study indicates that even though practitioners are most concerned about email phishing and securing mobile devices, technologies addressing these needs are at risk of being cut from IT budgets. The survey also asked what technology investments will likely be bypassed or curtailed due to spending freezes and budget cuts."

An anonymous reader writes "An IBM researcher has solved a thorny mathematical problem that has confounded scientists since the invention of public-key encryption several decades ago. The breakthrough, called 'privacy homomorphism,' or 'fully homomorphic encryption,' makes possible the deep and unlimited analysis of encrypted information — data that has been intentionally scrambled — without sacrificing confidentiality." Reader ElasticVapor writes that the solution IBM claims "might better enable a cloud computing vendor to perform computations on clients' data at their request, such as analyzing sales patterns, without exposing the original data. Other potential applications include enabling filters to identify spam, even in encrypted email, or protecting information contained in electronic medical records."

An anonymous reader writes "Symantec announced that malicious code activity continued to grow at a record pace throughout 2008, primarily targeting confidential information of computer users. According to the company's Internet Security Threat Report Volume XIV (PDF), Symantec created more than 1.6 million new malicious code signatures in 2008. This equates to more than 60 percent of the total malicious code signatures ever created by Symantec — a response to the rapidly increasing volume and proliferation of new malicious code threats. These signatures helped Symantec block an average of more than 245 million attempted malicious code attacks across the globe each month during 2008." Another anonymous reader notes a related report from Verizon (PDF), which says 285 million records were compromised in 2008, more than the total of the previous four years combined.

An anonymous reader writes "Talking viruses, infected physical devices, and lights that go out are some of the 'problems' Panda Security's tech support service has had to face. Many of them were not a result of computer viruses, but of confused users. This proves once again, that antivirus manufacturers must make a special effort to increase user knowledge regarding computer security and malware effects." For anyone who's been on the receiving end of such questions, now's a good time to tell your cathartic tale.

sturgeon and other readers let us know that Arbor Networks has released their annual survey of tier-1 / tier-2 ISP security engineers. This year they got responses from 70 lead engineers. While DDoS attacks are reaching new heights of backbone-crushing traffic — 40 Gbps was seen this past year — the insiders are also worried about emerging threats to DNS and BGP. The summary notes that "Most believe that the DNS cache poisoning flaw disclosed earlier this year was poorly handled and increased the danger of the threat," but doesn't spell out what a better way of handling it might have been. All in all, the ISPs sound a bit pessimistic — one says "fewer resources, less management support, and increased workload." You can request the full PDF report here, but it will cost you contact information. In related news, an anonymous reader passes along a survey by Secure Computing of 199 international security experts and other "industry insiders" from utilities, oil and gas, financial services, government, telecommunications, transportation and other critical infrastructure industries. They are worried too.

An anonymous reader writes "Core Security Technologies issued an advisory disclosing a vulnerability that could affect millions using Adobe's Reader PDF file viewing software. Engineers from CoreLabs determined that Adobe Reader could be exploited to gain access to vulnerable systems via the use of a specially crafted PDF file with malicious JavaScript content. Successful exploitation of the vulnerability requires that users open a maliciously crafted PDF file, thereby allowing attackers to gain access to vulnerable systems and assume the privileges of a user running Acrobat Reader."

An anonymous reader writes to mention that the Tokeneer research project has been released to the open source community by the US National Security Agency. The main goal of this project was to show how highly secure software can be developed cost-effectively. "Tokeneer has been written in SPARK Ada, a high level programming language designed for high-assurance applications. Originally a subset of the Ada language, it is designed in such a way that all SPARK programs are legal Ada programs. Ada is the natural choice for mission-critical, high-integrity systems due to its combination of flexibility, reliability and ease of use, and SPARK further adds a static verification toolset that combines depth, soundness, efficiency and formal guarantees."

