navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Daily CYBERCLIPS January

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
mogs Daily CYBERCLIPS January
Expert Contributor 1st Jan, 2011 07:59
Ranking: 2265
Posts: 6,268
User Since: 22nd Apr, 2009
System Score: 100%
Location: UK


Sixth Edition

Thankyou for your continuing support. A CYBERCLIPS INDEX thread is running for reference purposes ! The INDEX will be updated every two days...hopefully !
Security is still the emphasis of the thread with some related and varied topics.
Please note....the most recent posts are those at the end of a downward scroll !!
I should reiterate that no entry/post should be taken as a personal recommendation, unless otherwise stated.
Please continue to keep CYBERCLIPS free of junk and unattractive to any contentious individuals; whilst, at the same time feeling disposed towards posting suitable content, and one-off helpful comment, yourself.
* Keep patching : up to date : be Cybersafe ! *


--

mogs CClip 1
Expert Contributor 1st Jan, 2011 08:22
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Analyst says Google's Chrome OS will bury Windows

On netbooks
By Edward Berridge
Fri Dec 31 2010, 10:13
TELECOMS ANALYST Steve Sechrist has shuffled his tarot cards to foresee what the future has in store for Google's Chrome operating system.
He predicts that the free Chrome OS will displace the Vole's Windows OS on netbooks. This implies that Microsoft will be forced to give away its flagship desktop operating system for free in order to support sales of its other products, like Office.
Sechrist said that Google's Chrome OS is not just a stand-alone netbook OS but a piece in a large ecosystem puzzle that is looking to topple Apple and Microsoft. He claimed that Google's stripped down operating system will make money because it is not burdened with legacy drivers and resource draining middleware code.


Read more: http://www.theinquirer.net/inquirer/news/1934490/a...


--
Was this reply relevant?
+0
-0
mogs CClip 2
Expert Contributor 1st Jan, 2011 09:04
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Why does my computer keep freezing?
A problem with a motherboard battery causes a computer to stall
Computeractive staff PC help Desktops 31/12/2010


I recently read a letter in Computeractive from a reader complaining of their six-year-old computer freezing regularly.
Mine (of a similar age) started doing the same, so I tested the motherboard battery using a small voltage meter. I discovered it was only working at 1.4V when it said that it works at 3V on the top. I replaced the battery and the freezing problem went away.
Andrew Currie
Watch our video on replacing a motherboard battery


Read more: http://www.computeractive.co.uk/ca/pc-help/1931372...


--
Was this reply relevant?
+0
-0
mogs CClip 3
Expert Contributor 1st Jan, 2011 09:08
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Q I found the recent article in Computeractive on User Account Control (UAC) very interesting, as the constant prompts on Vista are annoying.
However, after turning off UAC, I found that when playing Call Of Duty 4 (COD4), all of my playing levels had disappeared – so, in effect, I would have to start the game all over again.
However, when I turn UAC back on, I’m back to my previous COD4 status. This surely cannot be coincidence. What’s causing this and is there a solution?
Pete Tomkinson


Read more: http://www.computeractive.co.uk/ca/pc-help/1931287...


--
Was this reply relevant?
+0
-0
mogs CClip 4
Expert Contributor 1st Jan, 2011 09:12
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Show world clocks on the Windows Taskbar
Find out how to view global time zones in Windows
Computeractive staff Step by step Operating systems 24/12/2010



Read more: http://www.computeractive.co.uk/ca/step-by-step/19...


--
Was this reply relevant?
+0
-0
mogs CClip 5
Expert Contributor 1st Jan, 2011 12:30
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

AVG Anti-Virus Free 2011 (v10.0.1191)
Major update to the impressive and free antivirus package
Written by Chris Wiles/Tim Smith
V3.co.uk, 28 Dec 2010
Type: freeware Platform: Windows 2000, Windows XP, Windows Vista, Windows Vista 64-bit Manufacturer:Grisoft Inc Size: 4.1MB Number of downloads:
1972994
Review Rating:Average User Rating:
Price:Free for personal use
AVG continues to be one of the most popular free antivirus programs available on the internet and it maintains this position with a combination of effective protection and an easy to use interface.

AVG Anti-Virus Free Edition improves on both areas, and is an essential upgrade, as updates will be stopped for the previous version. If you already have AVG installed it is best to click on the upgrade option when it is offered. If you have never installed it before, this is the download to use. We would recommend disconnecting from the internet during installation as there will a period where there is no protection.

As noted the interface of AVG Free has been improved and it is easier to see what protection AVG is providing and what needs attention via icons in the main part of the screen. Tabs along the left hand side give quick access to important information on updates and ongoing scans.

In addition to traditional antivirus protection, AVG Free now offers protection from Spyware without installing extra software.

Note that the new 2011 edition ships with a brand new user-interface, improved cloud-based protection and the inclusion of identity protection (which used to cost £14.99 as a standalone product), to keep you safe online.

Verdict
One of the best free security tools now gets even more protection with the inclusion of the "identity protection" module



Read more: http://www.v3.co.uk/vnunet/downloads/2129071/avg-a...


--
Was this reply relevant?
+0
-0
mogs CClip 6
Expert Contributor 1st Jan, 2011 13:07
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
New Year's Resolution......
Keep the maintenance schedule I had in 2010 !

Run CCleaner and Revo ( Junk file cleaner ) on a daily basis...check Disc Cleanup once a week.
http://www.revouninstaller.com/revo_uninstaller_fr...
http://www.piriform.com/ccleaner/update?v=3.02.134...

Run Auslogics Registry Scanner at least once a week.
http://www.auslogics.com/en/software/registry-clea...

Run Revo Evidence Remover every seven days and reclaim space from previously deleted items.

Run two manual defrags and a Boot-Time defrag on a Saturday ( or a Sunday! Ha!)
http://www.puransoftware.com/Puran-Defrag.html

Scan with psi 2.0 twice weekly.

Run laptop battery down and run CHKDSK once a month !

File back-up fits in there somewhere too !

My two year old Tosh is like something half it's age !!!

--
Was this reply relevant?
+0
-0
mogs CClip 7
Expert Contributor 1st Jan, 2011 16:22
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Take Internet Explorer 9 for a test drive
The Internet Explorer 9 web browser promises to be faster and more secure. We explain how to try it out
Computeractive staff Step by step Web 31/12/2010


Before installing Internet Explorer 9, we’d strongly advise making a restore point so that the PC can be wound back if something goes wrong. Click the Start button, right-click Computer and select Properties to open the System section of the Control Panel. Click System Protection in the left-hand task pane to open the System Properties dialogue box. Click the Create button, give the System Restore point a suitable name (such as pre-Internet Explorer 9 Beta) and click Create again. Wait until the restore point is successfully created, then click the Close button.

Step by step instructions
Read more: http://www.computeractive.co.uk/ca/step-by-step/19...


--
Was this reply relevant?
+0
-0
mogs CClip 8
Expert Contributor 1st Jan, 2011 21:05
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Avoid Security Software Overlap
By Rick Broida, PCWorld

Reader LK wants to know if Microsoft Security Essentials (which I've championed in these pages many times) can be installed alongside other anti-virus and/or anti-malware programs.

Short answer: no.

Longer answer: Definitely, definitely, definitely no.

You might think that where security software is concerned, more is better. But you'd be wrong--especially if you're talking about programs that do the same thing, like fight viruses or spyware.

For example, if you were to install MSE on a system that already had Norton Internet Security, the latter might think the former was a kind of spyware--or vice-versa. What's more, one security might not slow down your system that much, but two almost certainly will.

My advice: if you're planning to switch security tools, do exactly that. Uninstall one, reboot, and then install the other.

http://www.pcworld.com/article/209441/avoid_securi...

--
Was this reply relevant?
+0
-0
mogs CClip 9
Expert Contributor 1st Jan, 2011 21:10
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Could Malware Render Your PC Unbootable?
By Lincoln Spector, PCWorld

A lot of people see a PC that won't boot, and assume that it's infected. That's the least likely cause.

I'm not answering a particular reader question this time around, although a recent forum discussion inspired me to write this post.

I hear a lot from people with unbootable computers. Maybe they get a Blue Screen of Death (BSoD) with every boot. Or the PC shuts down before Windows finishes loading. Sometimes an error message tells them that there's no operating system on their hard drive, or no hard drive at all. A great many of these users assume that a "virus" is to blame.

This belief is a cultural leftover from the 1990s, when viruses like Leonardo might render your PC unbootable and your data inaccessible. If your PC was infected by Leonardo (which spread via floppy disks), booting on March 6 appeared to wipe everything off of your hard drive (although someone with reasonable technical skills could retrieve most of it).

Back then, writing malware was a cruel hobby. Today, it's an evil profession. The perpetrators want to use your computer to send out spam, take part in distributed denial-of-service (DDoS) attacks, practice extortion, and infect other computers. And as long as they secretly control your PC, they might as well steal your passwords and credit card numbers, too.

If your PC can't boot, it's useless to them. Therefore, no one writes malware that intentionally causes a catastrophic failure.

Read more at :-
http://www.pcworld.com/article/214666/could_malwar...

--
Was this reply relevant?
+0
-0
mogs CClip 10
Expert Contributor 2nd Jan, 2011 10:03
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
1 January 2011
Hotmail e-mails 'missing' from accounts

Some Hotmail users are reporting that their e-mails are missing from their accounts
A number of people with Hotmail accounts have posted complaints on Microsoft forums complaining that their e-mails have been deleted.

Users around the world say e-mails are missing from their inbox and from other folders within their Hotmail accounts.

A spokeswoman for Microsoft said that the issue of missing e-mails was not a widespread problem.

The company said it is working to rectify the problem and apologised to customers for any inconvenience.

http://www.bbc.co.uk/news/uk-12103707


--
Was this reply relevant?
+0
-0
mogs CClip 11
Expert Contributor 2nd Jan, 2011 10:08
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Spam volume slumped at the end of the year

Not that you would notice
By Nick Farrell
Fri Dec 31 2010, 11:07
THE NUMBER of spam emails slumped at the end of the year, according to people who spend their time watching it.
Commtouch said that there was an 18 per cent drop in global spam levels between September and October. It attributed the drop to the closure of Spamit, which was behind a fair amount of the world's pharmacy spam.
While spammers are usually pretty quick to pick up the slack of one of their number falling, Commtouch said that there was a further drop in spam numbers in December.
December's daily average was around 30 per cent less than September's, which means that the average spam level for the quarter was 83 per cent, down from 88 per cent in the third quarter of 2010.


Read more: http://www.theinquirer.net/inquirer/news/1934497/s...


--
Was this reply relevant?
+0
-0
mogs CClip 12
Expert Contributor 2nd Jan, 2011 13:22
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

XP-AntiSpy 3.97-10
Disable spyware functionality within Windows
Written by Chris Wiles
V3.co.uk, 01 Jan 2011
Type: freeware Platform: Windows XP, Windows Vista Manufacturer:Christian Taubenheim Size: 427KB
Many of us are very wary of the information our computer is sending back to software suppliers over the internet, security issues with the software installed on our computer and scares regarding the Windows operating system.

XP-AntiSpy is a tool that enables you to configure Windows so that it doesn't use the internet to either submit feedback or download information without your knowledge.

For instance, Windows Media Player will look to the internet for information regarding song titles and will automatically download codecs when required.

It has been reported that it might submit usage information to Microsoft, and will save usage information to your system and much more.

Read more at :-
http://www.v3.co.uk/vnunet/downloads/2159358/xp-an...

--
Was this reply relevant?
+0
-0
mogs CClip 13
Expert Contributor 2nd Jan, 2011 16:18
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Facebook generation suffer information withdrawal syndrome
Turning off mobile phones, avoiding the internet and tuning out of the television and radio can leave people suffering from symptoms similar to those seen in drug addicts trying to go cold turkey, researchers have found.

The volunteers who stayed away from all emails, text messages, Facebook and Twitter updates for 24 hours began to develop symptoms typically seen in smokers attempting to give.
The scientists asked volunteers to stay away from all emails, text messages, Facebook and Twitter updates for 24 hours. They found that the participants began to develop symptoms typically seen in smokers attempting to give up

Another fix at :-
http://www.telegraph.co.uk/technology/news/8235302...

--
Was this reply relevant?
+0
-0
mogs CClip 14
Expert Contributor 2nd Jan, 2011 20:38
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Skype facing China shutdown
Most VoIP services on the Chinese mainland are banned by the authorities
Phil Muncaster
V3.co.uk, 02 Jan 2011
Skype users could be dealt a blow after the Chinese authorities reportedly declared the service and other internet telephony services like it illegal

According to the People’s Daily, the decision was taken to protect the businesses of carriers China Telecom and China Unicom, which between them hold a duopoly in the telecoms market in the country.

More at :-
http://www.v3.co.uk/v3/news/2274042/skype-voip-chi...





--
Was this reply relevant?
+0
-0
mogs CClip 15
Expert Contributor 3rd Jan, 2011 08:09
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Stuxnet Leads the Top 10 Most Interesting Malware Threats List for 2010
By Lucian Constantin

According to researchers from antivirus vendor Trend Micro, the most remarkable threat for last year was by far the Stuxnet industrial espionage worm, which managed to get ahead other more long-running threats.

Stuxnet was discovered this summer, but it is believed to have existed since mid-2009. It is widely considered in the malware research community as the most sophisticated computer threat created to date.

At the time of its discovery, Stuxnet exploited four previously unknown vulnerabilities in Windows, at a time when exploiting a single one is a big deal.

Also, its complex code base, which was built for sabotaging industrial control systems, in particular those in uranium enrichment plants, makes this threat a game changer.

More at :-
http://news.softpedia.com/news/Stuxnet-Leads-this-...

--
Was this reply relevant?
+0
-0
mogs CClip 16
Expert Contributor 3rd Jan, 2011 11:06
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Microsoft warns of Office-related malware
by Edward Moye

Microsoft's Malware Protection Center issued a warning this week that it has spotted malicious code on the Internet that can take advantage of a flaw in Word and infect computers after a user does nothing more than read an e-mail.

The flaw was addressed in November in a fix issued on Patch Tuesday, but with malicious code now spotted in the wild, the protection center apparently wants to be sure the update wasn't overlooked.
Symantec underlined the seriousness of the flaw to CNET's Elinor Mills in November:
"One of the most dangerous aspects of this vulnerability is that a user doesn't have to open a malicious e-mail to be infected," Joshua Talbot, security intelligence manager at Symantec Security Response, said at the time. "All that is required is for the content of the e-mail to appear in Outlook's Reading Pane. If a user highlights a ... Read full post & comments


Read more: http://news.cnet.com/security/#ixzz19xuVI4ul

--
Was this reply relevant?
+0
-0
mogs CCip 17
Expert Contributor 3rd Jan, 2011 13:30
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Internet Explorer Possibly Hit by New Zero-Day Vulnerability

January 3rd, 2011, 10:01 GMT| By Lucian Constantin

2011 is already shaping up to be a busy year for Microsoft from a security standpoint, as a reputed researcher warns that Internet Explorer might be suffering from a critical vulnerability already known to third parties.

On January 1, Michal Zalewski aka "lcamtuf," a well known browser security researcher who currently works for Google, published a stack trace for a potentially exploitable Internet Explorer crash.

The trace was obtained with a self-developed fuzzing tool called cross_fuzz, which was shared with Microsoft and other vendors privately in mid-2010.

According to the researcher, on July 26, 2010, he notified Microsoft of multiple crashes and GDI corruption issues in Internet Explorer.

Read more at :-
http://news.softpedia.com/news/Internet-Explorer-P...

