Showing Tag: "security" (Show all posts)

Phishers use HTML attachments to evade browser blacklists

Posted by on Tuesday, March 22, 2011, In : Security 

To get around phishing blacklists in browsers, scammers are luring people by using HTML attachments instead of URLs, a security firm is warning.

Chrome and Firefox are good at detecting phishing sites and warning Web surfers via a browser notice when they are about to visit a site that looks dangerous. So good, in fact, that scammers are resorting to a new tactic to lure victims into their traps via e-mails--attaching HTML files that are stored locally when they are opened, according ...


Continue reading ...
 

How to avoid disaster-related Internet scams

Posted by on Tuesday, March 22, 2011, In : Security 
In every disaster scammers see an opportunity, and the crisis in Japan is no exception. Already there have been fake Red Cross e-mails circulating and there will no doubt be more scams coming.

Those e-mails appear to come from the British Red Cross. They provide some news on the earthquake and tsunami in Japan and urge people to donate to a Yahoo e-mail address on a Moneybookers account, a money transfer service that enables recipients to remain anonymous, according to App River, an e-m...


Continue reading ...
 

Searching for free stuff online can be costly

Posted by vijai on Thursday, September 16, 2010, In : Security 
This pie chart shows the different threats that can come from 
visiting Web sites that advertise unauthorized content.

This pie chart shows the different threats that can come from visiting Web sites that advertise unauthorized content.

(Credit: McAfee)

It's common knowledge that you can catch computer viruses on porn Web sites. But did you know it's also risky to surf the Web searching for free movies or music?

A study from McAfee to be released on Tuesday finds that adding the word "free" when looking for entertainment content in search engines greatly increases the chances of landing on a site hos...


Continue reading ...
 

How secure is your e-mail password?

Posted by Elinor Mills (CNET Writer) on Thursday, September 16, 2010, In : Security 
Access to an e-mail account opens up access to all sorts of other information that could be used to steal someone's identity and drain bank accounts, open up credit cards, and even take out loans in their name.

It's not just personal information at stake in e-mail accounts. Use of weak password-reset security questions is believed to have allowed someone to access the Yahoo e-mail account of a Twitter employee last year and then use that to access the person's Google Docs account where there w...

Continue reading ...
 

Be cautious of Internet access at airports

Posted by Oyya-Info on Thursday, August 26, 2010, In : Security 

Accessing the Internet via an open Wi-Fi network is risky because you have no idea who is the hot spot provider or who is connected to it. At the airport it may seem more secure to use a terminal to check your e-mail or update your Facebook status; however, according to Symantec, these terminals might not be secure at all.

In a recent article on the company's Web site, Nick Johnston, senior software engineer of Symantec Hosted Services, wrote that at one Internet terminal at a large airport ...


Continue reading ...
 

What to do with passwords once you create them

Posted by Oyya-Info on Friday, July 16, 2010, In : Security 

Cryptography expert Bruce Schneier used to write his passwords down on a slip of paper and keep it in his wallet.

Today, he uses a free Windows password-storage tool called Password Safe that he designed five years ago and released into the open-source community. The desktop application lets users remember only one master password to access their password list.

But Schneier still recommends the paper method for people who don't have their computers with them at all times like he doe...


Continue reading ...
 

Want really secure Gmail? Try GPG encryption

Posted by Oyya-Info on Thursday, January 14, 2010, In : Security 

Perhaps Google's announcement that Chinese cyber attackers went after human rights activists' Gmail accounts has made you skittish about just how private your own messages are on the Google e-mail service.

Well, if you want to take a significant step in keeping prying eyes away from your electronic correspondence, one good encryption technology that predates Google altogether is worth looking at. It's called public key encryption, and I'm sharing some instructions on how to get it working i...


Continue reading ...
 