Amber G5 writes "SecureWorks published the locations of the computers from which the greatest number of cyber attacks were attempted against its clients in 2008. The United States topped the list with 20.6 million attempted attacks originating from computers within the country, and China ran second with 7.7 million attempted attacks emanating from computers within its borders. This was followed by Brazil with over 166,987 attempted attacks, South Korea with 162,289, Poland with 153,205, Japan with 142,346, Russia with 130,572, Taiwan with 124,997, Germany with 110,493, and Canada with 107,483."

martins writes "The website of popular magazine BusinessWeek has been attacked via SQL injection in an attempt to infect its readership with malware. Hundreds of pages in a section of BusinessWeek's website which offers information about where MBA students might find future employers have been affected."

An anonymous reader writes to tell us that a new RFID chip from Verayo claims to be unclonable through the use of the new Physical Unclonable Functions (PUF), sort of an electronic DNA for silicon chips. "Basic passive RFID chips can be easily cloned by copying the data residing on one chip to another. Verayo's PUF-based RFID chips cannot be cloned, and provide a very strong and robust authentication mechanism. No other chip or device can be disguised as the original chip, even if the data is copied from one Verayo RFID chip to another."

An anonymous reader writes "The latest findings of a report explore the trend of loosely organized clusters of attackers trading stolen data online being replaced by hierarchical cybercrime organizations. These organizations deploy sophisticated pricing models, crimeware business models refined for optimal operation, crimeware drop zones, and campaigns for optimal distribution of the crimeware. These cybercrime organizations consist of strict hierarchies, in which each cybercriminal is rewarded according to his position and task."

Albert writes "Storm shows several key characteristics, some new and advanced. It uses cunning social engineering techniques — such as tying spam campaigns to a current event or site of interest — as well as a blend of email and the Web to spread. It is highly coordinated, yet decentralized — and with Storm using the latest generation of P2P technology, it cannot be disabled by simply 'cutting off its head.' In addition, Storm is self-propagating — once infected, computers send out massive amounts of Storm spam to keep recruiting new nodes."

BaCa writes "Kaspersky Lab found a new variant of Gpcode which encrypts files with various extensions using an RSA encryption algorithm with a 1024-bit key. After Gpcode.ak encrypts files on the victim machine, it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor. Is this a look into the future where the majority of malware will function based on extortion?"

An anonymous reader writes "In its fifth annual study of outbound e-mail and data loss prevention issues, Proofpoint found that 41% of the largest companies surveyed (those with 20,000 or more employees) reported that they employ staff to read or otherwise analyze the contents of outbound e-mail. 22% of these companies said they employ staff primarily or exclusively for this purpose."

Joyce writes "Novell today announced the availability of SUSE Linux Enterprise 10 Service Pack 2 (SP2), containing enhancements in virtualization, management, hardware enablement and interoperability. Several improvements specific to SUSE Linux Enterprise Desktop 10 and SUSE Linux Enterprise Real Time 10 are also included. Delivering Xen version 3.2, SP2 includes several virtualization advances, including support for fully virtualized Windows Server 2008 and Windows Server 2003 and the live migration of those Windows Server guests across physical machines. Advances in high availability and storage management such as updates to Heartbeat 2 and OCFS2 are also included." And an anonymous reader points out today's release of Red Hat Enterprise Linux version 5.2, which brings "a broad refresh of hardware support and improved quality, combined with new features and enhancements in areas such as virtualization, desktop, networking, storage & clustering and security. Virtualization of very large systems, with up to 64 CPUs and 512 GB of memory, is now possible. Red Hat Enterprise Linux 5.2 Desktop includes enhanced support for laptop suspend/hibernate and resume, updated graphics drivers and a comprehensive update of desktop applications, including OpenOffice 2.3 and Firefox v3," and points out this guide for upgrading your RHEE system.

An anonymous reader writes "IBM has released the findings of the 2007 X-Force Security report, a group cataloging online-based threat since 1997. Their newest information details a disturbing rise in the sophistication of attacks by online criminals. According to IBM, hackers are now stealing the identities and controlling the computers of consumers at 'a rate never before seen on the Internet'. 'The study finds that a complex and sophisticated criminal economy has developed to capitalize on Web vulnerabilities. Underground brokers are delivering tools to aid in obfuscation, or camouflaging attacks on browsers, so cybercriminals can avoid detection by security software. In 2006, only a small percentage of attackers employed camouflaging techniques, but this number soared to 80 percent during the first half of 2007.'"