--
Was this reply relevant?
+0
-0
mogs CClip 18
Expert Contributor 3rd Jan, 2011 15:23
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows 7 Jumps Over 20% in Global Usage Share Ahead of 2011

January 3rd, 2011, 12:49 GMT| By Marius Oiaga

Windows 7’s strong uptake rate continues to hold steady even as the operating system has entered into its second year on the market.

Released commercially on October 22nd, 2009, Windows 7 now accounts for 20.87% in global usage share according to statistics made available at the start of this year by Internet metrics company Net Applications.

Windows 7 gained no less than 1.18% between November and December 2010, jumping from 19.69% to almost 21%, a milestone which the platform is right on track to also leave behind this month.

Fact is that if both Windows XP and Windows Vista continue to lose market share, Windows 7 will soon have more than double the market share of its predecessor, and almost half of the Windows OS launched in 2001.

More at :-
http://news.softpedia.com/news/Windows-7-Jumps-Ove...

--
Was this reply relevant?
+0
-0
mogs CClip 19
Expert Contributor 3rd Jan, 2011 19:49
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Internet Explorer 9 (IE9) Release Candidate (RC) by the End of January 2011, Reportedly

January 3rd, 2011, 15:15 GMT| By Marius Oiaga

Microsoft is reportedly gearing up to release the Release Candidate of Internet Explorer 9 by the end of January 2011.

The Redmond company has yet to confirm or deny third-party reports that claim to already have the IE9 RC availability deadline, or to comment in any way on the matter at hand.

Various sources are indicating that IE9 RC will actually drop on January 28th, 2011 (via LiveSide and sp3ciali5t), but the reports need to be taken with a grain of salt, until the software giant will offer official confirmation of the release date.

More at :-
http://news.softpedia.com/news/Internet-Explorer-9...

--
Was this reply relevant?
+0
-0
mogs CClip 20
Expert Contributor 3rd Jan, 2011 20:00
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chinese hackers dig into new IE bug, says Google researcher
Microsoft asked Google security engineer to delay release of fuzzer, other information because of 'PR concerns'

By Gregg Keizer
January 3, 2011 06:35 AM ETComments (6)Recommended (11)
Computerworld - An accidental leak may have confirmed Chinese hackers' suspicions that Internet Explorer has a critical unpatched vulnerability, a security researcher said Saturday.

Sunday, Microsoft said it was analyzing the vulnerability.

The bug was one of about 100 found by noted browser vulnerability researcher and Google security engineer Michal Zalewski using a new "fuzzing" tool. The vulnerabilities were in IE, Firefox, Chrome, Safari and Opera.

More at :-
http://www.computerworld.com/s/article/9202959/Chi...

--
Was this reply relevant?
+0
-0
mogs CClip 21
Expert Contributor 3rd Jan, 2011 20:57
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
FireEye Researcher Warns of PDF Security Flaws
January 3, 2011
By eSecurityPlanet Staff

At the 27th Chaos Communication Congress in Berlin, FireEye security researcher Julia Wolf recently described several security flaws in Adobe's PDF standard.

"For instance, a PDF can reportedly contain a database scanner that becomes active and scans a network when the document is printed on a network printer," writes The H Security's Stefan Krempl.

"Wolf said that the document format is also full of other surprises," Krempl writes. "For example, it is reportedly possible to write PDFs which display different content in different operating systems, browsers or PDF readers -- or even depending on a computer's language settings."

More at :-
http://www.esecurityplanet.com/headlines/article.p...

--
Was this reply relevant?
+0
-0
mogs CClip 22
Expert Contributor 4th Jan, 2011 08:42
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Recent Spam Campaign Points to New Storm Botnet By Lucian Constantin

While analyzing a recent spam campaign, security researchers found what seems to be a new version of the Storm or Waledac botnets.

Storm was one of the first and most successful botnets of all times. At its peak, in 2007, it was composed of millions of infected computers and could take entire countries off the Internet.

Microsoft scored a major hit against Storm after adding detection for it to its monthly Malicious Software Removal Tool (MSRT).

The botnet slowly faded away to be replaced by Waledac, a trojan that displays much of the same functionality and particularities. This is why Waledac is considered by some as Storm version 2.

According to the Shadowserver Foundation, a volunteer organization that tracls and fights botnets, a recent junk email campaign distributed links that led to a new Waledac or Storm variant.

The emails come with a subject announcing a holiday e-card, while their body message direct users to links to view the alleged greeting.

More at :-
http://news.softpedia.com/news/Recent-Spam-Campaig...

--
Was this reply relevant?
+0
-0
mogs CClip 23
Expert Contributor 4th Jan, 2011 08:59
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft 'sorry' as Hotmail bug hits 17,000

Load balancing without a safety net
By Gavin Clarke in San Francisco
Posted in Software, 4th January 2011 00:28 GMT
Microsoft has apologized, but not explained why nearly 20,000 Hotmail accounts were mysteriously emptied of their contents during the Christmas holiday.

Corporate vice president for Windows Live Chris Jones blogged on Monday that 17,355 Windows Live Hotmail accounts had lost all their email messages during the course of what he called "mailbox load balancing between servers."

Inboxes and folders starting emptying on December 30, with accounts appearing to be new and people receiving a "Welcome to Hotmail" email from Microsoft. Some affected accounts went back 10 years.

Users took to Hotmail forums pleading for Microsoft to restore their cherished accounts while other took to Facebook, launching a group to share their anguish and frustration with world+dog.

http://www.theregister.co.uk/2011/01/04/microsoft_...

--
Was this reply relevant?
+0
-0
mogs CClip 24
Expert Contributor 4th Jan, 2011 12:19
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Outlook 2010 Downgrades Can Kill Outlook 2007 Access to Email for Outlook Profiles

January 4th, 2011, 08:14 GMT| By Marius Oiaga

Downgrading from Office Outlook 2010 to its predecessor might require a tad more effort from users in order for them to actually be able to open Outlook 2007 and access their emails.

Microsoft has confirmed an issue in which customers uninstalling Outlook 2010 and reinstalling Outlook 2007 have found that they are no longer able to open the email client.
http://news.softpedia.com/news/Outlook-2010-Downgr...

--
Was this reply relevant?
+0
-0
mogs CClip 25
Expert Contributor 4th Jan, 2011 13:22
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Critical Vulnerability Identified in VLC Media Player

January 4th, 2011, 10:25 GMT| By Lucian Constantin

The VideoLAN Project warns about a critical buffer overflow vulnerability in VLC media player which can be exploited to execute arbitrary code remotely.

The vulnerability was confirmed in VLC media player 1.1.5, the latest stable version, but previous releases could also be affected.

The bug is located in the Real demuxer plugin which handles the playback of multimedia files in the Real Media format.

http://news.softpedia.com/news/Critical-Vulnerabil...

--
Was this reply relevant?
+0
-0
mogs CClip 26
Expert Contributor 4th Jan, 2011 21:02
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Fake Windows Security Update Emails Spread Worm

January 4th, 2011, 16:57 GMT| By Lucian Constantin

Security researchers from Sophos warn of a new malware distribution campaign that tries to pass an AutoRun worm as a critical Windows security update.

The spam emails bear a subject of "Update your Windows" and their header is forged to appear as if they originate from a no-reply@microsft.com [intentional domain typo] address.

The rather lengthy message contained within claims that a security update was recently released for all Windows versions, including Windows 2000 which is no longer supported.

http://news.softpedia.com/news/Fake-Windows-Securi...

--
Was this reply relevant?
+0
-0
mogs CClip 27
Expert Contributor 4th Jan, 2011 21:08
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft Does Not Serve Windows Updates Through Email to Users

January 4th, 2011, 11:41 GMT| By Marius Oiaga

How about this for a New Year’s resolution: I will not/no longer fall victim to social engineering schemes.

It’s really not that difficult, all that users have to do is mind the source that’s offering them downloads, updates, free software, or any other type of incentive, but also unsolicited antivirus scans, or any type of advice that can be interpreted as an attempt to scare them into doing something they wouldn’t normally do.

Social engineering schemes are designed to take advantage of the victim’s credulity instead of software vulnerabilities in order to get computers infected with malware.

Customers are often promised various inducements or are urged to take a specific action to save their machines from inexistent security flaws, malware infections, errors, etc.

Microsoft customers are among the most targeted in the world, simply because of the ubiquity of products such as Windows, Office and Internet Explorer.

http://news.softpedia.com/news/Microsoft-Does-Not-...


--
Was this reply relevant?
+0
-0
mogs CClip 28
Expert Contributor 4th Jan, 2011 21:12
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
PHP apps plagued by Mark of the Beast bug

Death by decimal places
By Dan Goodin in San Francisco • Get more from this author
Posted in Security, 4th January 2011 19:08 GMT
Web developers are in a lather following the discovery of a bug in the PHP programming language that causes computers to freeze when they process certain numerical values with large numbers of decimal places.

http://www.theregister.co.uk/2011/01/04/weird_php_...

--
Was this reply relevant?
+0
-0
mogs CClip 29
Expert Contributor 4th Jan, 2011 21:15
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Firefox ahead of IE in Europe, boosted by Chrome effect

Brussels compulsory freedom browse choice helped too
By Kelly Fiveash • Get more from this author
Posted in Applications, 4th January 2011 13:36 GMT
Mozilla’s Firefox just pipped Microsoft’s Internet Explorer to the European post in December, with the open source browser grabbing slightly more market share in Europe than Redmond’s own surfing tool.

According to StatCounter, which monitors browser usage, Firefox scored 38.11 per cent, while Internet Explorer pulled in 37.52 per cent.

In effect, all versions of Firefox and Internet Explorer were neck-and-neck in the final month of 2010, courtesy of Google’s increasingly popular Chrome.

"This is the first time that IE has been dethroned from the number one spot in a major territory," said StatCounter boss Aodhan Cullen.

http://www.theregister.co.uk/2011/01/04/firefox_ju...

--
Was this reply relevant?
+0
-0
mogs CClip 30
Expert Contributor 5th Jan, 2011 08:02
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chrome Beta Channel Update
Tuesday, January 4, 2011 | 17:09
Labels: Beta updates
The Beta channel has been updated to 9.0.597.42 for Windows, Mac, Linux and Chrome Frame.

More details about additional changes are available in the svn log of all revision.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Anthony Laforge
Google Chrome

http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 31
Expert Contributor 5th Jan, 2011 19:39
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Microsoft Warns of Publicly Disclosed Critical Windows Vulnerability

January 5th, 2011, 10:17 GMT| By Lucian Constantin

Microsoft has published a security advisory to warn users about a new zero-day vulnerability in the Windows Graphics Rendering Engine that could allow attackers to execute arbitrary code remotely.

The problem stems from an error in the way the Graphics Rendering Engine processes thumbnail images and can trigger a stack overflow.

The attack vector is similar to the one for the LNK vulnerability (CVE-2010-2568) exploited by Stuxnet, and requires the victim to open a location containing a malformed thumbnail image.

http://news.softpedia.com/news/Microsoft-Warns-of-...

--
Was this reply relevant?
+0
-0
mogs CClip 32
Expert Contributor 5th Jan, 2011 21:27
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Principal developers of the PHP language expect to release within hours a fix to a newly reported issue that can prevent 32-bit systems running PHP from serving pages, a key developer of PHP said on Wednesday morning.

PHP is a popular language for use in Web development. The problem opens up PHP systems to a remotely exploitable DOS attack. It affects Linux and Windows and is related to a floating point issue, said Andi Gutmans, a key developer of PHP and CEO of Zend Technologies, which offers PHP development tools. Systems could get tied up in an infinite loop.

http://www.infoworld.com/d/security-central/php-fl...

--
Was this reply relevant?
+0
-0
mogs CClip 33
Expert Contributor 6th Jan, 2011 08:45
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Last edited on 6th Jan, 2011 08:46
Chrome Beta Channel Update
| 16:10
Labels: Beta updates
The Beta channel has been updated to 9.0.597.44 for Windows, Mac, Linux and Chrome Frame.

Flash Player sandboxing has been temporarily moved behind a flag --enable-flash-sandbox.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Anthony Laforge
Google Chrome


Dev Channel Update
Wednesday, January 5, 2011 | 17:28
Labels: Dev updates
Update: 1/5 10pm PST, the dev channel has now been updated to 10.0.628.0 for Windows as well.

The Dev channel has been updated to 10.0.628.0 for Linux

This release fixes several crashes and small issues:

All
Updated V8 - 3.0.4.1
Updated WebKit - 534.16
Eliminated crash on shutdown after “Clear All Downloads” (Issue 66676)
Known Issues
NaCl SDK - Apps are not working (Issue 62570)

More details about additional changes are available in the log of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann...

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry


--
Was this reply relevant?
+0
-0
mogs CClip 34
Expert Contributor 6th Jan, 2011 10:37
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Security Researchers Verify IE Bug
By Gregg Keizer, Computerworld Jan 6, 2011 2:34 am

French security researchers today confirmed the presence of a bug in Internet Explorer (IE) that's at the center of a spat between Microsoft and a Google security engineer.

According to Vupen, IE8 harbors a vulnerability that can be exploited to hijack a Windows system.

"A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to take complete control of a vulnerable system," said the French firm in an advisory published Wednesday.

Vupen said it confirmed the vulnerability and its exploitability in IE8 running on Windows XP Service Pack 3 (SP3), but believed it could also be leveraged on Windows Vista, Windows 7, Server 2003, Server 2008, and Server 2008 R2.

The security company rated the bug as "critical," its highest threat warning. In a follow-up tweet , Vupen said, "Reproducing was/is hard."

http://www.pcworld.com/article/215676/security_res...

--
Was this reply relevant?
+0
-0
mogs CClip 35
Expert Contributor 6th Jan, 2011 22:10
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Microsoft plans to patch critical Windows bug next week
But it's not ready to fix newest IE and Windows flaws

By Gregg Keizer
January 6, 2011 02:57 PM ETComments (0)Recommended (0)
Computerworld - Microsoft today announced it would release just two security updates next week to patch three vulnerabilities in Windows.

One of the two was tagged with the "critical" label, Microsoft's highest threat ranking, while the other was marked "important." Microsoft typically assigns a critical rating to vulnerabilities that can be exploited with little or no action on the part of a user.

Both updates will patch flaws in Windows.

What Microsoft pegged as "Bulletin 1" in the advance notification it published today will affect only Windows Vista, while "Bulletin 2" will affect all still-supported versions of the OS, with the client editions -- XP, Vista and Windows 7 -- labeled critical and the server software rated important.

"The Vista one is confusing," said Andrew Storms, director of security operations at nCircle Security. "It's either something introduced in Vista but doesn't exist in Windows 7, or the component was rewritten for Windows 7."

Storms speculated that the flaw might be in a part of operating system that's little used, such as the task scheduler.

http://www.computerworld.com/s/article/9203743/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 36
Expert Contributor 7th Jan, 2011 08:51
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Google Apps Customers Get Email Authentication for Free

January 6th, 2011, 17:49 GMT| By Lucian Constantin

Google is ramping up its anti-spam efforts by offering customers of its Google Apps cloud-service the possibility of signing their outgoing emails via DKIM.

DKIM, or DomainKeys Identified Mail, is an email authentication method in which an email is associated with a domain name in order to ensure its origin.

http://news.softpedia.com/news/Google-Apps-Custome...

--
Was this reply relevant?
+0
-0
mogs CClip 37
Expert Contributor 7th Jan, 2011 08:54
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Researcher breaks security sandbox in Adobe Flash
Alert Print Post comment Retweet Facebook
Bypassing security with mhtml
By Dan Goodin in San Francisco • Get more from this author
Posted in Security, 7th January 2011 01:05 GMT
A security researcher has found a way to bypass a measure in Adobe's Flash Player that's designed to harden it against hack attacks.