Character limitations in passwords considered harmful

Posted by Oyya-Info on Thursday, December 3, 2009, In : Security 

For about the 4,000th time in the last five years, I tried to sign up for a new Web service, but it wouldn't accept my proposed password. Apparently, the site operators decided that passwords should contain only letters and numbers. Aarrrrgh! This isn't the first time I've seen this idiocy, and it won't be the last. But it should be.

Guidelines on how to construct a strong password almost uniformly recommend using a mixture of upper and lower case letters, numbers, and symbols. Tools for gene...


Continue reading ...
 

Chrome OS security: 'Sandboxing' and auto updates

Posted by Oyya-Info on Tuesday, November 24, 2009, In : Security 
With most computers threatened by attacks coming through Web applications, it's no surprise that security would be a key piece of Chrome OS, Google's browser-based operating system that stores data in the cloud.

Google showed off its new lightweight operating system designed for Netbooks and cloud computing on Thursday. As anticipated, it will rely on many of the same security features and concepts used by the Chrome browser.

"The browser is the operating system. We've expanded the browser to...


Continue reading ...
 

Apple plugs holes for domain spoofing, other attacks

Posted by Oyya-Info on Tuesday, November 10, 2009, In : Security 

Apple on Monday released a large security update for Mac OS X that fixes dozens of vulnerabilities and provides protection against potential attacks exploiting a weakness in the protocol used to verify that a domain is legitimate.

There are 43 specific issues addressed in the 2009-006 update, released the same day as Mac OS X v.10.6.2.

It plugs a variety of holes for the Mac OS X v10.5.8, 10.6, 10.6.1, and Mac OS X Server v10.6 and 10.6.1, many of which could lead to arbitrary code execution...


Continue reading ...
 

More security breaches hit midsize companies

Posted by Oyya-Info on Thursday, October 29, 2009, In : Security 

More midsize companies are being attacked by cybercriminals at the same time they're spending less on security, says a McAfee report released Wednesday.

Across the world, more than half of the 900 midsize businesses (51 to 1,000 employees) surveyed by McAfee for its report, The Security Paradox, said they've seen an increase in security breaches over the past year. Despite the threat, the recession has caused most of these companies to freeze their IT security budgets.

Midsize organizations have seen an increase in cyberthreats in 2009. (Credit: McAfee)

M...


Continue reading ...
 

Comcast pop-ups alert customers to PC infections

Posted by Oyya-Info on Friday, October 9, 2009, In : Security 

Comcast is launching a trial on Thursday of a new automated service that will warn broadband customers of possible virus infections, if the computers are behaving as if they have been compromised by malware.

For instance, a significant overnight spike in traffic being sent from a particular Internet Protocol address could signal that a computer is infected with a virus taking control of the system and using it to send spam as part of a botnet.

Comcast is launching a trial of a service that...


Continue reading ...
 

Verizon, McAfee team up on security products

Posted by Oyya-Info on Thursday, October 8, 2009, In : Security 
With security and cloud-computing both hot-button topics, Verizon Communications and McAfee are joining forces to offer customers a combination of the two.

Verizon's business unit and McAfee announced Thursday a new joint venture to sell cloud-based security products and services to large businesses and government agencies. With more companies tapping into the "cloud" to lower costs and outsource administration, McAfee and Verizon will sell a new suite of cloud-based security products, expandi...

Continue reading ...
 

Malware worldwide grows 15 percent in September

Posted by Oyya-Info on Tuesday, September 29, 2009, In : Security 

A rise in malware has caused the number of infected PCs worldwide to increase 15 percent just from August to September, says a report released Tuesday from antivirus vendor Panda Security.

Across the globe, the average number of PCs hit by malware now stands around 59 percent, an all-time high for the year. Among 29 countries tracked, the U.S. ranked ninth with slightly more than 58 percent of its PCs infected. Taiwan hit first place with an infection ratio of 69 percent, while Norway came i...


Continue reading ...
 

Microsoft: Windows 7 not affected by latest flaw

Posted by Oyya-Info on Wednesday, September 9, 2009, In : Microsoft 

Microsoft issued a formal security advisory late Tuesday on a reported zero-day flaw in Windows Vista and Windows Server 2008. However, the software maker also said that the flaw does not affect the final version of Windows 7, contrary to earlier reports.

"Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation," Microsoft said in the advisory. "We are not aware of attacks that try to use the reported vulnerabilities o...


Continue reading ...
 

Trend Micro launches new security tracking tool

Posted by Oyya-Info on Monday, August 31, 2009, In : Security 

It used to be that an IT administrator could warn employees about opening attachments from unknown sources or clicking on links from unknown e-mail senders as the first line of defense against spam, malware, and other bad stuff on the Internet.

Today, the seedy side of the Internet comes in many different forms and from many different sources. Stop for a moment and think about the new places where malware might be buried, hidden, released, and shared--a legitimate site that's been hacked, a b...


Continue reading ...
 

How to make strong, easy-to-remember passwords

Posted by Oyya-Info on Friday, August 14, 2009, In : Security 

One of the best ways to protect your online security is to have strong passwords that you change periodically. But that's easier said than done. Coming up with hard-to-guess passwords is hard enough, but it's even harder to have separate passwords for different sites and to remember new ones after you change them.

One way to create a password that's hard to guess but easy to remember is to make up a phrase. You could type in the entire phrase (some sites let you use spaces, others don't) or y...


Continue reading ...
 

HP researchers develop browser-based darknet

Posted by Oyya-Info on Sunday, July 26, 2009, In : Security 

Two researchers for Hewlett-Packard have created a browser-based darknet, an idea that could make it easier for businesses to keep eavesdroppers from uncovering confidential information.

Darknets are encrypted peer-to-peer networks normally used to communicate files between closed groups of people. Most darknets require a certain level of technological literacy to set up and maintain, including taking care of the necessary servers. However, HP researchers Billy Hoffman and Matt Wood plan nex...


Continue reading ...
 

Chrome security in limelight with Google OS plan

Posted by Oyya-Info on Wednesday, July 22, 2009, In : Security 

The techniques Google uses to protect Chrome users from browser-based attacks have taken on new importance with the company's plan to make the software the centerpiece of a Netbook operating system.

Two weeks ago, Google announced plans for the open-source Chrome OS designed for people who spend most of their time on the Web. The Google Chrome operating system is a "natural extension" of the Chrome browser, Sundar Pichai, vice president of product management, and Linus Upson, engineering d...


Continue reading ...
 

Symbian admits Trojan slip-up

Posted by Oyya-Info on Saturday, July 18, 2009, In : Security 

The Symbian Foundation has acknowledged that its process for keeping malicious applications off Symbian OS-based phones needs improvement, after a Trojan horse program passed a security test.

The botnet-building Trojan, which calls itself "Sexy Space," passed through the group's digital-signing process, Symbian's chief security technologist Craig Heath said Thursday. Heath said the group is working on improving its security-auditing procedure.

"When software is submitted, we do try to filt...


Continue reading ...
 

Google fixes flaws in Chrome

Posted by Oyya-Info on Friday, July 17, 2009, In : Google 

New versions of Google Chrome are out, fixing bugs and patching security holes in both the stable build and the beta build.

Two serious security flaws have been plugged. One had allowed for malicious code exploitation within the Chrome tab sandbox. Found by the Google security team, the threat was serious enough that Google has declined to be more specific until "a majority of users are up to date with the fix," the company said in a blog post.

A second security risk caused by memory corru...


Continue reading ...
 

Zero-day flaw found in Firefox 3.5

Posted by Oyya-Info on Wednesday, July 15, 2009, In : Security 

There is a critical JavaScript vulnerability in the Firefox 3.5 Web browser, Mozilla has warned.

The zero-day flaw lies in Firefox 3.5's Just-in-time (JIT) JavaScript compiler. Proof-of-concept code to exploit the vulnerability has been posted online by a security research group, Mozilla said in a post on its security blog on Wednesday. Security company Secunia rated the vulnerability as "highly critical" on Wednesday.

