Mozilla Removes Two Malicious Firefox Add-Ons
Submitted Saturday, February 06, 2010 @ 10:48 AM
Firefox company information - ( Firefox News )
informationweek.com -- Mozilla on Friday said that it had removed two Firefox add-ons from its Web site because they installed malware.

"Two add-ons in the experimental section of addons.mozilla.org were found to be containing malware," Mozilla said on its security blog. "These were not originally detected with the anti-malware scanning tools that we have been using. We have since increased the number of scanning tools, and will be taking additional steps to minimize the risk of further incidents." See the complete story here.

Microsoft Patches Coming Tuesday: Brace Yourself
Submitted Saturday, February 06, 2010 @ 06:10 AM
Microsoft company information - ( Microsoft News )
pcworld.com -- Here are two keys words for Microsoft Windows shops to remember come this Patch Tuesday: "six" and "restart."

Six is the number of a critical bulletins Microsoft will release on February 9 that affect all the currently supported versions of Windows on both the desktop and server. See the complete story here.

Internet Explorer could turn your Windows XP machine into a w...
Submitted Friday, February 05, 2010 @ 06:08 AM
guardian.co.uk -- A design feature - or possibly bug - or possibly both - means that Internet Explorer can be turned into a web server which will leave your computer's files open to being read online, according to a hacker who demonstrated it at the Blackhat DC conference. See the complete story here.

Microsoft to patch 17-year-old computer bug
Submitted Friday, February 05, 2010 @ 06:06 AM
Microsoft company information - ( Microsoft News )
news.bbc.co.uk -- A 17-year-old bug in Windows will be patched by Microsoft in its latest security update.

The February update for Windows will close the loophole that involves the venerable DOS operating system.

First appearing in Windows NT 3.1, the vulnerability has been carried over into almost every version of Windows that has appeared since. See the complete story here.

Investigators suspect Iowa computer breach originated in China
Submitted Tuesday, February 02, 2010 @ 07:38 AM
wqad.com -- Iowa investigators believe a serious breach of a state computer database can be traced to China, but they acknowledge that hackers disguise their digital footprints. See the complete story here.

Attack Code Used to Hack Google Now Public
Submitted Saturday, January 16, 2010 @ 02:50 AM
Google company information - ( Google News )
pcworld.com -- The dangerous Internet Explorer attack code used in last month's attack on Google's corporate networks is now public.

The code was submitted for analysis Thursday on the Wepawet malware analysis Web site, making it publicly available. By Friday, it had been included in at least one publicly available hacking tool and could be seen in online attacks, according to Dave Marcus, director of security research and communications at McAfee. See the complete story here.

More flash drive firms warn of security flaw; NIST investigates
Submitted Saturday, January 16, 2010 @ 02:42 AM
SanDisk company information - ( SanDisk News )
Kingston company information - ( Kingston News )
computerworld.com -- SanDisk Corp. and Verbatim Corp. have joined Kingston Technology Inc. in warning customers about a potential security threat posed by a flaw in the hardware-based AES 256-bit encryption on their USB flash drives.

The hole could allow unauthorized access to encrypted data on a USB flash drive by circumventing the password authorization software on a host computer. See the complete story here.

Microsoft: Don't Believe the Black Screen of Death Hype
Submitted Tuesday, December 01, 2009 @ 04:37 PM
Microsoft company information - ( Microsoft News )
pcworld.com -- Move over, BSOD: There's a new screen of death in town. The frightful-sounding "black screen of death" is striking Windows machines worldwide, if recent media reports are to be believed, and Microsoft itself is the one who unleashed the beast.

It sure sounds dramatic, doesn't it? Even I got under my desk and hid for a few minutes (I ate a sandwich while I was down there -- it was delicious). It turns out, though, the "black screen of death" debacle may be more sensationalized than severe -- and, what's more, Microsoft's security updates likely have nothing to do with it whatsoever. See the complete story here.

NSA Is Giving Microsoft Some Help On Windows 7 Security
Submitted Wednesday, November 18, 2009 @ 05:48 PM
Microsoft company information - ( Microsoft News )
npr.org -- The National Security Agency has been working with Microsoft Corp. to help improve security measures for its new Windows 7 operating system, a senior NSA official said on Tuesday.

The confirmation of the NSA's role, which began during the development of the software, is a sign of the agency's deepening involvement with the private sector when it comes to building defenses against cyberattacks. See the complete story here.

Bogus E-mails 'From' FDIC Link Computer Users To Viruses, Say...
Submitted Sunday, November 08, 2009 @ 11:02 AM
sciencedaily.com -- Cyber criminals are using fake messages claiming to be from the Federal Deposit Insurance Corporation (FDIC) to deliver a virus capable of stealing unsuspecting victims' bank passwords and other sensitive personal information, says Gary Warner, the director of research in computer forensics at the University of Alabama at Birmingham (UAB). See the complete story here.