Billy Rios, a Google researcher who published the method on his personal website, said it circumvents the local-with-filesystem sandbox, which is supposed to prevent Flash files loaded locally from passing data to remote systems.

http://www.theregister.co.uk/2011/01/07/adobe_flas...

--
Was this reply relevant?
+0
-0
mogs CClip 38
Expert Contributor 7th Jan, 2011 09:11
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chrome Beta Update
Thursday, January 6, 2011 | 16:38
Labels: Beta updates
The Beta channel has been updated to 9.0.597.45 for Windows, Linux and Chrome Frame.

Flash Player sandboxing has been restored, and accelerated composting and WebGL have been moved behind flags temporarily: --enable-accelerated-compositing and --enable-webgl respectively.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Anthony Laforge
Google Chrome
3 comments | Links to this post | Email Post

--
Was this reply relevant?
+0
-0
mogs CClip 39
Expert Contributor 7th Jan, 2011 09:14
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
50,000 hacked iTunes accounts up for auction in China



by Darren Allan

It seems that hacked iTunes accounts are being flogged off at TaoBao.com, the Chinese equivalent of eBay.

The Global Times reports that some 50,000 illegal accounts are on the go, for asking prices between 1 and 200 yuan (around $30).

For your $30, you get $200 worth of “credit” on iTunes which you have to spend within 24 hours, or you’ll turn into a pumpkin (either that, or the person whose account you’ve blagged your way onto will suss something’s up and cancel it).

http://www.techwatch.co.uk/2011/01/06/50000-hacked...

--
Was this reply relevant?
+0
-0
mogs CClip 40
Expert Contributor 7th Jan, 2011 10:33
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Only Two Patches - One Critical - on Patch Tuesday

By Stuart J. Johnston

Microsoft has a late Christmas present for security professionals in January.

Following what was one of the largest patch releases in Microsoft's (NASDAQ: MSFT) history last month, the company's first Patch Tuesday of 2011 – coming next week – will only feature two patches, just one of which is rated critical.

In comparison, last month, Microsoft released 17 patches that fixed a total of 40 security vulnerabilities, making a lot of security staffers work overtime close to the holidays in order to get them all tested and installed.

A company official, however, cautioned that neither of this month's patches will fix two recently confirmed zero-day vulnerabilities.

http://www.esecurityplanet.com/patches/article.php...

--
Was this reply relevant?
+0
-0
mogs CClip 41
Expert Contributor 7th Jan, 2011 21:18
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft Postpones Patching of Two Critical 0-Day Vulnerabilities

January 7th, 2011, 08:23 GMT| By Lucian Constantin

Microsoft announced that it doesn't plan to patch two publicly known 0-day vulnerabilities in Internet Explorer and Windows during this month's Patch Tuesday.

Next week, on January 11, the Redmond software giant is scheduled to release its monthly batch of security bulletins, however, it will leave out some of the most serious issues.

One of the two bulletins announced for next Tuesday affects only Windows Vista and is rated as Important, while the other affects all supported Windows versions and has a severity rating of critical.

http://news.softpedia.com/news/Microsoft-Postpones...

--
Was this reply relevant?
+2
-2
mogs CClip 42
Expert Contributor 7th Jan, 2011 21:21
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Firefox 4.0 Beta 9 Drops Next Week

January 7th, 2011, 15:25 GMT| By Marius Oiaga

Mozilla is gearing up to release the ninth Beta of the next iteration of its open source browser.

According to the open source browser maker, the current plan is to have Firefox 4.0 offered to testers next week.

Following a range of delays which impacted the Firefox 4.0 project, the Beta 9 development milestone was pushed into early 2011.

The upcoming test release of the open source browser is intended as a date-driven Beta, and Mozilla hopes to have it right this time around.

http://news.softpedia.com/news/Firefox-4-0-Beta-9-...

--
Was this reply relevant?
+0
-0
mogs CClip 43
Expert Contributor 8th Jan, 2011 10:18
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Malware Possibly Distributed Through OpenX.org
January 7th, 2011, 18:56 GMT| By Lucian Constantin



According to notifications from Google's Safe Browsing service, openx.org, home to a leading open source ad server package, might be used as an intermediary for malware.

The problem was observed by researchers from Web security company Sucuri, which provides a website integrity monitoring solution.

"We are tracking a few sites that are currently blacklisted and showing a warning from Google that openx.org (home of a popular open source ad server) is the site responsible for the infection," warns Sucuriresearcher David Dede.

Indeed, the Google Safe Browsing diagnostic page for openx.org claims that "over the past 90 days, openx.org appeared to function as an intermediary for the infection of 82 site(s)."

This doesn't mean that openx.org is hosting the malware itself, only that it is serving as a doorway. This could point to malicious ads being served via the OpenX network.

http://news.softpedia.com/news/Malware-Possibly-Di...

--
Was this reply relevant?
+0
-0
mogs CClip 44
Expert Contributor 8th Jan, 2011 10:23
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
IPv6 guide provides path to secure deployment of next-generation Internet protocol

As the day draws nearer for the world to run out of the unique addresses that allow us to use the Internet—now predicted to happen by the end of 2012—researchers at the National Institute of Standards and Technology (NIST) have issued a guide for managers, network engineers, transition teams and others to help them deploy the next generation Internet Protocol (IPv6) securely.
Guidelines for the Secure Deployment of IPv6 (NIST Special Publication 800-119), describes the features of IPv6 and the possible related security impacts, provides a comprehensive survey of mechanisms to deploy IPv6 and suggests a deployment strategy for a secure IPv6 environment.
The ballooning popularity of devices, such as smart phones and netbooks, tied to the Internet is rapidly depleting the number of so-called IP addresses available under the current Internet Protocol version 4 (IPv4), so the networkers of the world are preparing to move to the next generation, IPv6. Among other improvements, IPv6 has a vastly greater number of potential addresses—several billion per each of the world's current population of about 6.9 billion people.

http://www.physorg.com/news/2011-01-ipv6-path-depl...

--
Was this reply relevant?
+0
-0
mogs CClip 45
Expert Contributor 8th Jan, 2011 21:53
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Switch off visual effects to speed up Windows
Fine-tuning the way Windows uses visual effects can improve performance in XP, Vista and 7
Computeractive staff Step by step Windows 06/01/2011



Read more: http://www.computeractive.co.uk/ca/step-by-step/19...


--
Was this reply relevant?
+0
-0
mogs CClip 46
Expert Contributor 9th Jan, 2011 10:46
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

How can I fix System Restore?
Stop Norton Internet Security interfering with Windows System Restore
Computeractive staff PC help Windows 08/01/2011


Change Norton's settings to fix Windows restore tools
I had a serious problem when using Windows System Restore: it would never complete and instead displayed an error message telling me that it couldn’t go back to a previous time.


Read more: http://www.computeractive.co.uk/ca/pc-help/1933321...


--
Was this reply relevant?
+0
-0
mogs CClip 47
Expert Contributor 9th Jan, 2011 10:49
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Q Following Computeractive's advice on defragmenting a hard disk, I tried to do this. However, I was thwarted by a lack of space. The hard disk capacity is reported as 28.63GB with 3.76GB storage space left.
According to Disk Defragmenter, 15 per cent of my hard disk must be available for the defragmentation to proceed. However, my disk has just 13 per cent of its space free.
I have a fear of deleting applications and files, not least because everything looks like it is required. What can I do?


Read more: http://www.computeractive.co.uk/ca/pc-help/1931344...


--
Was this reply relevant?
+0
-0
mogs CClip 48
Expert Contributor 9th Jan, 2011 11:05
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

The Net Delusion by Evgeny Morozov: review
The internet was supposed to help free oppressed people but.......
By John Preston 6:00AM GMT 09 Jan 2011

It wasn’t supposed to be like this, of course. According to the prophets, the scribes and the wiseacres, the arrival of the internet was going to be the biggest thing to happen to democracy since the invention of the ballot box. With free access to information and communications, populations would rise up, topple totalitarian regimes and send dictators fleeing into the night.

Or so the theory went. And it’s proved to be a remarkably resilient theory – one that’s continued to dominate the thinking of Western 'cyber-utopians’ despite teetering piles of evidence to the contrary. When Iranians demonstrated against Mahmoud Ahmadinejad’s regime in 2009, the spark that fired the dissident masses was widely and po-facedly identified as being… Twitter. Let the people tweet and they will tweet their way to freedom, insisted scores of ostensibly sane people.

Read more at :-
http://www.telegraph.co.uk/culture/books/8241377/T...

--
Was this reply relevant?
+0
-0
mogs CClip 49
Expert Contributor 9th Jan, 2011 20:55
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Improve dual booting in Windows 7 and Vista with EasyBCD
Adjust Windows Vista's boot process
Tim Smith Download review Utilities 05/01/2011


Running more than one operating system on a computer can give you the best of both worlds, but Windows does not always want to co-operate. EasyBCD is a clever utility that makes it easy to set up the boot menu just how you want it, and can even be used to book from CD images and make bootable USB memory keys.
Installation is simple and the interface is well designed. It is easy to change the default operating system and how long the menu shows before it selects the default option.
The iReboot utility sits in the Notification Area and lets you select which operating system to use when the computer is restarted. We know from experience that it is easy to miss the boot menu and have to start the process all over again.
One use for this software is for installing Windows XP on a computer with Windows Vista. EasyBCD can be used to add Windows XP to the Vista boot menu.
It supports other operating systems and so can be used to dual-boot Vista with Linux as well.


Read more: http://www.computeractive.co.uk/ca/download-review...


--
Was this reply relevant?
+0
-0
mogs CClip 50
Expert Contributor 10th Jan, 2011 19:23
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Serious DOM Vulnerabilities Found in Many Well-Funded WebSites
January 10th, 2011, 10:14 GMT| By Lucian Constantin

A study performed by security researchers from IBM revealed that around one in seven websites belonging to the world's wealthiest companies is plagued by DOM-based cross-site scripting vulnerabilities or open redirects.

The research was performed on a set of 675 websites, those of all Fortune 500 companies plus an additional 175 handpicked ones, belonging to security vendors, reputable IT firms or social networks.

Researchers used a crawler to retrieve 200 random pages from each website with complete HTML, JavaScript and CSS code and then scanned them in a controlled environment with an internally-developed tool called JavaScript Security Analyzer (JSA).
More at :-
http://news.softpedia.com/news/Serious-DOM-Vulnera...

--
Was this reply relevant?
+0
-0
mogs CClip 51
Expert Contributor 10th Jan, 2011 19:36
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Security experts warn of PayPal phishing scam
Email alerts designed to steal personal details
David Neal
V3.co.uk, 10 Jan 2011
Security experts at Sophos have warned PayPal users to look out for fraudulent emails about 'account limitations' that attempt to harvest log-in details.

Graham Cluley, senior technology consultant at the vandor, said in a blog post that the bogus emails claim that accounts have been temporarily limited, and ask for user log-in details to remedy the 'problem'.

"Plenty of people have been targeted by an attack which uses the subject line 'Your account has



Read more: http://www.v3.co.uk/v3/news/2274158/paypal-securit...



--
Was this reply relevant?
+0
-0
mogs CClip 52
Expert Contributor 11th Jan, 2011 08:59
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

More Google Blogs
Visit our directory for more information about Google blogs.

Chrome Beta Channel Update
Monday, January 10, 2011 | 16:13
Labels: Beta updates
The Beta channel has been updated to 9.0.597.47 for Windows.

Flash Player sandboxing has been restored for all platforms but XP as has accelerated composting and WebGL.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Anthony Laforge
Google Chrome
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 53
Expert Contributor 11th Jan, 2011 09:35
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Top 10 Tech Scares of the Decade
The past ten years saw some terrifying technology--and we haven't even faced the Death Star yet.
By Sarah Jacobsson Purewal, PCWorld Jan 11, 2011 2:00 am

The dawn of the new millennium prompted fears about the future, but so far reality has not quite matched the predictions of catastrophe. The first ten years passed uneventfully--well, aside from Y2K and a bunch of intelligent computer viruses. Here's a look back at the past decade, and ten of the most terrifying tech scares.

More at :-
http://www.pcworld.com/article/214403/top_10_tech_...

--
Was this reply relevant?
+0
-0
mogs CClip 54
Expert Contributor 11th Jan, 2011 09:50
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Last edited on 11th Jan, 2011 09:51
Download Google Chrome 9.0.597.45 Beta

January 10th, 2011, 15:00 GMT| By Marius Oiaga

Google has made available for download and testing the third update to the Chrome Beta Channel in 2011.

Users running Windows and Linux can now grab Google Chrome Beta Build 9.0.597.45, with Anthony Laforge, Google Chrome PM noting that Chrome Frame Beta was also refreshed.

Build 9.0.597.45 supersedes the Chrome Beta release made available for download the past week.

When it updated the Beta channel to 9.0.597.44 for Windows on January 5th, the Mountain View-based search giant also disabled sandboxing for Flash.

As early adopters testing Chrome 9.0 already know, the browser includes the Adobe Flash Player by default in an effort to make it simpler for users to enjoy Flash content on the web, without being required to download, install and update the plug-in separately from the browser.
More at :-
http://news.softpedia.com/news/Download-Google-Chr...


--
Was this reply relevant?
+0
-0
mogs CClip 55
Expert Contributor 11th Jan, 2011 13:26
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Keep the Windows 7 desktop tidy
Work faster by mastering the operating system’s window-management tools
Computeractive staff Step by step Windows 11/01/2011


Read more: http://www.computeractive.co.uk/ca/step-by-step/19...


--
Was this reply relevant?
+0
-0
mogs CClip 56
Expert Contributor 11th Jan, 2011 18:26
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
US dominates spam sending tables

Oh say can you phish...
By David Neal
Tue Jan 11 2011, 14:50
THE UNITED STATES leads insecurity firm Sophos' Dirty Dozen list of spam sending countries.
According to the company, the US has extended its lead over the, um, competition, and is responsible for almost one in five of all junk mails sent.
In fact just under 19 per cent of all spam messages come from across the Atlantic, because, Sophos added, of the sheer number of hacked and compromised computers in the country.
The UK has decreased the amount of junk mail that it sends out, albeit slightly. According to the list it cut the amount of junk mail leaving its shores by around half a per cent, from 5 per cent to 4.5 per cent, which if nothing else is worthy of some typically British light applause.
While the US is sending out spam, it also appears to be suckered by it too, as Sophos added that around 36 million of its residents had admitted to buying pharmaceuticals from unlicensed online stores.


Read more: http://www.theinquirer.net/inquirer/news/1936245/d...


--
Was this reply relevant?
+0
-0
mogs CClip 57
Expert Contributor 11th Jan, 2011 21:34
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Fake Coca-Cola Survey Emails Lead to Phishing Page
January 11th, 2011, 15:42 GMT| By Lucian Constantin

Security researchers from email security vendor AppRiver warn of a new phishing campaign which produces emails offering a reward taking part in a Coca-Cola opinion poll.

The fake emails began hitting people's inboxes yesterday and bear a subject of "Happy New Year." Their header has been spoofed to appear as if they come from a customers@cocacola.us email address.

The message contained within is a bit confusing, as it portrays the well known company as a polling organization interested in peoples opinion about current events.

"You have been selected to participate in a public opinion poll conducted by Coca Cola, a non-partisan polling organization.
More at :-
http://news.softpedia.com/news/Fake-Coca-Cola-Surv...

--
Was this reply relevant?
+0
-0
mogs CClip 58
Expert Contributor 11th Jan, 2011 21:39
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Free Software for Disc Burning, OS Optimization and Photo Organization

January 11th, 2011, 18:45 GMT| By Ionut Ilascu

Ashampoo starts 2011 with a hard to refuse offer: a package of three programs, completely free of charge. The bundle includes an optimization application for your system, their famous Burning Studio suite and photo organizer, Photo Commander.