An anonymous reader sends us to Net-Security.org for an interview with security researchers Nitesh Dhanjani and Billy Rios, who recently managed to infiltrate the phishing underground. What started as a simple examination of phishing sites turned into an extraordinary tour through the ecosystem that supports the business of phishing. In the interview they expose the tactics and tools that phishers use, illustrate what happens when your confidential information gets stolen, and discuss how phishers communicate and how they phish each other.

BaCa writes "A malicious Facebook Widget actively spreading on the social networking site ultimately prompts users to install the infamous "Zango" adware/spyware. The tremendous success and lightning fast expansion of Facebook empowered the social networking giant with an impressive user base. Needless to say, in a digital world where web traffic equals money, such a user base attracts spammers, virus/spyware seeders, and other ethic-less online marketers like honey would attract flies."

BaCa sends along a link from Net-Security on a study of attitudes among Americans about the security of their PCs, versus their actual vulnerability. "More than half of computer users who think they are protected against online threats like spyware, viruses, and hackers actually have inadequate or no online protection, according to an independent research study conducted for Verizon... While 92 percent of participants thought they were safe, the scans revealed that 59 percent were actually vulnerable to a variety of online dangers. Ninety-four percent of those surveyed said they would find it helpful to be able to diagnose or check their online security status on a regular basis to make sure their PCs were safe."

BaCa sent in this article about stealing network access that opens, "Sophos has revealed new research into the use of other people's Wi-Fi networks to piggyback onto the internet without payment. The research shows that 54 percent of computer users have admitted breaking the law, by using someone else's wireless internet access without permission." Of course, online polls being what they are, the results are hardly a plank for a full investigation, but a good share of the answerers did 'fess up to it as well.

BaCa writes with a link indicating that a survey of white collar US workers shows that something like a third of all employees break IT policies. Of those, almost a sixth actually used P2P technologies from their work PCs. Overall, the survey indicates workers aren't overly concerned about any kind of security: "The telephone survey found that 65% of white-collar professionals are either not very concerned or not concerned at all about their privacy when using a workplace computer. A surprising 63% are not very concerned or are not concerned at all about the security of their information while at work. Additionally, most employees have the misconception that these behaviors pose little to no risk to their companies."

BaCa writes to mention that a new hardware/software combination has been created by a company called ElcomSoft that will reportedly allow cryptography professionals to build cheap PCs that work like supercomputers for the specific task of retrieving lost passwords. Utilizing a combination of the CPU and the GPU the task of brute forcing a password may be reduced by as much as a factor of 25. "Until recently, graphic cards' GPUs couldn't be used for applications such as password recovery. Older graphics chips could only perform floating-point calculations, and most cryptography algorithms require fixed-point mathematics. Today's chips can process fixed-point calculations. And with as much as 1.5 Gb of onboard video memory and up to 128 processing units, these powerful GPU chips are much more effective than CPUs in performing many of these calculations."

An anonymous reader writes "Commtouch released its Email Threats Trend Report based on the automated analysis of billions of email messages weekly. The report examines the appearance of new kinds of attachment spamsuch as PDF spam and Excel spam together with the decline of image spam, as well as the growing threat of innocent appearing spam containing links to malicious web sites. Image spam declined to a level of less than 5% of all spam, down from 30% in the first quarter of 2007; also, image pump-and-dump spam has all but disappeared, with pornographic images taking its place."

ABC writes "Zango sued Kaspersky Lab to force the Company to reclassify Zango's programs as nonthreatening and to prevent Kaspersky Lab's security software from blocking Zango's potentially undesirable programs. In the important ruling for the anti-malware industry, Judge Coughenour of the Western District of Washington threw out Zango's lawsuit on the grounds that Kaspersky was immune from liability under the Communications Decency Act."

