Diagnostics and Security

Microsoft out-of-band security update for Internet Explorer. Microsoft released an urgent security update for Internet Explorer on all currently supported versions of Windows.

Compare Bargains on Hardware Diagnostics

Identity Pro Identity theft is on the rise. Your own computer may be one of the easiest ways for thieves to access your information! Search and secure your private information, including social security numbers, credit cards, drivers license, and even passwords. Find and secure your personal information (PI) before others get the chance! Identity Pro goes beyond current protection offered by anti-virus, anti-spyware, anti-spam, or anti-phishing, etc, to protect you where these programs don't. Automatically seek out and protect your important data. You'll be surprised at how much of your information is kept on your PC, from web forms to emails. Once you know what's there, you can delete or encrypt with ease.

CIS Center for Internet Security. A non-profit enterprise whose mission is to help organizations reduce the risk of business and e-commerce disruptions resulting from inadequate technical security controls.

Nessus is a popular vulnerability scanner used in over 75,000 organizations world-wide. Use Nessus to audit business-critical enterprise devices and applications. Check your networks, servers and applications for potential security vulnerabilities.

Bank Fraud Detection

ITsafe provides a free Warning Service to help protect home and small business users of computers and other devices from attack. IT Security Awareness For Everyone. UK Government's ITsafe Service.

How To Break Web Software - A look at security vulnerabilities in web software. Video- (Large, but worth, (a must), watching video).

Sysinternals File and Disk Utilities  Harddrive links

Microsoft Security Updates

Microsoft Security Assessment Tool (MSAT) is a risk-assessment application designed to provide information and recommendations about best practices for security within an information technology (IT) infrastructure.

Microsoft Baseline Security Analyzer  More Microsoft links

Seecrets Delivery Services (SDS) will be free for personal users.  An e-security suite of crypto e-mail, secure password manager, zip manager & For-Your-Eyes-Only content viewer. The unique e-mail security caters for the privacy of all web mail and POP3 users. SDS uses RSA 8192-bits public key cryptography and AES 256-bits. All symmetric encryption uses our Secrets Signature-Free technology. Keeping Your Secrets Secret, Encryption, For-Your-Eyes-Only Protection, Watermarking, Secure Delivery.

Common Weakness Enumeration (CWE) Now Available. CWE is a community-developed formal list of common software weaknesses. The intention of CWE is to serve as a common language for describing design, or code; as a standard measuring stick for software security tools targeting these weaknesses; and to provide a common baseline standard for weakness identification, mitigation, and prevention efforts. Broad community adoption of CWE will help shape and mature the code security assessment industry and also dramatically accelerate the use and utility of software assurance capabilities for organizations in reviewing the software systems they acquire or develop.

Encryption with DeGPG Protect your files. DeGPG runs in the background on your server to provide access to GPG encrypted data to your web scripts. It will also work with GPG to encrypt and store data submitted via web forms. To give your web scripts access to encrypted data, you log in and enter the passphrase to decrypt the data. The data is decrypted and stored in memory till a web script needs to access it. In cases where your web script only needs, for example, and MD5 hash of the data, rather than the decrypted data itself, DeGPG can be instructed only to reveal the MD5 hash, and not the raw data. Additional data may be prepended or appended to the decrypted data before computing the hash.

Androsa FileProtector is a professional and freeware file encryption software that protects any type of file encrypting completely the content with the most advanced systems of cryptography.

SecuritySpace is proudly brought to you by E-Soft Inc., a privately owned Canadian consulting firm, with proven expertise in internet security and on-line services. We specialize in the following areas:

• on-line network security auditing services
• network monitoring services
• Internet Research reporting,
• integrated web solutions and application development for secure data transactions.

The Windows Memory Diagnostic Tests the Random Access Memory (RAM) on your computer for errors. The diagnostic includes a comprehensive set of memory tests. If you are experiencing problems while running Windows, you can use the diagnostic to determine whether the problems are caused by failing hardware, such as RAM or the memory system of your motherboard. Windows Memory Diagnostic is designed to be easy and fast. On most configurations, you can download thediagnostic, read the documentation, run the test and complete the first test pass in less than 30 minutes.

The Platform for Privacy Preferences Project (P3P) enables Websites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. Have a look at the list of P3P software. PSP is a W3C standard for creating machine-readable privacy policies. The standard allows a website to create an XML version of its privacy policy so that it can be evaluated automatically against an individual's privacy preferences.

P3P Toolbox is a one-stop resource developed by the Internet Education Foundation in cooperation with the World Wide Web Consortium and a coalition of Internet industry leaders and public interest organizations to provide privacy officers and Webmasters with the information they need to make their Web sites P3P compliant. The site is no longer active and is being hosted here by Internet Education Foundation for archival purposes.