The hole could allow a hacker to launch a "drive-by" attack, according to...


Continue reading ...
 

Microsoft Security Essentials not quite a must-have

Posted by Oyya-Info on Wednesday, June 24, 2009, In : Security 

Microsoft on Tuesday released its latest foray into security software as a limited beta. Microsoft Security Essentials, known in development as Morro, is limited to 75,000 downloads in four countries: the United States, Israel, Brazil, and China.

Security Essentials contains all the basic features that users have come to expect from free security software: multiple built-in and customizable scan options, a scheduler, automatic definition file updates, a real-time defense shield, and rootkit...


Continue reading ...
 

Microsoft's free anti-malware beta to arrive next week

Posted by Oyya-Info on Friday, June 19, 2009, In : Security 

Microsoft will launch a public beta of its anti-malware service, Microsoft Security Essentials, on Tuesday as it phases out its Live OneCare suite in favor of a simpler free consumer security offering.

Microsoft Security Essentials, which will run on Windows XP, Vista, and Windows 7, will be available in the U.S., Brazil, and Israel in English and Brazilian Portuguese. A public beta version for Simplified Chinese will be available later in the year.

The service works like traditional antivi...


Continue reading ...
 

Hacker named to Homeland Security Advisory Council

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

Jeff Moss, founder of the Black Hat and Defcon hacker and security conferences, was among 16 people sworn in on Friday to the Homeland Security Advisory Council.

The HSAC members will provide recommendations and advice directly to Secretary of Homeland Security Janet Napolitano.

Moss' background as a computer hacker (aka "Dark Tangent") and role as a luminary among young hackers who flock to Defcon in Las Vegas every summer might seem to make him an odd choice to swear allegiance to the...


Continue reading ...
 

Protecting yourself from vishing attacks

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

You might have heard about online "phishing" scams designed to steal money from unsuspecting Web users, but now criminals are using another type of scam called "vishing" to commit the same crimes.

Last week, the Federal Trade Commission filed lawsuits against two telemarketing firms in Florida and a company claiming to sell extended automobile warranties for violating the Do Not Call registry and fraud for selling bogus warranties for between $2,000 and $3,000 a pop. Since 2007, the compan...


Continue reading ...
 

Microsoft patches critical PowerPoint hole

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

Microsoft on Tuesday released a patch aimed to fix a critical vulnerability in PowerPoint that had already led to exploits.

The vulnerability is listed as critical for Office 2000, but rated only as important for Office XP, Office 2003, and Office 2007. However, the hole had already formed the basis of targeted attacks, prompting Microsoft to issue a warning last month.

Although Microsoft says the hole is now patched in the Windows version of P...


Continue reading ...
 

Feds' red tape left medical devices infected with computer virus

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

The Conficker Internet virus has infected important computerized medical devices, but governmental red tape interfered with their repair, an organizer of an antivirus working group told Congress on Friday.

Rodney Joffe, one of the founders of an unofficial organization known as the Conficker Working Group, said that government regulations prevented hospital staff from carrying out the repairs.

Joffe, who also is the senior vice president for the telecom clearinghouse Neustar, told a panel of ...


Continue reading ...
 

Microsoft tightens Windows 7 security for USB drives

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

In the wake of the Conficker worm spreading via removable storage devices among other methods, Microsoft said on Tuesday it is making a change to the way Windows 7 handles USB drives.

As a result of the change, most USB drives will not be able to automatically launch a program using a Windows feature known as AutoRun, Microsoft said in a post on its Security Research & Defense Blog.

So, if an infected USB drive is inserted on a machine then the AutoRun task will not be displayed, Microso...


Continue reading ...
 

White House may relieve DHS of cybersecurity role

Posted by Oyya-Info on Monday, June 15, 2009, In : Politics and Law 

SAN FRANCISCO--The federal official overseeing a 60-day review of the U.S. government's cybersecurity efforts indicated Wednesday that the final report recommends shifting more responsibilities to the White House.