The three programs are offered by Ashampoo through Softpedia with no strings attached. The only requirement to benefit from their full power is to register with the German company in order to receive the license code via email.

Burning Studio Advanced 2010, WinOptimizer and Photo Commander make for more than $100 worth of software. Although these are not the latest versions of the applications, you’ll notice that there aren’t drastic differences and their relevance has not faded with the release of the new editions.

Read more at :-
http://news.softpedia.com/news/Free-Software-for-D...

--
Was this reply relevant?
+0
-0
mogs CClip 59
Expert Contributor 12th Jan, 2011 18:27
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Microsoft Issues Workaround for Actively Exploited 0-Day IE Vulnerability
January 12th, 2011, 12:34 GMT| By Lucian Constantin

Microsoft is investigating reports of a zero-day Internet Explorer vulnerability being exploited in the wild and has released a workaround for customers to protect themselves until a permanent patch is ready.

The vulnerability, identified as CVE-2010-3971, was originally reported on the Full Disclosure mailing list on December 8 as a denial of service condition.

However, vulnerability researchers who later analyzed it, discovered that it can also be exploited to execute arbitrary code.

The flaw stems from a use-after-free memory error within the "mshtml.dll" library and affects all versions of Internet Explorer running on all supported Windows variants.

A group called Abysssec Security Research developed a working exploit capable of bypassing the DEP and ASLR protection mechanisms and added it to the Metasploit open source penetration testing framework.

Under these conditions it was only a matter of time until malware authors began targeting the vulnerability and postponing a patch increases the chances of more attacks being launched.

Microsoft did, however, release a workaround yesterday, in the form of a "Fix It" tool that companies can deploy throughout their networks.

Read more at :-
http://news.softpedia.com/news/Microsoft-Publishes...

--
Was this reply relevant?
+0
-0
mogs CCClip 60
Expert Contributor 12th Jan, 2011 18:30
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chrome Dev Channel Update
Tuesday, January 11, 2011 | 12:38
The Dev channel has been updated to 10.0.634.0 for Linux, Mac, Windows and Chrome Frame

This release fixes several crashes and small issues:

All
Updated V8 - 3.0.6.1
Chrome no longer says "restart required" when there's no update (Issue 67478)
Known Issues
Clear browsing data settings in DOMUI options does not work (Issue 69163)

More details about additional changes are available in the log of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann...

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Karen Grunberg
Google Chrome
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 61
Expert Contributor 12th Jan, 2011 18:35
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Bogus Kama Sutra presentation opens your backdoor to hackers

NSFW 'PowerPoint' file rogers Windows machines
By John Leyden • Get more from this author
Posted in Malware, 12th January 2011 15:05 GMT
A booby-trapped Kama Sutra-themed presentation will plant a backdoor when run on Windows machines, security watchers warn.

The supposed PowerPoint presentation file – called Real kamasutra.pps.exe* – supposedly demonstrates different sexual positions. The file does include a NSFW slideshow of 13 different positions, but this is just a decoy.

The real purpose of the distribution is to install a Trojan called AdobeUpdater.exe, and identified by net security firm Sophos as Bckdr-RFM. Compromised machines might be used to send spam or spy on users, among other malicious purposes.

More at :-
http://www.theregister.co.uk/2011/01/12/powerpoint...

--
Was this reply relevant?
+0
-0
mogs CClip 62
Expert Contributor 12th Jan, 2011 18:38
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Mozilla plots February Firefox 4 release

'Tired and stressed' team prepare for lift off
By Kelly Fiveash • Get more from this author
Posted in Applications, 12th January 2011 12:45 GMT
Firefox 4 is nearly ready for showtime, according to a recent post on Mozilla's mailing list.

"I'm seeing the same burst of excitement and activity that we've seen in the endgame of every release," the open source browser maker's platform engineering director Damon Sicore enthusiastically noted yesterday.

He said that Mozilla has around 160 hard blockers to knock down, before proceeding to Release Candidate stage of the next iteration of the outfit's browser.

More at :-
http://www.theregister.co.uk/2011/01/12/mozilla_fi...

--
Was this reply relevant?
+0
-0
mogs CClip 63
Expert Contributor 13th Jan, 2011 09:45
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Adobe (finally) makes it easier to delete Flash cookies

Privacy menace made manageable
By Dan Goodin • Get more from this author
Posted in Security, 13th January 2011 05:00 GMT
Adobe has finally fixed a privacy weakness that threatened users of its ubiquitous Flash Player: the software's storing of cookie-like files that many websites used to track visitors' behavior against their wishes.

So-called LSOs, or local shared objects, are useful for storing user preferences, such as the preferred sound volume when visiting YouTube, but the Flash feature comes with a dark side. Unscrupulous websites can use them to restore tracking cookies even after a user deliberately deletes them. Files that do this have come to be known as Flash cookies.

Read more at :-
http://www.theregister.co.uk/2011/01/13/deleting_f...

--
Was this reply relevant?
+0
-0
mogs CClip 64
Expert Contributor 13th Jan, 2011 09:50
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Microsoft to offer beginner dev tool dubbed WebMatrix
By Paul Krill
January 12, 2011 07:10 PM ETComments (0)Recommended (1)
InfoWorld - Making multiple moves in the Web development space, Microsoft is introducing this week both a website building tool for neophytes and the third major version of its MVC (Model View Controller) technology.

Due Thursday, WebMatrix is "a new tool to make it easier for people to build Web sites," said Microsoft's Brian Goldfarb, director of Web platform and tools. Geared for students and new developers, WebMatrix is a text-based tool for writing code. The free tool supports ASP.Net and PHP development. Users could write applications like a Facebook Like button or a Twitter search capability, or start an application from scratch.

Read more at :-
http://www.computerworld.com/s/article/9204845/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 65
Expert Contributor 13th Jan, 2011 09:54
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK


Chrome Stable Release
Wednesday, January 12, 2011 | 15:15
Labels: Stable updates

Chrome on stable channel has been updated to 8.0.552.237 for all platforms. Chrome OS has also been updated, to 8.0.552.334. These releases contain the security fixes listed below.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

We’re delighted to offer our first “elite” $3133.7 Chromium Security Reward to Sergey Glazunov. Critical bugs are harder to come by in Chrome, but Sergey has done it. Sergey also collects a $1337 reward and several other rewards at the same time, so congratulations Sergey!

Also of note is a clarification on our default charity policy. Some researchers are unable to accept rewards, or even provide a suggestion for a charity. In such cases, it feels like a shame to lose a charitable contribution so we will default reward money to the Red Cross.
[58053] Medium Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community.
[$1337] [65764] High Bad pointer handling in node iteration. Credit to Sergey Glazunov.
[66334] High Crashes when printing multi-page PDFs. Credit to Google Chrome Security Team (Chris Evans).
[$1000] [66560] High Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
[$500] [66748] High Stale pointer with CSS + cursors. Credit to Jan Tošovský.
[67100] High Use after free in PDF page handling. Credit to Google Chrome Security Team (Chris Evans).
[$1000] [67208] High Stack corruption after PDF out-of-memory condition. Credit to Jared Allar of CERT.
[$1000] [67303] High Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT.
[$500] [67363] High Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz.
[$1000] [67393] Medium Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc.
[$1000] [68115] High Vorbis decoder buffer overflows. Credit to David Warren of CERT.
[$1000] [68170] High Buffer overflow in PDF shading. Credit to Aki Helin of OUSPG.
[$1000] [68178] High Bad cast in anchor handling. Credit to Sergey Glazunov.
[$1000] [68181] High Bad cast in video handling. Credit to Sergey Glazunov.
[$1000] [68439] High Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined).
[$3133.7] [68666] Critical Stale pointer in speech handling. Credit to Sergey Glazunov.
Full details about the Chrome changes are available in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 66
Expert Contributor 13th Jan, 2011 14:00
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Can a Powerpoint presentation running on a CD contain a virus?
We explain if it's possible for your PC to contract a virus from a disc
Computeractive staff PC help Antivirus 12/01/2011


Powerpoint has been a target of virus attacks in the past
Q A work colleague has said a computer can be infected with a virus when running a Powerpoint presentation directly from a CD.
Can a computer take a virus on board when a piece of software, in this case Microsoft Powerpoint, runs with data from a CD?
Getting viruses from the internet is understood, as well as from downloading illegal software, but can it really be contracted as my friend says?
Robert Richards
A Although ‘virus’ is now taken to mean almost any kind of malicious software, it technically only refers to one specific type: a malicious program that secretly installs itself on one computer and then spreads to others.
The infection can take many forms, including adding hidden data to application documents, and Powerpoint has been a target of such attacks in the past. So the short answer is yes, your colleague is right.
Viruses of this type have been overshadowed by internet worms and other types of malicious software, but an up-to-date anti-virus utility will still catch them.
It’s essential to keep Windows and its applications updated too, since this will close many of the security holes that malicious software tends to exploit.


Read more: http://www.computeractive.co.uk/ca/pc-help/1933333...


--
Was this reply relevant?
+0
-0
mogs CClip 67
Expert Contributor 14th Jan, 2011 11:11
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

IE9 RC Possible UI Tweaks, Tab Repositioning

January 13th, 2011, 16:06 GMT| By Marius Oiaga

Microsoft already confirmed one new feature for the Release Candidate of Internet Explorer 9, but apparently the company is also cooking some changes to the graphical user interface.

A recent video that made its way in the wild seems to indicate modifications to Tabbed browsing in IE9 RC.

Early adopters familiar with the beta development milestone of IE9 undoubtedly already know that the browser ships with a very simple UI.

This move is designed to put all the focus on the websites rather than on the browser, according to the IE team, and far from me to disagree with them.

IE9’s UI is certainly more subtle, and contributes to pushing the browser to the background and leaving site take center-stage.

Read more at :-
http://news.softpedia.com/news/IE9-RC-Possible-UI-...


--
Was this reply relevant?
+0
-0
mogs CClip 68
Expert Contributor 14th Jan, 2011 17:37
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Complete internet protection at no cost with Comodo Internet Security
Anti-virus protection with a firewall to prevent unauthorised access to your PC
Tim Smith Download review Antivirus 12/01/2011


Comodo Internet Security has a good selection of tools to keep your computer safe online. There are anti-virus and anti-spyware scanners and a firewall that regulates access to your computer. The Auto Sandbox technology lets you install software without giving it access to important settings or your files.
Installation is easy. There is the opportunity to register your email address for updates, but it is not manditory. There is also a 60-day trial of Geek Buddy, a remote access program for technical support. A restart is requierd after the installation has finished but that's not unusual for security software.
Comodo also offers a replacement DNS service. Using a different DNS server can speed up your browsing and offers protection from phishing and malicious web sites. Again this is optional.
When a connection to a network is detected Comodo will ask you to name it and then choose whether other computers on the network should be able to see it.
The interface is clean and easy to use with a summary page showing important information and a clear icon that alerts if anything needs attention.
This is the 32-bit version of Comodo Internet Security. The 64-bit version can be found on the Internet Security Download page here.


Read more: http://www.computeractive.co.uk/ca/download-review...


--
Was this reply relevant?
+0
-0
mogs CClip 69
Expert Contributor 14th Jan, 2011 19:35
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Oracle plans to release 66 patches on Tuesday
By Chris Kanaracus
January 14, 2011 12:16 PM ET
IDG News Service - Oracle is planning on Tuesday to release 66 security patches affecting hundreds of products, according to a notice on its Web site.

A number of the patches are for vulnerabilities that meet the most serious risk level under the Common Vulnerability Scoring System, Oracle said. Products affected include Oracle Audit Vault, JRockit, Solaris and WebLogic Server.

Six of the patches fix vulnerabilities in Oracle's flagship database. Two of the bugs can be exploited remotely without a user name or password.

Sixteen patches target Oracle middleware products. Twelve of those vulnerabilities allow for remote exploitation without authentication, Oracle said.

Other fixes are aimed at Oracle's Enterprise Manager, PeopleSoft, JD Edwards, Glassfish and OpenOffice.

Oracle is also set to release patches for Java SE and Java for Business in February.

http://www.computerworld.com/s/article/9205121/Ora...

--
Was this reply relevant?
+0
-0
mogs CClip 70
Expert Contributor 14th Jan, 2011 21:48
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Windows 7 SP1 Is Gold, Microsoft Confirms

January 14th, 2011, 19:01 GMT| By Marius Oiaga

I know that this morning I said that Microsoft reportedly released Windows 7 Service Pack 1 to manufacturing, but it appears that the third-party sources were indeed correct.

While the Redmond company has yet to announce officially the finalization of the first upgrade for Windows 7, a member of the Microsoft Russia Windows Virtualization team revealed that Service Pack 1 is indeed Gold, and this is as close as from the horse’s mouth as possible, I guess. (via WinRumors)

Here is the rough translation of an excerpt from the blog post of a Microsoft Russia employee courtesy of Google Translate:

Read more at :-
http://news.softpedia.com/news/Windows-7-SP1-Is-Go...

--
Was this reply relevant?
+0
-0
mogs CClip 71
Expert Contributor 15th Jan, 2011 08:04
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Download Firefox 4.0 Beta 9

January 14th, 2011, 15:29 GMT| By Marius Oiaga

The ninth Beta development milestone of Firefox 4.0 is now available for download.

Although Mozilla has yet to announce officially the general availability of Firefox 4.0 Beta 9, the bits are already live on the company’s FTP servers.

Softpedia readers have been able to read about the imminent launch of Firefox 4.0 Beta 9 since last week, and again yesterday when Damon Sicore, Mozilla senior director of platform engineering revealed that Firefox 4.0 Final was due by the end of February 2011.

Beta 9 is toward the end of the Beta development program for Firefox 4.0, and as such, customers should not expect extensive changes, simply because there aren’t any.

According to the open source browser maker, here are the most consistent modifications compared to Beta 8:

“•Overhaul of the bookmarks and history code, enabling faster bookmarking and startup performance;

•Per-compartment garbage collection is now enabled, reducing work done during complex animations.”

At this point in time, the focus with the development process of Firefox 4.0 is to soften all the rough edges of the open source browser and get it ready for release.

More at :-
http://news.softpedia.com/news/Download-Firefox-4-...

--
Was this reply relevant?
+0
-0
mogs CClip 72
Expert Contributor 15th Jan, 2011 11:30
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Fake Anti-Virus Keygen Steals Software Keys

January 14th, 2011, 18:38 GMT| By Lucian Constantin

Security researchers from Kaspersky Lab have come across a keygen for the company's products which has two information stealing trojans bundled with it.

The keygen was recently spotted on file sharing websites and promises to generate serial keys for Kaspersky Anti-Virus 2010, Kaspersky Internet Security 2010 and Kaspersky Simple Scan 2010.

Kaspersky Lab's Vyacheslav Zakorzhevsky warns that its interface is just a facade for a trojan dropper.

"While the freebie lover is waiting for the result, two pieces of malware that were stealthily installed and launched by the dropper make themselves at home on the PC," he notes.

More at :-
http://news.softpedia.com/news/Fake-Anti-Virus-Key...

--
Was this reply relevant?
+0
-0
mogs CClip 73
Expert Contributor 15th Jan, 2011 19:49
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Google plugins force-feed open codec to IE and Safari

Remakes web in own image
By Cade Metz in San Francisco • Get more from this author
Posted in Music and Media, 15th January 2011 06:40 GMT
Google will soon release plug-ins for both Internet Explorer and Safari that play nicely with WebM, the open source and royalty-free video codec that Apple and Microsoft aren't inclined to adopt on their own.

The move comes two days after Google announced that its Chrome browser would no longer support H.264, the royalty-encumbered video codec favored by Apple and Microsoft.