Iconix eMail ID software download  Iconix is committed to making it easy to identify legitimate emails. We are working closely with companies like Google and Iconix to give our users the best protection against fraudulent, phishing and suspect emails.  If you are a Gmail user, it's easy to identify legitimate emails. You can simply enable an icon which will only show up when an email is from PayPal (or from our sister company, eBay). So when you receive an email from us, or our partners at eBay , you will see a key icon next to the message in your Inbox. Only legitimate PayPal emails have this icon so if you get an email claiming to come from PayPal and you don't see the icon, it's not from us. So please don't open it.  To enable this feature in Gmail, go to 'Settings', 'Labs', then tick the Enable box next to the 'Authentication icon for verified senders' option and click on 'Save Changes'.  This software download from Iconix can help reduce phishing by confirming whether you received a legitimate PayPal email. After Iconix eMail ID has been installed, you'll see an Iconix eMail ID icon (a gold lock with a tick) whenever you receive authentic emails from PayPal. It's free and it works with most of the major email services like Gmail, (Google Mail), MSN Hotmail, Yahoo Mail, Outlook Express, and many more.  If your preferred email program, web mail provider or operating system. is not listed, click here and we will notify you when support is available. For more information, go to the Iconix website,  How does the Iconix solution work? The Iconix solution couples our advanced technologies with authentication techniques such as Yahoo!'s Domain Keys and Microsoft's Sender ID to confirm the source of an email, and will support Domain Keys Identified Mail (DKIM), which is a joint effort between Cisco and Yahoo!, as it is adopted in the industry. This combined solution makes it very difficult for bad guys to spoof the identity of emails with an Iconix Truemark icon.   Also see PayPal Support Club. Review and helpful links, coding examples, warnings, other shopping cart links, etc. PayPal is a on-link banking system that allows website owners to integrate shopping cart technology into their site.  Find out more, includes links to helpful site about PayPal shopping cart technology.

PrivacyFinder is a privacy-enhanced search engine. Once you state your privacy preferences (low, medium, high, or custom), the search results are ordered based on how their computer-readable privacy policies comply with your preferences. A red bird indicates that the site has conflicts with your preferences while a green bird indicates compliance. The absence of any bird means that a valid computer-readable privacy policy, known as a The Platform for Privacy Preferences Project (P3P) policy, could not be located.

No Right Click Disable the right click on your pages to prevent users from "borrowing" images from your site and viewing your page source! . (BACK UP ALL FILES FIRST) Do a temporary copy upload and check the site works first, (as this does some more complex code changing onload), if the site functions OK then replace the normal site with the temp upload and retest... May only work with LINUX host) This can be a bit time consuming as if I remember correctly each image has to be Hot-Link prevented individually, and then if you add a new image this also has to be Hot-link protected. (I believe Hot-Link protection on the Host uses .htaccess) and this may be worth checking out as well.

CopyWipe is a utility for copying or securely overwriting (wiping/erasing) entire hard drives. CopyWipe can ease and expedite the transition to a new hard drive by copying the entire contents of one drive to another. CopyWipe can also help prevent confidential or private data from being recovered, by securely wiping the contents of a drive. A number of options are provided for wiping, most of which exceed governmental standards (such as DoD 5220.22-M, NAVSO P-5239-26, etc.); this allows the user to choose an optimal balance between security and duration of the wiping operation.

Stop Badwear. The "Badware" problem. We've all seen it happen: you or someone you know has downloaded something from the internet that seemed harmless enough at the time. Next thing you know, the computer has slowed to a crawl. Pop-up advertising starts to appear out of nowhere. Private information gets sent to some company you've never heard of. And the worst part? Trying to uninstall the software sometimes makes the problem worse. Find out more...

Sender Policy Framework. Sender Address Forgery. Today, nearly all abusive e-mail messages carry fake sender addresses. The victims whose addresses are being abused often suffer from the consequences, because their reputation gets diminished and they have to disclaim liability for the abuse, or waste their time sorting out misdirected bounce messages. You probably have experienced one kind of abuse or another of your e-mail address yourself in the past, e.g. when you received an error message saying that a message allegedly sent by you could not be delivered to the recipient, although you never sent a message to that address. Sender address forgery is a threat to users and companies alike, and it even undermines the e-mail medium as a whole because it erodes people's confidence in its reliability. That is why your bank NEVER sends you information about your account by e-mail and keeps making a point of that fact.

Auslogics System Information provides you with detailed information about your computer operating system and hardware, including installed devices, running processes and services, memory and CPU usage, drive properties as well as other technical details. The information can be viewed from the categorized interface or exported to HTML, XML or text format.

Help Net Security

Falcon21 Home PC Security website!

Security Focus

Security Team Blog ( Security Team ) more Blog links

Internet Eraser - Freeware

Free Internet Eraser is an Internet privacy software that protects your Internet privacy by permanently erase internet history and past computer activities. Even though, many of the tasks can be performed manually,

Advanced Windows Care - Freeware Advanced Windows Care v2 Personal is a comprehensive PC care utility that takes an one-click approach to help protect, repair and optimize your computer. It provides an all-in-one and super convenient solution for PC maintenance and protection. This fantastic program is available free of charge for private use. More Microsoft Windows Windows Vista. Windows XP, etc.

Anti-Phishing Toolbar

SpoofStick is a simple browser, (Internet Explorer or Firefox), extension that helps users detect spoofed (fake) websites. A spoofed website is typically made to look like a well known, branded site (like ebay.com or citibank.com) with a slightly different or confusing URL. The attacker then tries to trick people into going to the spoofed site by sending out fake email messages or posting links in public places, hoping that some percentage of users won't notice the incorrect URL and give away important information. This practice is sometimes known as phishing".

