Yahoo Works with McAfee

• By Lafe Low
• 05/07/2008

It is, however, taking a few steps with security hotshot McAfee, to send out alerts about potentially dangerous sites. When you Yahoo -- or, more specifically, when you run a search with Yahoo -- it will return your results with any suspect sites flagged with a red exclamation point. The McAfee/Yahoo alerts will flag sites that are likely serving up malicious downloads, adware and spyware, or usurping your e-mail address to sell to spammers. Proceed at your peril.

The filtering technology driving the alerts is based on McAfee's SiteAdvisor. Like the red exclamation points, SiteAdvisor uses red, yellow and green labels to indicate whether a site is safe, suspect or completely dangerous.

How do you keep your Web surfing users from stumbling into any Web-borne minefields? What combination of technologies and policies keep your people safe? Send me a green-labeled message at [email protected].

Microsoft Makes Zune Move
In a direct shot at Apple and its global dominance with the iPod, Microsoft has beefed up the Zune to let it play movies.

iPod users can get at movies, television shows, videos, podcasts and, of course, tunes. Previously, Zunes were limited to only music videos. Now, Microsoft will sell episodes of popular television shows, mostly from NBC, for $1.99. It will also carry shows from premium channels like Comedy Central and the Sci-Fi channel. Carrying NBC shows is one thing the Zune has over the iPod, as NBC and Apple couldn't agree on a pricing structure for individual episodes.

Another benefit for the Zune is that it can sync up with the mothership PC over a wireless connection. iPods still have to connect to a PC desktop or laptop with a USB cable.

As a recent iPod convert, I love having 300 CDs worth of music in my shirt pocket, but watch a movie in a two-by-two screen? Not likely. Are you a Zune or iPod user? Market dominance aside (let's face it, it's clearly an iWorld), which one do you think has the cooler feature set? Tune me in and let me know at [email protected].

Research Identifies SQL Hacks
The U.S. Department of Homeland Security (DHS), the United Nations and the Civil Service office in the United Kingdom have all recently fallen victim to a series of relatively sophisticated SQL injection hacks.

This type of attack, in which hackers commandeer the sites to launch malware attacks on unsuspecting visitors, is becoming more common, according to Web application security vendor Acunetix. The company recently released a research report that highlights widespread vulnerability to this type of attack.

"Research conducted on 3,200 Web sites showed that as many as 70 percent of Web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists," said Acunetix operations manager Sarah Tabone in a published report. "Attacks like the one recently seen on the DHS can convert any Web site into an attack weapon directed at unknowing visitors."

You can download a free version of the vulnerability scanner here. You can also read more about Acunetix's research here (PDF) .

How do you scan and clear potentially malicious Web sites? Has this been a problem among your users? It's safe to log on and let me know at [email protected].

And, as always, read more about these stories and catch up on all the latest Microsoft news at our news Web site RedmondReport.com.