When Google yanked H.264 from Chrome, it was hit with criticism from both sides of the HTML5 video wars, and on Friday, Google product manager Mike Jazayeri felt the need to – in his words – "answer some of the questions raised" by the ongoing online debate. For the most, his post answered questions we already had answers to. But in an aside, at the bottom of the post, he announced those WebM plug-ins for IE and Safari.

More at :-
http://www.theregister.co.uk/2011/01/15/google_doe...

--
Was this reply relevant?
+0
-0
mogs CClip 74
Expert Contributor 15th Jan, 2011 19:54
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
2011 01:25 PM ET
Computerworld - Nearly a month after it yanked an Outlook 2007 update over connection and performance problems, Microsoft this week re-released the patch to correct its mistakes.

Microsoft re-issued the Outlook 2007 update on Tuesday, saying it had addressed the problems with connecting to mail servers, sluggish folders and automatic archiving that surfaced almost immediately after the original fix was offered to users Dec. 14.

The company pulled the update from its patch service two days later and apologized for the gaffe.

In a post to the Office team's blog, Microsoft urged users to retrieve the reworked update via Windows Update, or by manually downloading the new version from its site.

More at :-
http://www.computerworld.com/s/article/9205139/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 75
Expert Contributor 15th Jan, 2011 20:02
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft releases Windows 7 SP1 to OEMs

Updated Finally nears public release
By Lawrence Latif

PERENNIAL SOFTWARE PATCHER Microsoft has finally released Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 to original equipment manufacturers (OEMs).
Microsoft made the announcement on its Russian Technet website by virtue of an "About Windows" screen-grab showing Windows Server 2008 R2 running build 7601. It proceeded to confirm that the final SP1 build for Windows 7 will be 7601.17514.win7sp1_rtm.101119-1850 and that OEMs were in possession of the Vole's latest consolidated security and glitch update.
Although Microsoft's Technet posting claims SP1 will be released to end users today, the Vole usually releases major patches such as this on a Tuesday, leading Redmond watchers to think that the public download is a few days off at the earliest.


Read more: http://www.theinquirer.net/inquirer/news/1937288/m...


--
Was this reply relevant?
+0
-0
mogs CClip 76
Expert Contributor 16th Jan, 2011 09:33
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Wikipedia is too complicated for many people to modify despite billing itself as "the free encyclopedia that anyone can edit", its founder has said.

Jimmy Wales told BBC News the site wants a new generation of contributors, including more women.

The online encyclopedia, which is 10 years old on 15 January, is the world's fifth most popular site.

It aims to increase its users from 400m to 1bn by 2015. But growth requires a new interface, said Mr Wales.

"We have to support our old power users because they build the site," he said. "But we also need to have a ramp for new users."

He said a lot of people were "afraid" to contribute to the site by the sometimes complicated code - known as Wiki mark-up - needed to format entries.

"If you click edit and you see some Wiki syntax and some bizarre table structure - a lot of people are literally afraid.

http://www.bbc.co.uk/news/technology-12171977

--
Was this reply relevant?
+0
-0
mogs CClip 77
Expert Contributor 16th Jan, 2011 10:04
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Generators

These tools were created as it can be hard to create a meaningless shared secret or a passwords on the spot.
Password generator - Random number generator
See at :-
http://www.techzoom.net/tools/password-generator.e...


--
Was this reply relevant?
+0
-0
mogs CClip 78
Expert Contributor 16th Jan, 2011 13:15
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hate mobs thrive in Asia's booming social media
by Rachel O'Brien

A man looking at a Thai Internet page displaying a photo of a teenage girl leaning on a road barrier and using her phone moments after she was involved in a car crash that killed nine people. The girl deserves "no happiness forever" according to one of the 300,000 people who "like" a Facebook page set up to condemn her.
A teenager involved in a car crash that killed nine people in Thailand deserves "no happiness forever", according to just one of more than 300,000 Facebook users who support a page set up to condemn her.
Read more at :-
http://www.physorg.com/news/2011-01-mobs-asia-boom...

--
Was this reply relevant?
+0
-0
mogs CClip 79
Expert Contributor 16th Jan, 2011 20:32
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Google, Facebook and Yahoo to test new net addresses

A global trial of the net's new addressing system is being planned for 8 June.

The test is being held to raise awareness about the imminent change from version 4 of the addressing scheme to version 6.

Net giants Google, Facebook, Akamai and Yahoo have committed to taking part in the "test flight" of IPv6.

Net firms are being encouraged to switch to IPv6 as addresses in the old scheme will run out by November 2011.

http://www.bbc.co.uk/news/technology-12183098

--
Was this reply relevant?
+0
-0
mogs CClip 80
Expert Contributor 17th Jan, 2011 08:38
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
New Trojan Abuses Popular Remote Control Software

January 17th, 2011, 06:00 GMT| By Lucian Constantin

Security researchers have identified a new trojan which incorporates the popular TeamViewer remote control software to allow fraudsters to perform unauthorized online banking transactions from infected computers.

The piece of malware was discovered by experts from Group-IB while performing a forensic investigation on the systems of a defrauded Russian company.

It was subsequently analyzed by security researchers from antivirus vendor ESET who call it Win32/Sheldor.NAD. Around half of antivirus engines on Virus Total currently detect the threat.

The malware drops a backdoor component in the the Windows directory along with a TeamViewer 5 server that it runs in console mone.

TeamViewer (TV) is a free program commonly used for remote assistance and remote control of computers over the Internet.

More at :-
http://news.softpedia.com/news/New-Trojan-Abuses-P...

--
Was this reply relevant?
+0
-0
mogs CClip 81
Expert Contributor 17th Jan, 2011 08:56
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Microsoft Corp. today announced the availability of WebMatrix, a free Web development tool designed to help website developers of all skill levels easily create, customize and publish websites to the Internet. Microsoft has also made available a set of video tutorials, how-to tips and other resources for helping new Web developers get started.

“Our Web platform offers a complete ecosystem of products, partners and technologies all aimed at helping developers succeed on the Web,” said S. Somasegar, senior vice president of the Developer Division at Microsoft. “Every day, more people are looking to build, publish and manage a website, and now, with WebMatrix, we provide developers of all skill levels with a sophisticated, yet easy-to-use solution to get their sites online.”

WebMatrix is available today in nine languages and includes a set of tools to create new websites, using code provided through a variety of available templates or using existing free open source Web applications, such as WordPress, Joomla!, DotNetNuke and Umbraco.

Read more at :-
http://www.iewy.com/14342-microsoft-releases-webma...

--
Was this reply relevant?
+0
-0
mogs CClip 82
Expert Contributor 17th Jan, 2011 22:57
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Inside Windows 7 SP1, RTM or No RTM
January 17th, 2011, 17:59 GMT| By Marius Oiaga

With Windows 7 SP1 RTM Build 7601.17514.101119-1850 leaked in the wild, I thought I’d remind you that the first upgrade for Windows 7 is not like previous Service Pack 1 releases.

Instead, SP1 for Windows 7 is just a minor upgrade, as Microsoft put it when it introduced its plans for the service pack with the world.

[ADMAK=1] And early adopters that have been testing Windows 7 SP1 and Windows Server 2008 R2 SP1 throughout the Beta and Release Candidate (RC) milestones, undoubtedly know that the software giant managedto live up to the promise to deliver almost nothing at all with the service pack.

One way to get an idea of what SP1 is all about is to download the “Documentation for Windows 7 and Windows Server 2008 R2 Service Pack 1 Release Candidate” from the Redmond company.

Read more at :-
http://news.softpedia.com/news/Inside-Windows-7-SP...

--
Was this reply relevant?
+0
-0
mogs CClip 83
Expert Contributor 18th Jan, 2011 09:28
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

ICQ Vulnerable to Update Poisoning Attacks

January 17th, 2011, 18:25 GMT| By Lucian Constantin

An important security issue has been identified in the popular ICQ instant messaging application, potentially allowing attackers to trick installations to download and execute fake updates.

The problem arises from the fact that ICQ updates are not downloaded from the developer's servers via a secure SSL connection and have no form of authentication except for a metadata file.

The vulnerability was discovered by a security researcher named Daniel Seither and affects all versions of ICQ 7 for Windows, up to version 7.2, build 3525.

More at :-
http://news.softpedia.com/news/ICQ-Vulnerable-to-U...

--
Was this reply relevant?
+0
-0
mogs CClip 84
Expert Contributor 18th Jan, 2011 09:31
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Mandatory Windows Live Messenger and Essentials Refresh for Windows XP

January 18th, 2011, 07:41 GMT| By Marius Oiaga

Microsoft is gearing up to serve a mandatory update to users running Windows Live Messenger as well as additional Windows Live Essentials components, but the company is not talking about the latest iteration of the instant messaging client or the Essentials suite.

Instead, the software giant will refresh only what it calls the pre-2011 releases of Windows Live Essentials, including Messenger.

This update is focused on customers still running Windows XP instead of one of the two platform versions that succeeded it, Windows Vista or Windows 7.

More at :-
http://news.softpedia.com/news/Mandatory-Windows-L...

--
Was this reply relevant?
+0
-0
mogs CClip 85
Expert Contributor 18th Jan, 2011 10:05
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Risks of cyber war 'over-hyped' says OECD study

The vast majority of hi-tech attacks described as acts of cyber war do not deserve the name, says a report.

The Organisation for Economic Cooperation and Development study is part of a series considering incidents that could cause global disruption.

While pandemics and financial instability could cause problems, cyber attacks are unlikely to, it says.

Instead, trouble caused by cyber attacks is likely to be localised and short-lived.

However, it warns that governments need to plan for how it could mitigate the effects of both accidental and deliberate events.

Read more at :-
http://www.bbc.co.uk/news/technology-12205169


--
Was this reply relevant?
+0
-0
mogs CClip 86
Expert Contributor 18th Jan, 2011 18:36
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Trapster User Credentials Possibly Compromised

January 18th, 2011, 13:57 GMT| By Lucian Constantin

Trapster, an online service which uses crowdsourcing to warn drivers about police speed traps, enforcement cameras and other road hazards, has notified its users that their email addresses and passwords might have been compromised.

Trapster allows its users to report and confirm speed traps from a variety of mobile devices including smartphones, GPS devices and iPods.

People who don't have a supported device can still opt to keep themselves informed via SMS notifications.

More at :-
http://news.softpedia.com/news/Trapster-User-Crede...

--
Was this reply relevant?
+0
-0
mogs CClip 87
Expert Contributor 18th Jan, 2011 18:40
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Security
Oracle Prepares Monster Patch Update for Tomorrow

January 18th, 2011, 09:58 GMT| By Lucian Constantin

Oracle's Critical Patch Update scheduled to land tomorrow will address a total number of 66 security vulnerability affecting numerous versions of its products.

Several vulnerabilities carry the maximum Common Vulnerability Scoring System (CVSS) 2.0 base score of 10.0. They affect Audit Vault, JRockit, Solaris and the WebLogic Server.

Six vulnerabilities that will be patched affect components of the Oracle Database Server. Two of them are remotely exploitable and the most critical one has a CVSS score of 7.5.

The Oracle Secure Backup product is affected by one remotely exploitable vulnerability that will be fixed. It has a 6.4 CVSS base score and is located in mod_ssl.

Oracle Audit Vault is also affected by a single vulnerability that can be attacked remotely without authentication and, as previously mentioned, carries a score of 10.0.

Sixteen flaws will be addressed in applications that are part of the Oracle Fusion Middleware software pack. Twelve of them are remotely exploitable.

Oracle Enterprise Manager Grid Control will also get fixes for two vulnerabilities exhibiting remote attack vectors, the most severe of which carries a 7.5 score.

Two remotely exploitable vulnerabilities will be patched in the Oracle Applications, but their highest CVSS base score is only 4.3.

Three flaws will be addressed in programs from the Oracle Supply Chain Products Suite. None of them can be exploited from a remote location and their maximum score is 3.5.

The Oracle PeopleSoft and JDEdwards Suite contain 10 vulnerabilities that will receive patches. Two are remotely exploitable and carry a score of 5.5.

The Oracle Industry Applications will get security fixes for two flaws, only one of which allows for remote attacks and is rated with a score of 7.5.

Two remotely exploitable vulnerabilities, with a high score of 9.3, will be addressed in the popular Oracle Open Office Suite, which includes Open Office, StarOffice and StarSuite.

However, the largest number of patches, 21, will be delivered for vulnerabilities in the Oracle Sun Products Suite, which includes the Solaris operating system and the VirtualBox virtualization software. Nine of them are remotely exploitable and the maximum CVSS base score is 10.0.

"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible," the company says.

http://news.softpedia.com/news/Oracle-Prepares-Mon...

--
Was this reply relevant?
+0
-0
mogs CClip 88
Expert Contributor 18th Jan, 2011 18:51
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

MPack, NeoSploit, and Zeus top list of most notorious Web attack toolkits
Two-thirds of the recent tremendous growth of malware can be traced back to botnets and exploit code built using these popular attack toolkits
By Ellen Messmer

About two-thirds of malicious Web activity can be traced back to botnets and exploit code built using popular attack toolkits sold in the underground economy, according to a new Symantec report.

The top three attack toolkits in terms of malicious Web activity are MPack (48 percent), NeoSploit (31 percent) and ZeuS (19 percent), the notorious software used in botnet form to steal financial data and execute fraudulent transactions, according to the report, which covers June 2009 through July 2010.

More at :-
http://www.infoworld.com/d/security-central/mpack-...

--
Was this reply relevant?
+0
-0
mogs CClip 89
Expert Contributor 19th Jan, 2011 06:54
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chrome Beta Channel Update
Tuesday, January 18, 2011 | 14:33
Labels: Beta updates
The Beta channel has been updated to 9.0.597.67 for Windows, Mac, Linux, and Chrome Frame.

Due to stability issues Flash Player sandboxing has been put behind a flag for 9.0. Accelerated composting and WebGL will remain on. The remaining set of changes for this release constituted bug and stability fixes.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Anthony Laforge
Google Chrome

http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 90
Expert Contributor 19th Jan, 2011 07:50
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Attack Toolkits Rule the Web Threat Landscape

January 18th, 2011, 18:58 GMT| By Lucian Constantin

According to a recently released report from Symantec, attack toolkits are directly responsible for over sixty percent of malicious activity on the Web and their popularity is ever increasing.

The report [pdf] attributes the increased prevalence of attack kits, also known as exploit packs or drive-by download toolkits, to their ease of use and effectiveness.

Researchers warn that recent advancements brought to these threats, like the ability to quickly update them with new exploits or the switch to a subscription-based model, have contributed to their success.

By removing the need of the programming skills required to put together a successful Web exploit attack, the toolkits allow for more cybercriminals to engage in such activities.

More at :-
http://news.softpedia.com/news/Attack-Toolkits-Rul...

--
Was this reply relevant?
+0
-0
mogs CClip 91
Expert Contributor 19th Jan, 2011 09:16
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Secunia: Third-party apps remains security weak point
The lack of a common update mechanism complicates security for businesses and consumers
By Jeremy Kirk | IDG News Service

Microsoft is still burdened with a bad reputation among users for security, although figures show its products are more secure than most on a person's computer, according to new data from the Danish security vendor Secunia.

The number of vulnerabilities in software commonly found on PCs shot up by an astounding 71 percent between 2009 and 2010, mostly due to problems in third-party applications rather than in the Windows OS or Microsoft apps, said Stefan Frei, research analyst director for Secunia. The company released its annual vulnerability report on Tuesday.

[ The Web browser is your portal to the world -- as well as the conduit that lets in many security threats. InfoWorld's expert contributors show you how to secure your Web browsers in this "Web Browser Security Deep Dive" PDF guide.