Identity theft. (Home Office Identity Theft website),  Your identity and personal information are valuable. Criminals can find out your personal details and use them to open bank accounts and get credit cards, loans, state benefits and documents such as passports and driving licenses in your name.

The Identity and Passport Service was established as an Executive Agency of the Home Office on 1 April 2006.  The Agency builds on the strong foundations of the UK Passport Service (UKPS) to provide passport services and in the future, as part of the National Identity Scheme, ID cards for British and Irish nationals resident in the UK.  Foreign nationals resident in the UK will also be included by linking the scheme to biometric immigration documents.

National Identity Fraud occurs when a person's personal information is used by someone else without their knowledge to obtain credit, goods or other services fraudulently. It can even extend to securing a passport in their name.

Federal Trade Commission (Identity Theft)

Visit the UK Passport website issue UK passports to British nationals living in the UK.  Our website is here to help you with your passport application.

Preventing Virtual Blight: my presentation from Web 2.0 Summit :-

Belarc Advisor builds a detailed profile of your installed software and hardware, missing a href="http://www.acomputerportal.com/microsoft_windows.html">Microsoft hotfixes, anti-virus status, CIS (Center for Internet Security) benchmarks, and displays the results in your Web browser. All of your PC profile information is kept private on your PC and is not sent to any web server.

OpenID is an open, decentralized, free framework for user-centric digital identity. OpenID starts with the concept that anyone can identify themselves on the Internet the same way websites do-with a URI (also called a URL or web address). Since URIs are at the very core of Web architecture, they provide a solid foundation for user-centric identity.

Free Internet Window Washer is a free internet tracks eraser and privacy cleaner software. As you work on your computer and browse the Internet, you leave behind traces of your activity. The Windows built-in functions will not protect you, most of the tracks can not be erased with them. Therefore, anyone else can see what you have been doing on your computer. Furthermore, much of your activity information takes up valuable disk space, and recovering this space can be very beneficial.

Process Library resource is for anyone who immediately wants to know the exact nature and purpose of any and every single process that is - or should not be - running on your PC.

Security Config, your security portal. Here you can find all of the tools you need to secure your website, business, data, and everything else digital. Downloads ranging from: Anti Virus Software, Cookie Tools, Desktop Security, Email Security, Encryption , Enterprise Monitoring , Firewalls, Network Security, Password Software, SSH Tools and more.

Google Hacks 2.0 - video powered by Metacafe  Also see Google Knowledge. Google Information

Microsoft Baseline Security Analyzer

Maps and Travelling Links

Fraudwatch International

The ISO 17799 Information Security Portal. ISO17799, ISO 27000 and Computer Security News.

Consumer Direct, a telephone and online consumer advice service supported by the Department of Trade and Industry.

APACS - Association for Payment Clearing Services

National Lottery, (United Kingdom), scam (fraudulent) emails are increasing at an alarming rate.

Business Software Alliance. Help businesses avoid software licensing problems. We've designed the Anti-Piracy Information section to help users prevent software theft. BSA® one of the World's leading anti-software piracy groups is committed to providing support every step of the way. In 2003, across the EMEA region, the BSA handled 57,625 calls, followed up 7,929 end user leads and took legal action against 9142 companies. Learn about the types of software piracy, its penalties and find all the tools you need to make a difference: Asset Management Resources, Guide to Software Management, Reasons to Fight Software Piracy, Online Shopping Tips and much more. If you've already thought through the issues and now wish to report a company that uses illegal software, you can do so anonymously through our Online Reporting Tool. (Don't forget, when an organization is prosecuted, it is the company directors who face legal action.) Report Piracy Now

Red Flag Rule, (Federal Trade Commission), require financial institutions and "creditors" with "covered accounts" to establish identity theft prevention programs to identify, detect and respond to patterns, practices or specific activities that could indicate a customer-account holder has been victimized by -- or is engaged in -- identity theft.

The Windows Security Center, (Microsoft Windows®), which is already installed on your computer, monitors and enables you to manage important security settings on your computer, including a firewall, automatic updates, and the status of your antivirus software.

Microsoft Windows® Service Pack 2 A free software update pack for Windows XP, which is the operating system of many home PCs. Microsoft Windows® Service Pack 2 is commonly known as SP2 is designed to fix several bugs and vulnerabilities in Windows XP simultaneously, and give your PC better protection from viruses and hackers. How to get SP2 Also view Microsoft Windows®

BitLocker Drive Encryption is the final feature release name for the project previously referred to as "Secure Startup Full Volume Encryption." Some preliminary releases of Windows Vista®, still use the old project name in text strings and Windows® titles. This step-by-step guide uses the old project name where appropriate, such as referring to the user interface where it appears. Otherwise, the feature release name is used.

WinErrs Did you ever get an Illegal Operation 'or' Page Fault' error message when using Microsoft Windows® and wonder what it meant?  WinErrs is a database of 1.554 (Microsoft Windows®), error codes and their definitions.  These codes are extracted directly from (Microsoft Windows®), and are their descriptions.