Big-Box Breach: The Inside Story of Wal-Mart’s Hacker Attack
Submitted Tuesday, October 13, 2009 @ 09:52 PM
wired.com -- Wal-Mart was the victim of a serious security breach in 2005 and 2006 in which hackers targeted the development team in charge of the chain’s point-of-sale system and siphoned source code and other sensitive data to a computer in Eastern Europe, Wired.com has learned.

Internal documents reveal for the first time that the nation’s largest retailer was among the earliest targets of a wave of cyberattacks that went after the bank-card processing systems of brick-and-mortar stores around the United States beginning in 2005. The details of the breach, and the company’s challenges in reconstructing what happened, shed new light on the vulnerable state of retail security at the time, despite card-processing security standards that had been in place since 2001. See the complete story here.

Microsoft Patch Tuesday Update Sets Record
Submitted Friday, October 09, 2009 @ 04:27 PM
Microsoft company information - ( Microsoft News )
crn.com -- Microsoft's upcoming Patch Tuesday update will set a record as the largest yet, with 13 patches that fix a total of 34 vulnerabilities -- including two zero-day flaws.

Microsoft gave eight of the 13 patches the highest severity ranking of critical, indicating that they repair errors that allow hackers to launch malicious attacks remotely, typically to steal information.

Thus far, Microsoft's patch record has been 12 in one month, which it reached both in February 2007 and October 2008. See the complete story here.

Online thieves step up bank raids
Submitted Wednesday, September 30, 2009 @ 01:07 AM
news.bbc.co.uk -- Cyber-criminals have developed sophisticated ways to remain undetected, a new report finds.

The report, from security firm Finjan, describes how one gang, based in the Ukraine, stole 300,000 euros (£269,000) in 22 days. See the complete story here.

IRS scam now world's biggest e-mail virus problem
Submitted Wednesday, September 30, 2009 @ 12:48 AM
computerworld.com -- Criminals are waging a nasty online campaign right now, hoping that their victims' fears of the tax collecter will lead them to inadvertently install malicious software.

The spam campaign, entering its third week now, is showing no signs of slowing down, according to Gary Warner, director of research in computer forensics with the University of Alabama at Birmingham. This one campaign accounts for about 10 percent of the spam e-mail that his group is presently tracking, he said. "This is the most prominent spam-delivered virus in the world right now," he said. See the complete story here.

Rivals mock Microsoft's free security software
Submitted Wednesday, September 30, 2009 @ 12:44 AM
Microsoft company information - ( Microsoft News )
computerworld.com -- Although one of the top consumer security vendors welcomed Microsoft's Security Essentials to the market, another dismissed the new free software as a "poor product" that will "never be up to snuff."

Earlier today, Microsoft launched Security Essentials, its free antivirus and antispyware software suite, which has been in development for almost a year. See the complete story here.

Microsoft unveils shield for critical Windows flaw as attack ...
Submitted Wednesday, September 30, 2009 @ 12:13 AM
Microsoft company information - ( Microsoft News )
computerworld.com -- With attack code that exploits a critical unpatched bug in Windows likely to go public soon, Microsoft wants users to run an automated tool that disables the vulnerable component.

The bug in SMB (Server Message Block) 2, a Microsoft-made network file- and print-sharing protocol that ships with Windows, affects Windows Vista, Windows Server 2008 and preview releases of Windows 7.

When the flaw was first disclosed Sept. 7, it was thought that attacks would only crash PCs, causing the notorious Blue Screen of Death. Since then, however, researchers have figured out how to create exploits that can be used to hijack a vulnerable computer. See the complete story here.

Malware worldwide grows 15 percent in September
Submitted Wednesday, September 30, 2009 @ 12:11 AM
news.cnet.com -- A rise in malware has caused the number of infected PCs worldwide to increase 15 percent just from August to September, says a report released Tuesday from antivirus vendor Panda Security.

Across the globe, the average number of PCs hit by malware now stands around 59 percent, an all-time high for the year. Among 29 countries tracked, the U.S. ranked ninth with slightly more than 58 percent of its PCs infected. Taiwan hit first place with an infection ratio of 69 percent, while Norway came in lowest with only 39 percent of its PCs attacked by malware. See the complete story here.

First look: Microsoft Security Essentials impresses
Submitted Tuesday, September 29, 2009 @ 11:59 PM
Microsoft company information - ( Microsoft News )
arstechnica.com -- Microsoft's new antimalware solution, Microsoft Security Essentials, is now available for Windows XP, Windows Vista, and Windows 7. Ars puts MSE through its paces and finds an unobtrusive app with a clean interface that protected us in the dark corners of the Internet. See the complete story here.

Why virus writers are turning to open source
Submitted Friday, September 18, 2009 @ 01:36 PM
news.cnet.com -- Malware developers are going open source in an effort to make their malicious software more useful to fraudsters.

By giving criminal coders free access to malware that steals financial and personal details, the malicious software developers are hoping to expand the capabilities of old Trojans. See the complete story here.