Read more at :-
http://www.infoworld.com/d/security-central/secuni...

--
Was this reply relevant?
+0
-0
mogs CClip 92
Expert Contributor 19th Jan, 2011 22:40
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Researcher releases attack code for just-patched Windows bug
Microsoft fixed flaw nine months after it was revealed at last year's Pwn2Own hacking contest

By Gregg Keizer
January 19, 2011 12:47 PM
Computerworld - Attack code for a Windows vulnerability that Microsoft patched last week was released by a researcher one day after the company fixed the flaw.

The bug, which Microsoft rated "critical" -- its highest threat ranking -- was first reported more than nine months earlier when its discoverer used it in a one-two punch against Internet Explorer 8 (IE8) that won him $10,000 in a hacking challenge.

More at :-
http://www.computerworld.com/s/article/9205522/Res...

--
Was this reply relevant?
+0
-0
mogs CClip 93
Expert Contributor 19th Jan, 2011 22:44
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Yahoo accepts Google and Facebook account logins

Move signals a changing of the guard
By Lawrence Latif
Wed Jan 19 2011, 12:24
WEB PORTAL Yahoo will allow users to login to its services using Google and Facebook accounts.
Yahoo, which last year palmed off its search operation to Microsoft's Bing, announced that it will start accepting Google and Facebook account logins via the OpenID authentication protocol. The move is the latest in the firm's acceptance that its influence over web users is waning.


Read more: http://www.theinquirer.net/inquirer/news/1938182/y...


--
Was this reply relevant?
+0
-0
mogs CClip 94
Expert Contributor 20th Jan, 2011 09:07
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Bot attacks Linux and Mac but can't lock down its booty

Cross-platform trojan's Achilles Heel
By Dan Goodin in San Francisco • Get more from this author
Posted in Malware, 19th January 2011 23:12 GMT
From the department of cosmic justice comes this gem, spotted by researchers from Symantec: a trojan that targets Windows, Mac, and Linux computers contains gaping security vulnerabilities that allow rival criminal gangs to commandeer the infected machines.

Known as Trojan.Jnanabot, or alternately as OSX/Koobface.A or trojan.osx.boonana.a, the bot made waves in October when researchers discovered its Java-based makeup allowed it to attack Mac and Linux machines, not just Windows PCs as is the case with most malware. Once installed, the trojan components are stored in an invisible folder and use strong encryption to keep communications private.

More at :-
http://www.theregister.co.uk/2011/01/19/mac_linux_...

--
Was this reply relevant?
+0
-0
mogs CClip 95
Expert Contributor 20th Jan, 2011 19:08
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

First Microsoft Security Essentials 2.0 Update for the Antimalware Engine Soon

January 20th, 2011, 12:50 GMT| By Marius Oiaga

Customers running the latest iteration of Microsoft’s free security solution for Windows will get the first update for the antimalware engine powering the product today, January 20th, 2011.

Microsoft was initially planning to release a refresh for the Microsoft Security Essentials 2.0 on January 19th.

However, the software giant now informs that MSE 2.0’s antimalware engine update has been postponed for a day.

No reason was provided for the delay, but it’s bound that the Redmond company simply took a tad longer to reach release quality for new version of the antimalware engine, and pushed back the launch deadline for Build 1.1.650X.0 for a day.

Microsoft had announced the release of the antimalware engine update since mid-January 2011, noting at the time that the Engine Version was going to be in the range of 1.1.650X.0.

Users running Microsoft security products and familiar with antimalware engine refreshes undoubtedly know that this update will not impact MSE 2.0 exclusively.

Fact is that in addition to Microsoft Security Essentials (MSE), the update will also boost the antimalware capabilities of products such as Forefront Client Security (FCS) and Forefront Endpoint Protection (FEP) which all share the same core AV technology.

More at :-
http://news.softpedia.com/news/First-Microsoft-Sec...

--
Was this reply relevant?
+0
-0
mogs CClip 96
Expert Contributor 20th Jan, 2011 22:48
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK


Chrome Dev Release
Thursday, January 20, 2011 | 13:24
Labels: Dev updates
The Chrome Dev channel has been updated to 10.0.642.2 for all platforms. Here’s what’s new:

All
Updated V8 - 3.0.7.0
Many polish changes and fixes for the new tabbed preferences dialog
Several tweaks to Instant
[r71435] Integrate about:sync with the new tabbed preference dialog (Issue: 69500)
[r71519] Add “Save” and “Print” to the context menu of PDFs in frames (Issue: 50285)
Mac
[r71232] Make thumbnails closable in tab overview mode (Issue: 50307)
[71208] Fix color of favicon and tab overview thumbnails (Issues: 24267, 50307)
[r71575] Fix crash in translation code (Issue: 67594)
[r71324] Fix unable to re-open extension popups that were closed by clicking the browser action button (Issue: 56340)
Linux
[r71203] Fix crash on some distributions when accessing GNOME Keyring (Issue: 69295)
Full details about the Chrome changes are available in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 97
Expert Contributor 21st Jan, 2011 09:55
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Website with 10 million users warns of password theft

Trapster hack
By Dan Goodin in San Francisco • Get more from this author
Posted in Enterprise Security, 21st January 2011 01:18 GMT
A website that helps drivers avoid speeding tickets is warning its 10 million registered users that their email addresses and passwords may be in the hands of hackers who breached the site's security.

The advisory was issued on Thursday by Trapster, which boasts more than 10 million users on its front page. The site uses crowd-sourcing techniques to compile locations of police who are using radar to catch speeding drivers.

More at :-
http://www.theregister.co.uk/2011/01/21/trapster_w...

--
Was this reply relevant?
+0
-0
mogs CClip 98
Expert Contributor 22nd Jan, 2011 02:44
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Fake McDonald's Survey Hides Phishing Attack
By Lucian Constantin

Security researchers from security vendor AppRiver warn about phishing emails purporting to be part of an opinion poll from McDonald's.

The rogue emails bear a subject of "Survey" and have spoofed headers to appear as if they originate from a consult@McDonalds.com address.

The message contained within suggests the user was selected to take part in a poll rewarded with $250. It reads:

"You have been selected to participate in a public opinion poll conducted by McDonald's, a non-partisan polling organization.

More at :-
http://news.softpedia.com/news/Fake-McDonald-s-Sur...

--
Was this reply relevant?
+0
-0
mogs CClip 99
Expert Contributor 22nd Jan, 2011 02:49
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
.NET Framework 4 on Windows Server 2008 R2 SP1 Server Core
By Marius Oiaga

Ahead of its first year on the market, .NET Framework 4 will be offered for customers that are currently taking advantage of the minimal server installation options of Windows Server 2008 R2.

According to one member of the Windows Server Core team, the Redmond company has been indeed working on making .NET Framework 4 available on Server Core.

And it appears that customers will not have to wait all that long either, as the new flavor of .NET 4 is expected by the end of March 2011.

Of course, customers will also need to upgrade their existing Windows Server version to the latest release of the operating system.

In this regard, it’s no coincidence that the software giant also plans to release Windows Server 2008 R2 Service Pack 1 in Q1 2011.

Customers will need Windows Server 2008 R2 SP1 in order to take advantage of .Net Framework 4 on server core deployments.

More at :-
http://news.softpedia.com/news/NET-Framework-4-on-...

--
Was this reply relevant?
+0
-0
mogs CClip 100
Expert Contributor 22nd Jan, 2011 02:53
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Google on Friday said it has made it harder for spam-packed websites to rank high in results at the world's top Internet search engine.
While the amount of "webspam" in query results is less than half of what it was five years ago, the California-based Internet firm has seen a "slight uptick" in recent months, according to Google principal engineer Matt Cutts.
"Webspam is junk you see in search results when websites try to cheat their way into higher positions in search results or otherwise violate search engine quality guidelines," Cutts explained in a blog post.
"We recently launched a redesigned document-level classifier that makes it harder for spammy on-page content to rank highly."
The new classifier better detects words or phrases typical of "junky, automated, self-promoting" comments repeated on pages at spam websites, according to the engineer.
Google also "radically improved" its ability to detect when legitimate websites have been tainted by hackers in the kinds of attacks that were a major source of spam last year, according to Cutts.

http://www.physorg.com/news/2011-01-google-spam-la...

--
Was this reply relevant?
+0
-0
mogs CClip 101
Expert Contributor 22nd Jan, 2011 08:53
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Up-and-Coming Banking Trojan Gets Revamped

January 21st, 2011, 17:42 GMT| By Lucian Constantin

Security researchers warn that Carberp, a relatively new banking trojan with features similar to the notorious ZeuS, has received an update which encrypts the traffic with the command and control servers.

Carberp appeared around May last year, but originally it was mostly used as a trojan downloader to install other malware on computers.

It has since evolved into trojan capable of stealing financial data and online banking credentials by injecting rogue HTML code into Web pages when victims visit the websites of financial institutions.

It does this by hooking the Internet Explorer and Firefox processes so it can constantly monitor Web traffic.

More at :-
http://news.softpedia.com/news/Up-and-Coming-Banki...

--
Was this reply relevant?
+0
-0
mogs CClip 102
Expert Contributor 22nd Jan, 2011 11:15
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
ZeuS Starts Targeting Online Payment Service Providers By Lucian Constantin

Security researchers have found evidence that fraudsters using the ZeuS banking trojan are increasingly targeting services that facilitate online payments in real or virtual currencies.

Malware analysts from Trusteer, a provider of secure browsing solutions, have detected moneybookers.com in the configuration of 26 different ZeuS samples.

Moneybookers is an UK-based online payment services provider similar to PayPal, which is relatively popular on the European market.

Trusteer's chief technology officer, Amit Klein, says the number of ZeuS configurations specifying Moneybookers as a target is not too different than of those mentioning popular banks.

"This usually indicates that fraudsters have a solid business around this target," the security researcher notes.

More at :-
http://news.softpedia.com/news/ZeuS-Starts-Targeti...

--
Was this reply relevant?
+0
-0
mogs CClip 103
Expert Contributor 22nd Jan, 2011 16:31
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Can I stop My Recent Documents appearing in the Start menu?
An easy way to disable the My Recent Documents folder in Windows XP
Computeractive staff PC help Windows 22/01/2011


Untick the ‘List my most recently opened documents’ box
Q How do I prevent items being added to the My Recent Documents folder on the Start menu or disable it entirely? I use Windows XP.
Graham Davison
A Disabling My Recent Documents is easy. First, right-click the Start menu and choose Properties (note that if the Start menu is already open you will need to right-click any blank part of it, rather than the button itself).
Select the Start Menu tab and click the Customize button. Click the Advanced tab and then, in the Recent documents section, click to remove the tick from the ‘List my most recently opened documents’ box. Click OK.
Incidentally, as an alternative, you can keep the My Recent Documents folder but merely clear it out on demand. To do so, repeat the above but click the Clear List button instead of removing the tick from the aforesaid box.


Read more: http://www.computeractive.co.uk/ca/pc-help/1933807...


--
Was this reply relevant?
+0
-0
mogs CClip 104
Expert Contributor 23rd Jan, 2011 07:53
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Are Widgets Wicked?

By Sean Michael Kerner

Widgets are widely uses across the Web as a means to deliver both content and advertising. They could also be used by attackers to deliver malware.

That's the message that Neil Daswani CTO and co-founder security firm Dasient delivered at the Black Hat DC security conference this week. Daswani warns that website owners need to be aware of the risks that widgets can potentially represent.

"Ad widgets when compromised, can be used to spread mass malware infections across the most highly trafficked websites on the Internet," Daswani told InternetNews.com.

Daswani is no stranger to the topic of widget-based malware. At the Black Hat USA conference in the summer of 2010, Daswani warned of the risks stemming from the usage of third-party JavaScript. His company Dasient, also is in the business of protecting against such risks with its Web Anti-Malware service.
According to Daswani, widget based malware has been evolving in recent months.

More at :-
http://www.esecurityplanet.com/features/article.ph...

--
Was this reply relevant?
+0
-0
mogs CClip 105
Expert Contributor 23rd Jan, 2011 07:58
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows 7 SP2 Already Cooking in Redmond, Reportedly
By Marius Oiaga

The second upgrade for Windows 7 is already cooking over in Redmond, at least according to one third-party source close to Microsoft.

This even though the software giant has yet to confirm the finalization of Windows 7 Service Pack 1, let alone to reveal any information about the release of the service pack.

In this context, users should not expect Microsoft to make public any of its plans for Windows 7 Service Pack 2 anytime soon.

The same source that claims Windows 8 / Windows vNext is planned for general availability in January 2013, and RTM sometime in the second half of 2012, also indicates that Windows 7 is already being developed.

Wzor already leaked Build 7601.17514.101119-1850 of Windows 7 SP1 claiming that it’s the RTM development milestone.

Microsoft has yet to confirm officially that it has released Windows 7 SP1 to manufacturing, although in one instance the company did indicate that the upgrade has been finalized.

More at :-
http://news.softpedia.com/news/Windows-7-SP2-Alrea...

--
Was this reply relevant?
+0
-0
mogs CClip 106
Expert Contributor 23rd Jan, 2011 08:11
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Oracle's patching system needs fixing, according to Imperva's CTO.
By Tom Brewster

Oracle should patch database vulnerabilities more frequently and be more open about what the flaws are, a security expert has claimed.

Imperva chief technology officer (CTO) Amichai Shulman said Oracle used to issue fixes on a more regular basis, even when they had far fewer products.

“One would assume that more products require more fixes, yet we are seeing smaller patches with less fixes for more products,” Shulman said.

“The quarterly patch cycle has seen a slow down in fixing database vulnerabilities since the acquisition and incorporation of so many companies and products during the past year.”

Shulman said he could not believe “there is only one database fix quarter-to-quarter when there must be dozens or even hundreds of vulnerabilities.”

More at :-
http://www.itpro.co.uk/630199/imperva-cto-blasts-o...

--
Was this reply relevant?
+0
-0
mogs CClip 107
Expert Contributor 23rd Jan, 2011 11:39
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows 7 Little Tweaker by LeeLu Soft
Version reviewed: Windows 7 Little Tweaker 1.2
Windows 7 Little Tweaker brings you a list of tweaks designed to better your workflow on Windows 7.

Download Windows 7 Little Tweaker Features:

14 different tweaks
Export registry entries
Revert registry to the default configuration
Requires no installation

The list of tweaks that can be applied in Windows 7 is quite huge, but Windows 7 Little Tweaker does not attempt to give you that; on the contrary, it displays a small set of options designed improve working with Microsoft’s operating system.

As much as the developers of Windows OS strive, there will always be voices talking about improvements or a different default setting that would work better. There are innumerate hacks and possibilities to customize the way Windows 7 works. In most cases the user only requires a small set of changes in order to improve his workflow on the computer.

Windows 7 Little Tweaker is bent on offering a brief list of registry modifications designed to help you when transferring files from one location to another, improve responsiveness of the menus, adjust the way file search acts and generally make the system more flexible than its creator intended.

The application can be used free of charge and is recommended only for Windows 7 as this is the platform the developer used for the tests (we used Ultimate edition for the evaluation). It requires no installation and its tweaks affect various Windows settings in the registry.

Fortunately it sports the possibility to cancel all the modifications and bring everything to the default values of the operating system. More than this, it features the option to export the default values so that you can easily restore the system to the exact way it was before being affected by the tweaks.

Read more at :-
http://www.softpedia.com/reviews/windows/Windows-7...

--
Was this reply relevant?
+0
-0
mogs CClip 108
Expert Contributor 23rd Jan, 2011 21:51
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
browser firefox 4 beta 9 mozilla

It has already been one week since Mozilla's Firefox 4 Beta 9 browser has been released and it seems as if this is finally the one that will serve as the springboard for the release candidate scheduled for February.