Apple Product Security    Mac OS X Security        Apple Security Updates page      More Apple Links

Hoax-Slayer is dedicated to debunking email hoaxes, thwarting Internet scammers, combating spam, and educating web users about email and Internet security issues. Hoax-Slayer allows Internet users to check the veracity of common email hoaxes and aims to counteract criminal activity by publishing information about common types of Internet scams. Hoax-Slayer also includes anti-spam tips, computer and email security information, articles about true email forwards, and much more. New articles are added to the Hoax-Slayer website every week.

Secunia PSI (Personal Software Inspector) scans your computer for seriously outdated software products that have been discontinued or require critical security updates from the vendor.

CAPTCHA™ is a program that can generate and grade tests that most humans can pass, but current computer programs can't pass. For example, humans can read distorted text, but current computer programs usually can't read such  distorted text. This may be useful to confirm emails are genuine and other basic Diagnostics and Security checking.

WebScarab is a Web Application Review tool. It sprang from the designs of the people inhabiting the WebAppSec list run from SourceForge, for a powerful, free, open tool for reviewing web applications for security vulnerabilities. Not much of the original design has actually been implemented as envisioned. WebScarab started as a spider that could download all the pages on a site. It stayed that way for almost a year, before I decided to take lessons learned during the development of Exodus and implement them as part of WebScarab.

OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. The Open Web Application Security Project (OWASP) is dedicated to finding and fighting the causes of insecure software. Everything here is free and open source. The OWASP Foundation is a 501c3 not-for-profit charitable organization that ensures the ongoing availability and support for our work. Participation in OWASP is free and open to all.

Security config Software to Protect your system.

Identity Finder - Freeware. Let us prove to you the power of our search capabilities for free. Simply download, install, and run the search. It will detect unprotected credit cards and passwords on your computer that are vulnerable to identity theft or fraud. Once found, you can permanently shred or encrypt the information with a password so identity thieves cannot steal them. Take the first step towards protecting your family, your employees, and your business; try Identity Finder today. Installation and removal are easy.

PC Pitstop! Is your PC acting sluggish? Are strange windows inexplicably popping up on your screen? Do you have to reboot your computer because of errors and lockups? Our free computer checkup and diagnostics can help you detect and fix many common computer problems!

GetNetWise. Accessing the Internet through a broadband or high speed Internet connection at home really enhances the online experience. However, broadband users should take extra precautions to secure their computer and their computer files. The speed at which information can be transferred to and from your computer and the fact that it stays connected to the Internet for long periods of time makes your it a more likely target for hackers than dial-up Internet users. By taking some basic precautions and using a few simple tools, you can do your part to protect cyberspace from hackers. At the same time, you'll also protect your computer and your information from theft, misuse and destruction. GetNetWise Main page

Information Virtual Private Network (or VPN) is a secure network connection that is layered on top of the Internet. This type of connection is used to move secure data to and from corporate networks safely, minimising the chance of these systems being "hacked or abused".

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.

SpoofStick is a simple browser add-on for Internet Explorer, that may help novice users to spot phishing scams that are linked from emails or web sites.

PhishFighting. Fight back and take down the Phishers. Enter phishers URL to Report it.

PhishGuard is a simple, FREE software service for computers running Microsoft operating systems (Windows 98 through XP) and any version of Microsoft Internet Explorer 4.0 or greater. PhishGuard harnesses the collective observations of Internet users to detect and rapidly disable Internet Phishing or Spoofing attacks designed to steal critical financial data.

Reporting Spam SpamCop parses reported email, sending warning information to the internet service provider responsible for hosting the services used by the spammer (web sites and email sending sites). SpamCop also uses the information to generate SpamCop's free blocking list. Unfortunately, this is an ongoing battle. Spammers adapt quickly and persistently. Report spam and help SpamCop turn the tide. SpamCop makes this otherwise slow and technical task quick and easy. The SpamCop reporting service is free.   More...

What is "mole" reporting? SpamCop Mole reporting was an experiment that presented many problems in the operations and integrity of SpamCop, so is mostly being disabled. Reports from users who choose to be mole reporters will count only in the statistics and aggregate counts. Reports are not sent and can only be viewed by SpamCop administrators. Mole reports do not count in the stats used to determine listing and delisting of IP addresses in the SpamCop Blocking List. As spam defenses and spammers become more sophisticated, many smart spammers have developed very sophisticated defenses against being detected. One of the spammer's strategies is to quickly and effectively remove anyone from their mailing lists who files a spam complaint (until they want to get revenge, and then the use these "remove lists" differently). This is generally (although not always) good for the person filing the complaint, but it is bad for spam defense in general, since these activists are the only ones identifying the problem. By removing the "trouble makers", spammers too often slip "under the radar" and appear to be legitimate senders, even though the majority (or entirety) of the victims don't want the mail (they are just the ones who don't bother to make waves). More...

PayPal Support Club. Review and helpful links, coding examples, warnings, other shopping cart links, etc. PayPal is a on-link banking system that allows website owners to integrate shopping cart technology into their site.  Find out more, includes links to helpful site about PayPal shopping cart technology. Report eBay spoof emails to spoof@ebay.com  Report spoof PayPal emails to spoof@paypal.com

Hacktivism is the writing of code, or otherwise manipulating bits, to promote political ideology. Taking Lessig's message to heart, hacktivism believes that proper use of code will have leveraged effects similar to regular activism (or civil disobedience). Fewer people can write code, but code affects more people. myWiseOwl

PC WIZARD is a powerful utility designed especially for detection of hardware, but also some more analysis. It's able to identify a large scale of system components and supports the latest technologies and standards. This tool is periodically updated (usually once per month) in order to provide most accurate results.