An anonymous reader writes "Usually missing information stories are fairly low key; the loss of a few thousand student records is cause for concern for those involved, but hardly national security. This one is slightly different. The company Forensic Telecommunications Services has announced that a server containing 'thousands of top-secret mobile phone records and evidence from undercover terrorism and organized crime investigations' has been stolen. From the article: 'The company — whose clients include Scotland Yard and the Crown Prosecution Service — has assured the public that the server is security protected, and the breach will not compromise ongoing police operations. The information is made up of either old cases that have passed through the judicial process, or cases that are already in the judicial system and so subject to full disclosure to both defense and prosecution teams.'"

Monley writes "Help Net Security is running a story about a severe flaw in BIND's implementation that allows fraudsters to efficiently predict generated random numbers without the need to control the route between the user and the DNS server. (Here are HTML and PDF versions of the paper.) Using this vulnerability, fraudsters can remotely forge DNS responses and direct users to fraudulent websites, which can steal the user's sign-in credentials and do other mischief. The flaw was discovered by security researcher and Trusteer's CTO, Amit Klein." The ISC has released a patch to BIND 9.

Finch writes "Net Security.org is reporting on the surprisingly sophisticated 'virus in a can' software called Pinch. Pinch is a tool sold on several online forums and designed to create Trojans. It allows attackers to specify the data that Trojans steal. One of the interface tabs, PWD, allows malicious users to select the type of password to be stolen by the Trojan: from email passwords to passwords kept by the system tools. It is possible to order the Trojan to encrypt this data when sending it, so that nobody else can read it. 'Pinch also lets users carry out other actions: turn infected computers into zombie computers, pack Trojans to make detection more difficult, and kill certain system processes, particularly those of security solutions.'"

An anonymous reader writes "An article at Net Security explores how malware has developed self-defense techniques. This evolution is the result of the double-edged sword of the malware arms race. Anti-virus technology is ever more advanced, but as a result surviving viruses are increasingly sophisticated. What Net Security offers is a lengthy look at the current state of that arms race. 'There are many different kinds of malware self-defense techniques and these can be classified in a variety of ways. Some of these technologies are meant to bypass antivirus signature databases, while others are meant to hinder analysis of the malicious code. One malicious program may attempt to conceal itself in the system, while another will not waste valuable processor resources on this, choosing instead to search for and counter specific types of antivirus protection. These different tactics can be classified in different ways and put into various categories.'"

An anonymous reader writes "Companies are tuning into Web 2.0 but are simultaneously exposing their systems to next generation threats such as Cross site Scripting, Cross Site Request Forgery and Application interconnection issues due to SOA. With regard to security, two dimensions are very critical for financial systems — Identity and Data privacy. Adopting the Web 2.0 framework may involve risks and threats against these two dimensions along with other security concerns. Ajax, Flash (RIA) and Web Services deployment is critical for Web 2.0 applications. Financial services are putting these technologies in place; most without adequate threat assessment exercises."

JMoon writes "HNS has an article about the Sdbot and Gaobot families which are responsible for most botnets worldwide. These two families were responsible for 80 percent of detections related to bots during the first quarter of 2007. Other culprits, although on a much lesser scale, included Oscarbot, IRCbot or RXbot."

An anonymous reader writes "Although antivirus companies will probably create a hype saying that iPods are prone to infections, a virus called 'Podloso' is a newly found virus that is just a proof of concept code that can infect iPods running Linux. Once launched, the virus scans the device's hard disk and infects all executable .elf format files. Any attempt to launch these files will cause the virus to display a message on the screen which says, 'You are infected with Oslo the first iPodLinux Virus.'"

An anonymous reader writes "HNS is running an article with a list of those malicious codes which, although they may not have caused serious epidemics, stood out in one way or another. Some of the categories are: the biggest snooper, the most moralistic, the worst job applicant and the most tenacious. From the article: 'The most competitive. Once the Popuper spyware has installed itself on a computer, it runs a pirate version of a well-known antivirus application. Far from trying to do the user a favour, it is actually trying to eliminate any possible rival from the computer. It seems that the fight for supremacy has also reached the world of Internet threats.'"