Apart from the fact that the browser is available in 76 languages, the biggest improvement appears to be the complete overhaul of the bookmarks and history code which, according to Mozilla, will significantly improve bookmarking and startup speeds.

It will also come with a new, sleeker and faster JavaScript engine called Jägermonkey which supports x86, x86-64, and ARM on a shared code base; some benchmarks show a four hundred percent improvement compared to TraceMonkey.

Just like Internet Explorer 9, Firefox 4 Beta 9 now performs some rendering operations using the onboard dedicated GPU using Direct3D 10 on Windows Vista and 7 or Open GL on Mac OS X. This yields faster graphics performance overall and improves things like display speeds.

Unfortunately, there are still tons of hardblocker bugs, those which will prevent FF4 from shipping. As of this evening, there were 105 in all with some like the inability to print or doing print preview from a Gmail account being show-stoppers.



Read more: http://www.itproportal.com/2011/01/22/5-things-kno...

--
Was this reply relevant?
+0
-0
mogs CClip 109
Expert Contributor 24th Jan, 2011 07:45
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Mobile phone to blast into orbit
By Jonathan Amos
Science correspondent, BBC News

British engineers are planning to put a mobile phone in space.



The team at Surrey Satellite Technology Limited (SSTL) in Guildford want to see if the sophisticated capabilities in today's phones will function in the most challenging environment known.

More at :-
http://www.bbc.co.uk/news/science-environment-1225...

--
Was this reply relevant?
+0
-0
mogs CClip 110
Expert Contributor 24th Jan, 2011 21:26
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Critical Heap Corruption Vulnerabilities Identified in VLC Media Player
January 24th, 2011, 08:56 GMT| By Lucian Constantin

Two critical heap corruption vulnerabilities that could lead to arbitrary code execution were patched in the VLC media player source code.

The flaws were reported by Dan Rosenberg from Virtual Security Research (VSR) on January 7, 2011, and are located in a decoder for the relatively obscure CD+G format.

CD+G is an extension to the compact disc (CD) standard and allows for low-res graphics to be associated with audio data. There are few playback devices that support the format.

A patch for the vulnerabilities was submitted by Rémi Denis-Courmont on January 11, but did not make it into the recently released VLC 1.1.6 version that fixes a separate critical buffer overflow issue reported by Mr. Rosenberg in the Real demuxer.

"In both cases, a failure to properly validate indexes into statically-sized arrays on the heap could allow a maliciously crafted CDG video to corrupt the heap in a controlled manner, potentially leading to code execution," the git notes read.

The patch was commited to the VLC 1.1.5 source code, but because the CD+G decoder hasn't been modified in a long time, it can be easily ported back to older versions that are also affected.

More at :-
http://news.softpedia.com/news/Critical-Heap-Corru...

--
Was this reply relevant?
+0
-0
mogs CClip 111
Expert Contributor 24th Jan, 2011 21:29
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Opera Hit by Critical 0-Day Vulnerability
January 24th, 2011, 15:48 GMT| By Lucian Constantin

The latest version of the Opera browser is affected by a publicly disclosed vulnerability that allows potential attackers to execute arbitrary code remotely.

The flaw was discovered by French security researcher Jordi Chancel who disclosed it on his blog on January 7 and described it as an integer truncation error.

Mr. Chacel noted at the time that even though the crashes are easy to replicate, the address of the memory violation is unpredictable, making exploitation a lot more complicated.

However, on Friday, French vulnerability research vendor VUPEN Security announced that its researchers managed to develop a reliable arbitrary code execution exploit for the vulnerability.

"This issue is caused by an integer truncation error within the Opera Internet Browser module 'opera.dll' when handling a HTML 'select' element containing an overly large number of children," VUPEN writes in its advisory.

The flaw has been confirmed in Opera 11.0 and 10.63 on both Windows 7 and XP, and can be exploited remotely by tricking users to visit a specially crafted Web page.

More at :-
http://news.softpedia.com/news/Opera-Hit-by-Critic...

--
Was this reply relevant?
+1
-1
mogs CClip 112
Expert Contributor 24th Jan, 2011 21:33
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft Security Essentials 2.0 Update Released

January 24th, 2011, 14:34 GMT| By Marius Oiaga

As previously announced, Microsoft shipped the first update to the free security solutions it’s offering to users running genuine copies of Windows 7, Windows Vista and Windows XP.

After being postponed for just a single day, Microsoft Security Essentials 2.0 received a new antimalware engine last week.

When it shipped in December 2010, MSE 2.0 featured Antimalware Engine 1.1.6402.0. It’s specifically the antimalware engine that the update kicked up a notch, although not that much.

Just ahead of releasing the refresh, the software giant announced that the antimalware engine version would be in the range of 1.1.650X.0.

Customers running Microsoft Security Essentials 2.0 will now be able to notice that the Antimalware Engine version was boosted to 1.1.6502.0.

This of course, impacts not only those running MSE, but also users of Forefront Client Security (FCS), and Forefront Endpoint Protection (FEP).

More at :-
http://news.softpedia.com/news/Microsoft-Security-...

--
Was this reply relevant?
+0
-0
mogs CClip 113
Expert Contributor 24th Jan, 2011 21:37
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

IDG News Service - Mozilla, the developer of the Firefox browser, is working a feature that will allow users to opt-out of online behavioral advertising.

The goal is to give users "a deeper understanding of and control over personal information online," Mozilla's head of privacy said in a blog posted on Sunday.

The feature will allow users to configure their Firefox browser to tell websites and advertisers that they would like to opt-out of any advertising based on their behavior, Alex Fowler [cq] wrote in his blog post. The user's preference is communicated to websites and third party ad servers using a new "Do Not Track HTTP header", which is sent with every click or page view in Firefox.

The feature wouldn't block advertising altogether, only personalized ads.
More at :-
http://www.computerworld.com/s/article/9205961/Moz...

--
Was this reply relevant?
+0
-0
mogs CClip 114
Expert Contributor 24th Jan, 2011 21:41
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Google jumps into 'Do Not Track' debate with Chrome add-on
Expert applauds Mozilla, Google for following Microsoft in adding browser privacy tools

By Gregg Keizer
January 24, 2011 02:05 PM
Computerworld - A day after Mozilla said it was exploring a "Do Not Track" feature for Firefox, Google today announced a Chrome add-on that lets users opt out of tracking cookies that monitor their movement and behavior online.

More at :-
http://www.computerworld.com/s/article/9206061/Goo...

--
Was this reply relevant?
+0
-0
mogs CClip 115
Expert Contributor 25th Jan, 2011 09:05
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Upcoming Version of avast! Free Antivirus Will Feature Auto Sandboxing

January 24th, 2011, 18:11 GMT| By Lucian Constantin

The next version of avast! Antivirus will feature sandboxing virtualization technology that will allow users to open suspicious programs securely and will be the first implementation of this kind in a free anti-malware solution.

With its free product having a user base of over 130 million, Czech-based AVAST Software is one of the biggest providers of antivirus solutions on the market.

Avast! Free Antivirus already scores among the most top anti-malware applications in independent comparative tests when it comes to detection, low false positive rate and scanning performance.

It is one of the most complete free antivirus solutions, having implemented many technologies for free for the first time. One example of this is behavioral detection.

The company plans to follow in that trend and bring even more innovations to the freemium model with the new AutoSandbox virtualization technology.

Read more at :-
http://news.softpedia.com/news/Upcoming-Version-of...

--
Was this reply relevant?
+0
-0
mogs CClip 116
Expert Contributor 25th Jan, 2011 09:11
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
New Buzus Distribution Campaign Generates Wave of Fake Emails

January 24th, 2011, 17:59 GMT| By Lucian Constantin

Security researchers from antivirus vendor Sophos warn of a new wave of emails distributing a new variant of the Buzus malware, which masquerade as official communications from major websites.

Some of the rogue emails pose as a job application response from Google and purport to come from a resume-thanks@google.com address.

The message contained within reads: "We just received your resume and would like to thank you for your interest in working at Google. This email confirms that your application has been submitted for an open position."

It goes on to instruct recipients to open the attached file which is allegedly a review of the submitted application.

The file, called CV-20100120-112.zip, contains an installer for the Buzus worm which spreads by sending the emails through an external SMTP server and copying itself to removable USB devices.

More at :-
http://news.softpedia.com/news/New-Buzus-Worm-Dist...

--
Was this reply relevant?
+0
-0
mogs CClip 117
Expert Contributor 25th Jan, 2011 10:01
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Pure takes Kaspersky's security to the next level
by Seth Rosenblatt


A laundry list of features new to Kaspersky debuts today in a new home security suite, Pure Total Security. Originally announced earlier this month at CES 2011, Kaspersky Pure Total Security takes the highly regarded set of features offered in Kaspersky Internet Security and mixes in some extras that are designed to appeal to people who have more complicated, multi-machine setups at home.


Read more: http://news.cnet.com/security/#ixzz1C2HUHdbP

--
Was this reply relevant?
+0
-0
mogs CClip 118
Expert Contributor 25th Jan, 2011 22:05
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Google trumps Mozilla with opt-out feature
Mozilla may have proposed an opt-out feature, but Google has made one available already.
By Tom Brewster, 25 Jan 2011 at 11:56

Google has beaten Mozilla to introduce a feature into the Chrome browser letting users opt-out of ad tracking cookies.

The announcement follows calls from the Federal Trade Commission for a ‘Do Not Track’ add-on – something Mozilla announced it was working on yesterday.

Mozilla had not revealed a date for when such a feature would be included in its Firefox browser, but Google made its Keep My Opt-Outs tool available for Chrome yesterday evening.

More at :-
http://www.itpro.co.uk/630334/google-trumps-mozill...

--
Was this reply relevant?
+0
-0
mogs CClip 119
Expert Contributor 26th Jan, 2011 18:15
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chrome Beta Channel Update
Tuesday, January 25, 2011 | 19:00
Labels: Beta updates
The Beta channel has been updated to 9.0.597.83 for Windows, Mac, Linux, and Chrome Frame.

This is primarily a stability/ minor bug fix release and the set of changes can be found here.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Anthony Laforge
Google Chrome
8 comments | Links to this post | Email Post
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 120
Expert Contributor 26th Jan, 2011 18:40
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
McAfee Names MyDoom 'Exploit' of the Decade
January 26th, 2011, 09:52 GMT| By Lucian Constantin

In a newly published report about the evolution of cybercrime during the past decade, McAfee named the MyDoom worm as the most damaging malware threat.

Dubbed "A Good Decade for Cybercrime," McAfee's report [pdf] looks at how the threat landscape evolved from a battleground of rival hackers seeking notoriety to an underground economy fuelled by a desire for illegal profits.

The company also makes predictions for the future saying that social networking scams and mobile threats are going to increase in prevalence this year.

McAfee begins its "top 5 exploits of the decade" list with the MyDoom worm, which is estimated to have caused damages of $38 billion.

More at :-
http://news.softpedia.com/news/MyDoom-Was-the-Most...

--
Was this reply relevant?
+0
-0
mogs CClip 121
Expert Contributor 26th Jan, 2011 18:50
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Intel Developing Zero-Day Proof Security System
By Sharon Gaudin, Computerworld Jan 26, 2011 2:01 pm

Intel's chief technology officer says the chip maker is developing a technology that will be a security game changer.

Justin Rattner told Computerworld on Tuesday that scientists at Intel are working on security technology that will stop all zero-day attacks. And, while he would give few details about it, he said he hopes the new technology will be ready to be released this year.

"I think we have some real breakthrough ideas about changing the game in terms of malware," Rattner said. "We're going to see a quantum jump in the ability of future devices, be them PCs or phones or tablets or smart TVs, to defend themselves against attacks."

Read more at :-
http://www.pcworld.com/article/217772/intel_develo...

--
Was this reply relevant?
+0
-0
mogs CClip 122
Expert Contributor 26th Jan, 2011 19:39
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Conficker Working Group talks up successes
But millions of PCs are still infected
David Neal
V3.co.uk, 26 Jan 2011
The working group set up to tackle the Conficker worm has produced its final report on its achievements, calling for greater collaboration among public and private sectors in future and warning that the worm remains at large.

Conficker led to the largest computer infection of its time, affecting a wide range of organisations including governments, businesses and home computers. All told, the worm managed to infect an estimated seven million machines.

The Conficker Working Group included representatives from Microsoft and Icann, along with domain registry operators, anti-virus vendors, and academic researchers.

The Lessons Learned (PDF) report from the group said that the main aim was to register and block domains before the Conficker author could get to them and update the botnet. Although there were some errors, the report claims that the group was successful in this aim.

However, it was unable to fix infected computers and remove all traces of the botnet. The report explained that there are millions of infected computers still out there.



Read more: http://www.v3.co.uk/v3/news/2274433/conficker-worm...


--
Was this reply relevant?
+0
-0
mogs CClip 123
Expert Contributor 27th Jan, 2011 08:19
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chrome Dev Channel Update
Wednesday, January 26, 2011 | 18:02
Labels: Dev updates

The Chrome Dev channel has been updated to 10.0.648.6 for all platforms. This build primarily contains stability fixes from the previous dev channel release. Full details about the Chrome changes are available in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey

http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 124
Expert Contributor 27th Jan, 2011 08:38
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Mozilla reaches for almost perfect 10 with latest Firefox 4 beta

By Kelly Fiveash • Get more from this author
Posted in Applications, 26th January 2011 10:37 GMT
Mozilla has pushed out another beta for Firefox 4, just nine days after the last test build iteration of the forthcoming browser arrived.

Firefox 4 beta 10 comes with very few changes, given that the browser is at a stable stage and was granted the all-important feature complete level late last year.

The browser will come loaded with Mozilla's JaegerMonkey Javascript engine extension, additional hardware acceleration, and will allow coders to build plug-in-free 3D graphics via WebGL. Firefox 4 has been built on the open source outfit's Gecko 2.0 web platform.

More at :-
http://www.theregister.co.uk/2011/01/26/firefox_4_...

--
Was this reply relevant?
+0
-0
mogs CClip 125
Expert Contributor 27th Jan, 2011 10:24
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Opera 11.01 Final Available for Download
January 27th, 2011, 08:35 GMT| By Marius Oiaga

The first update to Opera 11 is now available for download. Users can now grab Opera 11.01 and install it immediately, since Opera Software has wrapped up the release and is offering the final bits to customers.

The Norway-based browser vendor has yet to officially announce the release of Opera 11.01, but Build 1190 is already live on the company’s FTP servers.

The users that want to wait for the official launch from Opera Software can do so, and fact is that with the final versions already offered through FTP, the browser vendor is right on track to making the announcement later today.

Opera 11.01 has been in the making for quite some time now, with the first development snapshot offered to testers in early January 2011.

More at :-
http://news.softpedia.com/news/Opera-11-01-Final-A...

--
Was this reply relevant?
+0
-0
mogs CClip 126
Expert Contributor 27th Jan, 2011 12:36
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Take charge of the Notification Area by managing icons and alerts

In Windows XP, right-click the Start button and choose Properties. When the dialogue box opens, click the Taskbar tab at the top. From here you can either show or hide the clock and turn all inactive icons on or off. Alternatively, click the Customize button and you’ll be able to scroll through a list of the icons that may be displayed in the area. Click on one in the Behavior column, open the dropdown list and choose from the three options there – Hide when inactive, Always hide and Always show.

Things are slightly different in Windows Vista. Right-click the Start button and choose Properties. When the dialogue box opens, click the Notification Area tab at the top. As well as showing or hiding inactive icons, it’s also possible to select which of Vista’s standard utilities are visible – Clock, Volume, Network and Power (if using a laptop). To access the controls for individual programs, click the Customize button. Open the dropdown list in the Behavior column for each program and select the settings from there.