CPU-Z is a freeware that gathers information on some of the main devices of your system. Name and number. Core stepping and process. Package. Core voltage. Internal and external clocks, clock multiplier. Supported instructions sets. All cache levels (location, size, speed, technology).

System Monitor. This software lets you keep your eye on system resource usages of your PC. It currently supports 27 kinds of information including CPU, Memory, Network, and detailed HDD usages.

Diag Plus Diagnose registry problems from DOS. From WindizUpdate (62NDS Solutions Ltd.) More Hardware links

AIM Encryption Certificate Generator You can use this tool to generate a security certificate file that you can import into AIM. You can then have encrypted conversations with any other member who also has imported a security certificate. The certificates produced by this tool are generated on demand, and no two certificates will share the same private key. This means that the certificates produced here are much more secure than the one certificate being mass distributed at AIM Encrypt - Free Security Certificate for AIM

AIM Encrypt - Free Security Certificate for AIM! Encryption certificate. Why do I want AIM Security? AIM is known to not have the best security, or any for that matter. If someone on your network is using a "packet sniffer" or other type of traffic analyzing tool they can see your AIM conversations and read them word for word. AIM Security using SSL Certificates makes your conversation appear much like trash to anyone analyzing what you type much like "Sw43jg73js7HSkg8Skeq3k65" instead of "Hello Friend". This certificate encodes the message so only the sender and the receiver can read the message. But still please use common sense and don't send credit card numbers, etc. over IM, this should only make you about "this" much safer on the internet, and make you feel cool having a padlock next to your name

SSL, Secure Socket Layer. This is a system used to protect secure information, for example credit card, bank account details, etc. Most sites that use this system will have URL's that start with https:// ,( note the "s" ), instead of the normal unprotected http:// 

The sites that use SSL, Secure Socket Layer may also display a small padlock image in the Task Bar. You should not send private or sensitive information of any type without using the SSL, Secure Socket Layer method.

The Secure Sockets Layer protects data transferred by using encryption enabled by a server's SSL Certificate. Uses a public key and a private key. A public key is used to encrypt, ( note that some systems may have different levels of encryption but this should not be any less than 128 bit encryption ), information and a private key is used to decipher it. When a browser points to a secured domain https://, a SSL handshake authenticates the server and the client and establishes an encryption method and a unique session key.

The GNU Privacy Guard. GnuPG is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.

OpenPGP is the most widely used email encryption standard in the world. It is defined by the OpenPGP Working Group of the Internet Engineering Task Force (IETF) Proposed Standard RFC 2440. The OpenPGP standard was originally derived from PGP (Pretty Good Privacy), first created by Phil Zimmermann in 1991.

PGPdump Interface

OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

Apache-SSL

SSL 3.0 specification, Netscape.

RSA security

Get Safe Online will help you protect yourself against internet threats. The site is sponsored by government and leading businesses working together to provide a free, public service.

Bank Safe Online sets out simple steps you can take to help keep safe online. We also provide you with updates on the latest scams, and enable you to report any suspicious emails or websites to us direct.

Advanced WindowsCare Repair and fix windows with 1-click. Slow down, freeze and blue-screen crash are over. Advanced WindowsCare thoroughly examines the Windows system, accurately detects the bottlenecks for slowing down and crashing, fixes these problems and repairs Windows. All work will be done with 30 seconds and 1 click. The intuitive interface makes Advanced WindowsCare the perfect tool for Non-IT professionals

Free Internet Window Washer is a free privacy cleaner to remove internet tracks and computer activities. It can erase Window®:s temp folders, run history, search history, recent documents, browser's cache, cookies, history, typed URLs, autocomplete memory, index.dat files, and more. You can also easily erase the tracks of up to 100 popular applications. It also provides you option to clean the data more securely so that they could not be recovered.

Home Office Identity Fraud Steering Committee What is Identity theft? Your identity and personal information are valuable. Criminals can find out your personal details and use them to open bank accounts and get credit cards, loans, state benefits and documents such as passports and driving licenses in your name.

CIFAS, (Credit Industry Fraud Avoidance Scheme), the UK's Fraud Prevention Service. CIFAS is a not for profit membership association solely dedicated to the prevention of financial crime. CIFAS provides a range of fraud prevention services to its members, including a fraud avoidance system used by the majority of the UK's financial services companies.

Card Watch raises awareness about all types of plastic card fraud in the UK, and provides information to prevent fraudulent use of credit cards, debit cards, cheque guarantee cards and charge cards.

The Council of Better Business Bureaus and BBB OnLine Complaint System. The BBB does not take sides in a dispute. The BBB works to facilitate communication between the company and the consumer, to help both sides come to a satisfactory resolution to the complaint. In many cases, dispute resolution, including mediation and arbitration, may be available to help resolve the dispute.

The European Telecommunications Resilience and Recovery Association (ETRA) is a European forum for discussion, debate and information. Based in the UK it aims to extend understanding of the relationship between telecommunications, information assurance, security, disaster management and corporate governance.