"It provides the president with recommendations for a White House organizational structure that can effectively address cyberspace-related issues," Melissa Hathaway, acting cyberspace director for the White House's National Security and Homeland Security councils, said at the RS...


Continue reading ...
 

Public-private security cooperation at RSA

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

In past years, I looked at the RSA security conference as a high-tech flea market staffed by the world's best security carnival barkers. Yes, important security topics were discussed, but the real focus of the show was selling products and doing deals.

This year's event has its share of tacky presentations and booth babes, but I'm hearing a lot of chatter about a far more important topic: the state of information security and its impact on us all. Finally, the combination of unending dat...


Continue reading ...
 

F-Secure says stop using Adobe Acrobat Reader

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

With all the Internet attacks that exploit Adobe Acrobat Reader people should switch to using an alternative PDF reader, a security expert said at the RSA security conference on Tuesday.

Of the targeted attacks so far this year, more than 47 percent of them exploit holes in Acrobat Reader while six vulnerabilities have been discovered that target the program, Mikko Hypponen, chief research officer of security firm F-Secure, said in a briefing with journalists.

Just last month, Adobe iss...


Continue reading ...
 

Microsoft exec: Internet still not safe enough

Posted by Oyya-Info on Monday, June 15, 2009, In : Microsoft 

SAN FRANCISCO--Microsoft's operating systems are still vulnerable to attacks, but more often than not it's older versions that are taking the big hits.

That was the message from Scott Charney, corporate vice president in Microsoft's Trustworthy Computing group, when he sat down with me on Tuesday. We chatted about the latest threats, including Conficker. The much-maligned Windows Vista, he noted, wasn't hit in the way that older versions of the operating system were.

"Some of those widesp...


Continue reading ...
 

Windows 7 security enhancements

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

Windows 7 makes remote connectivity to corporate networks seamless, protects data on thumb drives, and offers fewer user account control prompts to bug users compared to Vista, Microsoft said on Monday.

The software giant began an education blitz about the security features of the newest version of its operating system at the start of the RSA 2009 security conference.

Windows 7, which was released in public beta in January, will have 29 percent fewer user account control (UAC) prompts ...


Continue reading ...
 

SMS messages could be used to hijack a phone

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

Be careful who you give your mobile phone number out to. An attacker with the right toolkits and skill could hijack your phone remotely just by sending SMS messages to it, according to mobile security firm Trust Digital.

In the Trust Digital demo on YouTube, an attacker sends an SMS message to the victim phone (on the left) which opens up a Web browser and downloads an executable file that directs it to send an SMS to the attacker's phone (on the right).

(Credit: Trust Digital)

In what it ...


Continue reading ...
 

Secure software? Experts say it's no longer a pipedream

Posted by Oyya-Info on Monday, June 15, 2009, In : Security 

With the Conficker worm still hot and Microsoft patching multiple software vulnerabilities last week, it might be reasonable to assume the bad guys are winning the battle to get control over Internet-connected computers.

That's not necessarily the case. Developers are increasingly equipped with tools to shore up their products and vendors are collaborating in unprecedented ways to not only close holes in software, but also make sure they aren't in there in the first place, according to se...


Continue reading ...
 

Microsoft to offer hosted security for Exchange

Posted by Oyya-Info on Monday, June 15, 2009, In : Microsoft 
Microsoft will begin offering its first hosted security service under the Forefront brand on Thursday, dubbed Forefront Online Security for Exchange and designed to help keep malware and spam out of e-mail in-boxes.

The hosted service, which will cost $20 per user per year or less based on volume licensing, targets enterprise Exchange customers and includes a Web-based console for setting up policies for virus and spam protection, said Doug Leland, general manager of Microsoft's Identity and S...

Continue reading ...
 
 



Best Communitation Website
Which communication website is best?

Myspace
Facebook
Twitter
Furry-paws
Youtube


Make a free website with Yola