In Windows 7, roll the mouse pointer over the Notification Area and left-click on the Show Hidden Icons button. When the pop-up window opens, click the Customize link. From here you can change the way the different icons appear in the Notification Area by picking the relevant options off the dropdown lists – you can choose Show icon and notifications, Hide icon and notifications or Only show notifications. There’s also a universal setting displayed as a tick box at the bottom – ‘Always show all icons and notifications on the taskbar on or off’. When done, click OK.

Read more: http://www.computeractive.co.uk/ca/step-by-step/19...


--
Was this reply relevant?
+0
-0
mogs CClip 127
Expert Contributor 27th Jan, 2011 19:53
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Piracy Terms Removed from Google Search Suggestions Deemed Overly Broad

January 27th, 2011, 11:34 GMT| By Lucian Constantin

Google is facing strong criticism for removing search suggestions and instant results for terms like BitTorrent, uTorrent, RapidShare and others as part of its commitment to fighting piracy.

At the beginning of December, the Web search giant revealed via its general counsel that it plans on making improvements to the way it tackles copyright infringement issues.

Among several announced changes, the company said it will prevent terms "closely associated with piracy" from appearing in Autocomplete.

TorrentFreak now reports that Google has kept its promise, but the implementation leaves a lot to be desired and can actually hurt legitimate businesses.

More at :-
http://news.softpedia.com/news/Piracy-Terms-Remove...

--
Was this reply relevant?
+0
-0
mogs CClip 128
Expert Contributor 27th Jan, 2011 21:33
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Try the System Update Readiness Tool from Microsoft
Q
I have been unable to run Windows Update for several months now. When I try I am told that Windows cannot search for new updates, with an error code of 80070490. How can I fix this?
Bill Grieve
A This is a known issue with a couple of possible fixes. The first option is to try the System Update Readiness Tool from Microsoft.
Ironically, this tool is pushed out by Windows Update and is designed to fix the problem you are experiencing.
However, if it isn’t working you have to download and install Windows Update manually.
If this fails to fix the problem you will need to run a Windows ‘repair’. If you don't know how to do this, take a look at this Microsoft guide to Windows repair.


Read more: http://www.computeractive.co.uk/ca/pc-help/1933810...


--
Was this reply relevant?
+0
-0
mogs CClip 129
Expert Contributor 28th Jan, 2011 23:17
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Kaspersky Anti-Virus Source Code Leaks Online
January 28th, 2011, 14:19 GMT| By Lucian Constantin

It seems that the source code for one of Kaspersky's security suite products has been leaked online and is available for download from torrent and file hosting websites.

According to a description accompanying the release, the sources were stolen from Kaspersky Lab in 2008 and the last changes made to them date from December 2007.

The code is written in C++ and Delphi and covers the anti-virus engine, as well as the anti-phishing, anti-dialer, anti-spam, parental control, and other modules.

We don't know yet to what version of Kaspersky's security suite the sources actually correspond to, but 8.0 is the most likely candidate at this point.

The Russian vendor's line of products is now at version 11.0, which is publicly marketed as 2011 and PURE, for the most complete offering.

We have contacted the company at several different email addresses to ask for clarifications regarding this major intellectual property theft incident, but we have yet to receive a response.

Read more at :-
http://news.softpedia.com/news/Kaspersky-Anti-Viru...

--
Was this reply relevant?
+0
-0
mogs CClip 130
Expert Contributor 28th Jan, 2011 23:22
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Internet Explorer 9 (IE9) Release Candidate (RC) on February 10, 2011

January 28th, 2011, 15:55 GMT| By Marius Oiaga

Microsoft is reportedly gearing up to launch the Release Candidate of Internet Explorer 9 on February 10, 2011.

The Redmond company has yet to confirm this officially, but members of the press (via Ed Bott) were already sent invites to an event in San Francisco, which conspicuously points to the imminent availability of IE9 RC.

According to the invites, the event will involve members of the Internet Explorer team, special guests as well as “some important news.”

The last time that the software giant held an Internet Explorer event in San Francisco it was September 15th, 2010, and they launched IE9 Beta.

Internet Explorer 9 has had quite some time to cook since September 2010, and Microsoft did promise that the next major development milestone for the browser will be the Release Candidate, on track for availability in early 2011.

I highly doubt that the February 10 event will be about anything else than the introduction of IE9 RC.

Read more at :-
http://news.softpedia.com/news/Internet-Explorer-9...

--
Was this reply relevant?
+0
-0
mogs CClip 131
Expert Contributor 28th Jan, 2011 23:26
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Last edited on 28th Jan, 2011 23:27
Microsoft issues temp fix for serious Windows security bug

Mitigates script injection threat
By Dan Goodin in San Francisco • Get more from this author
Posted in Malware, 28th January 2011 21:50 GMT
Microsoft has warned customers to apply a temporary security fix to protect against a serious, newly discovered security bug in all supported versions of Windows.

The vulnerability results from the way Windows processes webpages containing MIME-formatted content. Attackers can exploit the weakness to run malicious scripts that steal sensitive information, spoof trusted websites or carry out other actions not authorized by the user. Internet Explorer is the only attack vector for the vulnerability, which resides in the Windows implementation of the MHTML protocol.

Microsoft's security team is still studying the flaw and “will take the appropriate action” once the investigation is complete. In the meantime, the company is advising Windows users to install a temporary “fix it” to prevent attacks. The measure disables some legitimate script execution and ActiveX functionality within MHT documents, but these side effects are mostly limited, members of Microsoft's security team blogged.

The security team is working with website operators, including Google, to explore possible server-side fixes as well. Potential fixes include filtering newline characters out of requests and responses, prepending newline characters onto HTTP responses, and altering the status code of HTTP responses.

Of course, a measure that's easier for most Windows users is to use an alternate browser, since IE is the only known vector.

The vulnerability and proof-of-concept code was recently posted here. Microsoft's advisory said there's no evidence the flaw is being actively exploited in the wild. The company has additional information here. ®

http://www.theregister.co.uk/2011/01/28/windows_vu...

--
Was this reply relevant?
+0
-0
mogs CClip 132
Expert Contributor 29th Jan, 2011 12:01
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
SourceForge Resets All Passwords Following Security Breach
January 29th, 2011, 06:16 GMT| By Lucian Constantin

SourceForge, the world's largest open source software repository, has reset the password for all of its users following a successful attack against its infrastructure.

The SourceForge team discovered the security breach on Thursday when exploits were found uploaded on several servers.

A preliminary investigation revealed the attack originated on the CVS hosting server, but the actual attack vector has not been identified yet.

As a result of the incident, some functionality was immediately suspended, including CVS hosting, web-based source code browsing (ViewVC), the capability to upload new releases and the Interactive Shell services.

A subsequent update posted on the site's official blog did not reveal any more information except that the team now better understands what happened and how it can prevent it in the future.

Read more at :-
http://news.softpedia.com/news/Sourceforge-Servers...

--
Was this reply relevant?
+0
-0
mogs CClip 133
Expert Contributor 29th Jan, 2011 12:07
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Net approaches address exhaustion
By Mark Ward
Technology correspondent, BBC News

The last big blocks of the net's dwindling stock of addresses are about to be handed out.

The event that triggers their distribution is widely expected to take place in the next few days.

When that happens each of the five regional agencies that hand out net addresses will get one of the remaining blocks of 16 million addresses.

The addresses in those last five blocks are expected to be completely exhausted by September 2011.

http://www.bbc.co.uk/news/technology-12306573

--
Was this reply relevant?
+0
-0
mogs CClip 134
Expert Contributor 29th Jan, 2011 12:13
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Google updates Chrome OS beta

Concentrates on squashing networking bugs
By Lawrence Latif
Fri Jan 28 2011, 12:39
SOFTWARE DEVELOPER Google has announced an update to its Chrome OS beta that includes security and stability fixes.
Google's Chrome OS has now reached version 0.9.130.14 and includes the Chrome 8.0.522.344 web browser. In this release, Google has updated the kernel to fix a security vulnerability along with stability fixes for wireless networking and improvements to the audio architecture.


Read more: http://www.theinquirer.net/inquirer/news/1940394/g...


--
Was this reply relevant?
+0
-0
mogs CClip 135
Expert Contributor 29th Jan, 2011 12:16
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Could a vulnerability tax work?
The new Apple security chief believes a vulnerability tax could really help make software safer. Could it work?
By Tom Brewster, 27 Jan 2011 at 15:28

ANALYSIS: Apple’s new security chief, David Rice, has some interesting views on how to improve software security – in particular a vulnerability tax concept.

The soon-to-be global security head believes such a tax could be handled in the same way as pollution, making companies pay for the amount of environmental damage they caused.

“We run cars in various crash tests to see how they respond, we can run these attack patterns on software, judge how it performs and give it a security rating,” Rice told Forbes this week.

“If a tax raised the private cost of cybercrime, people would get educated very quickly. When insecure software starts costing more, people will adjust their behaviour.”

Read more at :-
http://www.itpro.co.uk/630430/could-a-vulnerabilit...

--
Was this reply relevant?
+0
-0
mogs CClip 136
Expert Contributor 29th Jan, 2011 15:04
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Former Kaspersky Employee Responsible for Leaked Source Code

January 29th, 2011, 09:56 GMT| By Lucian Constantin



The Kaspersky source code that recently made its way onto public websites was leaked by a former employee of the antivirus vendor, who is already serving a prison sentence for intellectual property theft.

More at :-
http://news.softpedia.com/news/Former-Kaspersky-Em...

--
Was this reply relevant?
+0
-0
mogs CClip 137
Expert Contributor 31st Jan, 2011 07:48
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Attack Code Published for New Windows 0-Day Vulnerability

January 31st, 2011, 05:11 GMT| By Lucian Constantin

A new zero-day script injection vulnerability has been confirmed in Windows and proof-of-concept attack code has already been published on public websites.

The flaw, identified as CVE-2011-0096, is located in the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler and affects all supported version of Windows.

"The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document.

"It is possible under certain conditions for this vulnerability to allow an attacker to inject a client-side script in the response of a Web request run in the context of the victim's Internet Explorer," Microsoft wrote in a newly published advisory.

More at :-
http://news.softpedia.com/news/Attack-Code-Publish...

--
Was this reply relevant?
+0
-0
mogs CClip 138
Expert Contributor 31st Jan, 2011 07:53
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows Live Hotmail Data Security and Privacy

By Marius Oiaga

While Windows Live Hotmail has evolved with a range of new security features, users need to also take an interest in protecting their data and privacy online.

The first step in doing so is making sure that they use a strong password. Here’s an example, it might not be such a good idea to use “password” or “1234” as the password for the Hotmail account.

And although this might seem like nothing more than common sense to some, there are those that still use extremely weak passwords for their accounts. In such a context, there’s little that Microsoft can do to protect their accounts from being hacked.

Especially since brute force attacks involving automated scripts are designed to check for a list of commonly used weak passwords.
More at :-
http://news.softpedia.com/news/Windows-Live-Hotmai...

--
Was this reply relevant?
+0
-0
mogs CClip 139
Expert Contributor 31st Jan, 2011 10:35
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Fix Windows 7 Intel AHCI Driver Failed Install
January 31st, 2011, 08:46 GMT| By Marius Oiaga

Customers running Windows 7 have reported running into issues when attempting to install an Intel AHCI driver from the DVD or CD, as a part of deploying Microsoft’s latest iteration of the Windows client.

According to the software giant, users reported coming across an error message after they pressed F6 in order to load a vendor provided AHCI controller driver.

“The Intel Express Chipset SATA AHCI controller (E:\1046...\iaAHCI.inf) device driver could not be installed. Contact your vendor for an updated driver," is an example of the information displayed to end users.

The Redmond company revealed that the issues can occur during the Windows 7 installation process, and only when customers attempt to install the AHCI driver from a DVD or CD media.

Read more at :-
http://news.softpedia.com/news/Fix-Windows-7-Intel...

--
Was this reply relevant?
+0
-0
mogs CClip 140
Expert Contributor 31st Jan, 2011 11:21
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Kaspersky Confirms Source Code Leak, Threatens Legal Action Against Downloaders
January 31st, 2011, 07:34 GMT| By Lucian Constantin



Russian antivirus vendor Kaspersky Lab has confirmed the unauthorized online availability of its intellectual property in the form of source code and warned that it will launch legal action against people who downloaded and shared it.

In a statement sent to Softpedia, the company says that partial source code for its 2008 range of consumer products was stolen almost three years ago by a former employee.

The person responsible was quickly arrested and received a three-year suspended prison sentence for violations under Article 183 of the Russian Federation Criminal Code.

Kaspersky further confirms that it had knowledge of the source code being distributed on underground forums since as early as November 2010 and that the same files made their way onto more public websites recently.

More at :-
http://news.softpedia.com/news/Kaspersky-Confirms-...

--
Was this reply relevant?
+0
-0
mogs CClip 141
Expert Contributor 31st Jan, 2011 11:50
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Security is Only as Strong as the Weakest Link

By Paul Rubens

A devastating security breach at Trapster.com, home of a mobile app that helps drivers avoid getting speeding tickets, perfectly illustrates the old adage that security is only as strong as the weakest link.

The website's 10 million registered users were informed this month that "our website has been the target of a hacking attempt, and it is possible that your email address and password were compromised."

A website should never, ever, store your password unencrypted. What it should do is pass your password through a hashing function which converts it into an apparently random string of characters. It's this password "hash" that it should store. Every subsequent time you enter your password to log in, the site should hash it and ensure that the result matches the hash of your password it has stored. That means that if hackers break in they can't get their hands on a list of passwords - they can only get a list of hashes, which in themselves aren't very useful. That's because getting a password back from a hash is hard, and probably impossible if the original password is long and complicated.

But Rob Cotton, CEO of security outfit NCC Group, reckons that Trapster wasn't protecting its users' password in this way. "Website owners should declare if they store your passwords using strong hashing. This is a simple process and not any more expensive to implement, however, unfortunately, websites not using this method of cryptography is something we see all too often and this can only be down to developers' laziness or ignorance. In the case of Trapster, it would appear that they didn't encrypt or hash so the hackers got the crown jewels."

More at :-
http://www.esecurityplanet.com/features/article.ph...

--
Was this reply relevant?
+0
-0
mogs CClip 142
Expert Contributor 31st Jan, 2011 21:39
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Download Free Windows Fix It Pack from Microsoft
January 31st, 2011, 15:13 GMT| By Marius Oiaga
Microsoft introduced the Fix it Solution Center in the first half of 2010, and now also made available for download a Fix IT pack, which it’s offering free of charge.

The Fix it Solution Center is designed to help customers find automated solutions for their problems.

Essentially, in addition to sometimes providing guidance and step-by-step instructions for customers to resolve a range of issues with Microsoft’s products, the software giant started putting together basic tools designed to automatically resolve glitches, bugs, etc.

Fix It makes it possible for users to launch an automated solution designed to take care of a specific problem and watch it go away, rather than having to implement a workaround manually.

“Microsoft Fix it troubleshooters help you automatically diagnose and repair problems with common computer problems, such as audio, Internet, and printing problems. If your problems aren't fixed, Fix it troubleshooters provide you with the next steps to take,” the company said.

“Microsoft Fix it: Automated solutions for your issues” is a new download from the software giant designed to offer users a package of 23 fixes.

Read more at :-
http://news.softpedia.com/news/Download-Free-Windo...

--
Was this reply relevant?
+0
-0
mogs RE: Daily CYBERCLIPS January
Expert Contributor 1st Feb, 2011 08:20
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
This thread is now closed....please see the February edition for further posts :-
http://secunia.com/community/forum/thread/show/741...
Thankyou.


--
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+