WARPs (Warning Advice and Reporting Points). WARPs are part of the Centre for the Protection of National Infrastructure Security information sharing strategy to help combat the increasing risk of electronic attack on our information systems.

Center for the Protection of National Infrastructure. Information sharing strategy to help combat the increasing risk of electronic attack on our information systems.

Securityvulns Computer Security Vulnerabilities. Reports on Vulnerabilities in software and hardware:-

Securityvulns news channel

securityvulns.com vulnerabilities newsline

Integer overflow in Autonomy KeyView / Symantec antiviral applications

Buffer overflow on Microsoft Office documents parsing. Applications: Lotus Notes 8.5 (11.03.2010)

Yahoo Player buffer overflow

Buffer overflow on .m3u files parsing. Applications: Yahoo Player 1.0 (11.03.2010)

ncpfs multiple security vulnerabilities

DoS conditions, information disclosure. Applications: ncpfs 2.2 (11.03.2010)

dpkg directory traversal

Directory traversal on package content extraction. Applications: dpkg 1.14 (11.03.2010)

Juniper Secure Access crossite scripting

editbk.cgi crossite scripting Applications: Juniper IVE OS 6.3, Juniper IVE OS 6.4, Juniper IVE OS 6.5 (11.03.2010)

HP OpenView Performance Insight code execution

It's possible to upload JSP page to server. Applications: Performance Insight 5.4 (11.03.2010)

GNU tar / cpio buffer overflow

Buffer overflow in rmt code implementation Applications: Symantec Mail Security for Domino 7.5, tar 1.23, cpio 2.11, Symantec Mail Security for Domino 8.0, Symantec Mail Security for Microsoft Exchange 6.0 (11.03.2010)

XNView buffer overflow

Integer overflow on DICOM images parsing leading to buffer overflow. Applications: XnView 1.97 (11.03.2010)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Applications: Dvbbs 7.1, Dvbbs 8.2, typo3 4.2, WordPress 2.9, Kandidat CMS 1.3, Chaton 1.5, tdiary 2.2, Employee Timeclock 0.99, BBSMAX 4.2, BBSMAX 4.1, BBSMAX 3.0, typo3 4.3, Croogo CMS 1.2, BBSXP 2008, SiteMinder 6.0 (11.03.2010)

Microsoft Excel multiple security vulnerabilities, updated since 10.03.2010

Multiple buffer overflows, memory corruptions, code execution. Applications: Office XP, Office 2003, Office 2004 for Mac, Office 2007, Office 2008 for Mac (11.03.2010)

Spamassasin milter plugin shell characters vulnerability

Shell characters vulnerability via RCPT TO: command. Applications: spamassasin-milter 0.3 (11.03.2010)

Apache mod_isapi uninitialized pointer function call

Uunder some conditions function from dynamic library is called by it's address after library is unloaded. Applications: Apache 2.2 (11.03.2010)

kvm multiple security vulnerabilities

DoS, privilege escalation. Applications: kvm 72 (11.03.2010)

Sun VirtualBox DoS

Applications: xVM VirtualBox 1.6, xVM VirtualBox 2.0, xVM VirtualBox 2.1, xVM VirtualBox 2.2 (11.03.2010)

Iirongeek. Adrian Crenshaw's Information Security site (along with a bit about weightlifting and other things that strike my fancy). Articles and tutorials.  

CERT® Coordination Center (CERT/CC) is a center of Internet security expertise, located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.

The National High Tech Crime Unit:- National unit formed in April 2001 comprising personnel from the National Crime Squad, the NCIS, and from HM Customs & Excise. It works in conjunction with computer crime units in UK police forces.

National crimes quad police UK The National Crime Squad works at the heart of tackling serious and organised crime.

Computer Crime and Internet-Related Crime The Metropolitan Police Service.

National Crime Prevention Council's (NCPC) mission is to prevent crime and build safer, more caring communities.

Terrorist Activity Report Them Here (FBI) Federal Bureau of Investigation.  Stop and report terrorists United States of America

CRIMESTOPPERS United Kingdom. Call anonymously with information about crime. 

MI5 the official website of the UK Security Service (MI5) are responsible for protecting against threats to United Kingdom National Security, such as terrorism and international terrorism.  If you know something about a threat to National Security.  STOP and report terrorists.

Blocking Unwanted Parasites with a Hosts File and other security tips.

Fraud:- Attention Footie fans! Following discussions with the European Commission FIFA has agreed to accept more ticket payment methods in the next stages of ticket allocation for the 2006 World Cup in Germany. Watch out for the latest scam - an e-mail that pretends to come from FIFA, telling you that you've got a ticket to the World Cup. It carries a mass-mailing worm. The advice, as always, is not to open attachments in such e-mails, (use anti-spam software), and to ensure that your Anti-Virus Software Tools & Utilities protection is up to date.

SPIM & SPIT (SPIM, SPam using Instant Messaging), is another new spamming technique, the difference in this case being that the spam is delivered through Instant Messaging rather than email. It's not as common as email spam. According to a report from Ferris Research, 500 million IM spam were sent in 2003, twice the level of 2002. As it becomes more common, spim could affect businesses in the same way that email spam does now, creating security problems and costing time and money. SPIM stands for Spam over Internet Telephony. It's essentially like spam email, only rather than getting unwanted messages in your inbox, they're left on your voicemail. It can happen if you're using a phone connected to the Internet, something more and more people are choosing to do. VoIP, ( Voice over Internet Protocol ), addresses or may hack into a computer used to route VoIP calls. And, because calls routed over IP are much more difficult to trace, there's a far greater potential for fraud.

Yahoo Security information and advice

Yahoo Hacking.  Social Engineering, Phishing information (Faux is a French work used to describe something made to resemble something else. The original French word means false, fake, imitation or artificial.)

Yahoo Reporting Password Scams

• Email: If you receive an email impersonating Yahoo!, please forward the email to mail-spoof@cc.yahoo-inc.com. Include the full headers and the HTML source code of the email you received.
• Web page: If you see a web page asking for your Yahoo! ID and password and you feel it is a scam, please report it to Yahoo!. Include the full URL of the web page collecting passwords.

Free PC Scan Windows Registry Repair

PC Security Software PCSecurityShield. Protection Range. Anti-virus, Firewall, Privacy Defender, Spam Shield, Popup Blocker, Delete files PERMANENTLY, etc... 

Department of Trade and Industry Notes

SiteAdvisor. We test the Web to help keep you safe from spyware, spam, viruses and online scams.

APNIC Spammers & hackers : Using the APNIC Whois Database to find their network | Spam | Hacking

!exploitable, (pronounced "bang exploitable") Crash Analyzer, (!exploitable Crash Analyzer - MSEC Debugger Extensions). A plugin for the Windows Debugger that parses your crash logs and gives you two important pieces of information. First, it will collate all of your crashes and determine exactly how many there actually are. So for example, out of 60 crash reports, there may only be 2 or 3 actual problems. The second thing it does is look at the type of crash and try to determine if the error is something that could be exploited by a malicious hacker. This means that more junior employees can work these bug issues without taking the time of more senior examiners.   More Microsoft Windows Links.

Web Master Tools and Utilities

Security wonks.net

Scurity wonks.org Forum

Alliance of Security Analysis Professionals (ASAP).

Keylogger Hunter - Detects Keyboard Monitoring Programs

Help maximize your security with the Internet Explorer High Encryption Pack.

World privacy forum

UBCD4Win Bootable CD Repair/Restore/Diagnose etc for Windows®.

DomainKeys: Proving and Protecting Email Sender Identity (Information by Yahoo) Email spoofing, (and Phishing) - the forging of another person's or company's email address to get users to trust and open a message - is one of the biggest challenges facing both the Internet community and anti-spam technologists today. Without sender authentication, verification, and traceability, email providers can never know for certain if a message is legitimate or forged and will therefore have to continually make educated guesses on behalf of their users on what to deliver, what to block, and what to quarantine, in the pursuit of the best possible user experience.

Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields.

Phishing.  A lot of Major banks, Credit Card operators, e-Commerce Sites, Visa, PayPal, (PayPal Support Club), and eBay, (also many other websites), have suffer from Phishing. This is where people were directed to a fraudulent website that is identical to the companies' sites in the hope that they will supply details so they can be used illegally.

Anti-Phishing Working Group - Committed to wiping out Internet scams and fraud.

Phishing Report The Phish Report Network (PRN) was established to address the growing problem of phishing. As the industry's first anti-phishing aggregation service, PRN enables companies to better protect consumers against online fraud.

Know your Enemy: Phishing Behind the Scenes of Phishing Attacks. The Honeynet Project & Research Alliance.

RSA Data Security, Inc.,

FireFox Browser A Mozilla project, empowers you to browse faster, more safely and more efficiently than with any other browser.

Internet Watch Foundation Site Index (Legal issues. Reports illegal and offensive Internet Issues.)

SafeSurf Creating a Safe Internet Without Censorship Help Us Accomplish This Goal.

EFF is a nonprofit group of passionate people & lawyers, volunteers, and visionaries working to protect your digital rights.

Copyscape Search for copies of your page on the Web. Defend your site a against plagiarism.

Rules for Uniform Domain Name Dispute Resolution Policy (the "Rules") (As Approved by ICANN on October 24, 1999)
http://www.icann.org/udrp/udrp-rules-24oct99.htm   or   http://www.icann.org/udrp/udrp-rules-24oct99.htm

Domain Name Transfer's ICANN Inter-Registrar Transfer Policy.

UKReg Domain Name Dispute Policy

Nominet Disputes account all registrations in the .uk Top Level Domains.

Domain Name law (Sedo)

eSecurity4Britain Inform, educate and provide protective measures to ensure small businesses can use the internet to operate their businesses - with security.

7Safe is an Information Security services firm offering a diverse portfolio of services including security training & certification, penetration testing, computer forensics and risk management (including BS 7799).

Police United Kingdom UK Police Service portal.

Ofcom is the independent regulator and competition authority for the UK communications industries, with responsibilities across television, radio, telecommunications and wireless communications services.

Check premium rate numbers ICSTIS, Independent Committee for the Supervision of Standards of the Telephone Information Services- the premium rate services regulator.

Computer Hope

Also view our Scams and hoaxes. Fraud warnings. Virus Attacks.

SquareTrade eBay User Support. Trouble with a transaction? SquareTrade can help you resolve issues independently or through professional mediation.

Federal Trade Commission - As part of an international group of consumer protection agencies, the FTC monitors an online complaint site called econsumers.gov. Although they do not resolve individual consumer problems, complaints are used to help investigate fraud, and can lead to law enforcement action.

National Fraud Information Center - The NFIC helps consumers distinguish between legitimate and fraudulent promotions in cyberspace and route reports of suspected fraud to the appropriate law enforcement agencies.

Mobile Industry Crime Action Forum. An organisation set up by the United Kingdom mobile telecommunications industry, including mobile handset manufacturers, to address the issues of mobile phone theft.

ScamSafe Archives

Fraud Watch International

Anti-Phishing Working Group

Anti-Phishing Act of 2004

Security Focus Magazine (Phishing Forensics)

Federal Trade Commission (Anti-Phishing)

Better Business Bureau (Anti-Phishing)

Patents: Commission proposes rules for inventions using software

Wireless Security Issues from our page WAP, WML, Wireless Markup Language, Wireless links, Wi_-Fi, BlueTooth, PixeCode, PDF414, Semacode, Datamatrix, radio links.

Safe Options Safe Options is the UK's leading online security store. Buy Safes, Lockers, Convex Mirrors and Key Cabinets online from our UK security store. We supply fire safes and security safes to both Business and Home Safe Users Buy Safes on 30 Day terms - available for recognised UK institutions FREE DELIVERY OF SAFES and LOCKERS ON THE UK MAINLAND* (*Ground Floor with easy access except N.Ireland and Islands)

Homeland Security Threat Monitor  (United States of America). A small Windows application that runs in your system tray, showing the current terrorism threat level. It periodically checks to make sure the information is up to date by contacting the Department of Homeland Security web server. Establish an emergency preparedness kit and emergency plan for themselves and their family, and stay informed about what to do during an emergency.

The Open Web Application Security Project released a helpful document that lists what they think are the top ten security vulnerabilities in web applications.

Host Files. You can begin blocking ads and help keep yourself from being tracked by using the Hosts file with Windows and other operating systems.

Microsoft Diagnostics and Recovery Toolset. 30 day evaluation of the Microsoft Diagnostics and Recovery Toolset. This product provides powerful, intuitive tools that help administrators recover PCs that have become unusable, and easily identify root causes of system issues. This toolset is part of the Microsoft Desktop Optimization Pack.

eBay Help about how to spot a Spoof emails

Reporting eBay Account Theft, If you feel your account has been compromised, please report it.

eBay Safe Trading Tips

eBay Security Center

PayPal Security Center

New PayPal phishing scam uncovered   The email, which purports to come PayPal, claims that the recipient's account has been the subject of fraudulent activity. However, unlike normal Phishing emails, there is no internet link or response address. Instead, the email directs the recipient to call a phone number and verify their details. When dialled, users are greeted by an automated voice saying: "Welcome to account verification. Please type your 16 digit card number." Once the credit card details are entered, the scammer is free to steal the credit information for their own use. Spyware analysts SophosLabs are warning users not to respond to the email. Graham Cluley, senior technology consultant at Sophos said "Though it's an American telephone number, the fact that PayPal is used globally means that anyone could potentially be tricked into making the call." More SpyWare Removal Links.

PayPal Support Club. Review and helpful links, coding examples, warnings, other shopping cart links, etc. PayPal is a on-link banking system that allows website owners to integrate shopping cart technology into their site.  Find out more, includes links to helpful site about PayPal shopping cart technology.

Freenet is free software which lets you anonymously share files, browse and publish "freesites" (web sites accessible only through Freenet) and chat on forums, without fear of censorship. Freenet is decentralised to make it less vulnerable to attack, and if used in "darknet" mode, where users only connect to their friends, is very difficult to detect.

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which enable malicious attackers to inject, client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. Their impact may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site, and the nature of any security mitigations implemented by site owner.

Also read Methods of Internet adverting

Click Fraud Protection and Click Fraud Security

Scams and hoaxes. Fraud warnings. Virus Attacks

Check for rubbish service

FireWall's

SpyWare Removal

Backup/File Compression Data Recovery

Protect your Usernames and passwords. Protect your system 

Disaster Recovery Planning. (Also Undelete Files) So how good is your Disaster Recovery Planning?

Anti-Virus Software Tools & Utilities

Spam Filters

Web Master Tools and Utilities

Forums. Computing Forums. Webmaster Forums, Programming Forums

Terrorist Activity Report Them Here (FBI) Federal Bureau of Investigation.  Stop and report terrorists United States of America

CRIMESTOPPERS United Kingdom. Call anonymously with information about crime. 

MI5 the official website of the UK Security Service (MI5) are responsible for protecting against threats to United Kingdom National Security, such as terrorism and international terrorism.  If you know something about a threat to National Security, STOP and report terrorists.

Police United Kingdom UK Police Service portal.

Web Masters. Click Here Now to start making money. A Great opportunity to make some money. Receive 50% by offering your users Ton's of Keywords on A Great Portal websites. Our Affiliate Program Pays you 50% on Level 1 of Every Sale of our Text Link both searchable and static Text Link!