Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Daily CYBERCLIPS March

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
mogs Daily CYBERCLIPS March
Expert Contributor 1st Mar, 2011 07:10
Ranking: 2265
Posts: 6,266
User Since: 22nd Apr, 2009
System Score: 100%
Location: UK
Last edited on 1st Mar, 2011 07:11

Eighth Edition

Thankyou for your continuing support. Hope you find something of value/interest in the new thread. The new INDEX thread will follow shortly.
Please refrain from scoring on both threads.
Security remains the main theme of the thread with some related and varied topics.
Please note....the most recent posts are those at the end of a downward scroll !!
I should reiterate that no entry/post should be taken as a personal recommendation, unless otherwise stated.
Please continue to keep CYBERCLIPS free of junk and unattractive to any contentious individuals; whilst, at the same time feeling disposed towards posting suitable content, and one-off helpful comment, yourself.
* Keep patching : up to date : be Cybersafe ! *

--

mogs CClip 1
Expert Contributor 1st Mar, 2011 07:19
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Last edited on 1st Mar, 2011 07:20
Chrome

Dev Channel Update

Monday, February 28, 2011 | 18:30
Labels: Dev updates
The Dev channel has been updated to 11.0.686.0 for All platforms

All
Updated V8 - 3.1.6.1
Accelerated compositing turned on by default (use --disable-accelerated-layers to disable).
Fixed a bug affecting the bookmark manager and other extensions. (Issue 43448)
FTP: fixed a compatibility issue. (Issue 72060)
Windows
GPU acceleration and WebGL disabled for Windows XP
Windows Restart Manager restores Chrome on update-triggered restarts. (Vista/2008+).
Mac
Fix bugs related to the new infobar UI (Issue 73357) and Issue 73590))
Known Issues
HTML5 videos don't play on Vimeo.com (Issue 74451)

More details about additional changes are available in the log of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann...

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Karen Grunberg
Google Chrome
6 comments | Links to this post | Email Post

Stable Channel Update
| 15:23
Labels: Stable updates
The stable channel has been updated to 9.0.597.107 for all platforms. This release contains the following security fixes.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

Congratulations to the diverse range of researchers featuring in this patch. We’re pleased to announce that the Chromium Security Rewards program has now crossed $100,000 of rewards.


--
Was this reply relevant?
+0
-0
mogs CClip 2
Expert Contributor 1st Mar, 2011 18:03
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
LastPass Fixes Serious Cross-Site Scripting Vulnerability

March 1st, 2011, 07:19 GMT| By Lucian Constantin

Password management service LastPass has fixed a serious cross-site scripting vulnerability on its website which could have been exploited to obtain sensitive information about other people's accounts.

LastPass allows users to generate secure passwords for each of their accounts and store them inside an encrypted container controlled by a master password.

The company offers extensions for all major browsers, which help with auto-fill and other operations, but the login details can also be accessed via its website.

The flaw on lastpass.com was discovered by a UK independent security researcher named Mike Cardwell who notified the company about it.

More at :-
http://news.softpedia.com/news/LastPass-Fixes-Seri...

--
Was this reply relevant?
+0
-0
mogs CClip 3
Expert Contributor 1st Mar, 2011 18:07
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Download Firefox 3.6.14 and Firefox 3.5.17

March 1st, 2011, 18:27 GMT| By Marius Oiaga

Here are some Firefox downloads to hold you over while you wait for Firefox 4.0 Release Candidate (RC).

Mozilla has just made available for download Firefox 3.6.14 and Firefox 3.5.17, the latest updates to the currently supported stable versions of its open source browser.

Fact is that Mozilla noted as much as a week ago that it was going to provide users with the latest Firefox 3.6.x and Firefox 3.5.x releases today, March 1st, 2011, and the company managed to live up to its promise.

Firefox 3.6.14 and Firefox 3.5.17 can be downloaded via the links at the bottom of this article, but users will need to exercise their patience a bit longer when it comes down to additional details, such as release notes.

Read more at :-
http://news.softpedia.com/news/Download-Firefox-3-...

--
Was this reply relevant?
+0
-0
mogs CClip 4
Expert Contributor 1st Mar, 2011 18:12
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Google 'finds' missing G-mails on tape


Google has apologised to customers who found their Gmail inboxes empty after accounts were accidentally wiped clean.

It said that the e-mails were "never lost" and that "things should be back to normal for everyone soon".

Many of the missing e-mails are backed up on tape, hence the delay in restoring them, the search giant said.

More at :-
http://www.bbc.co.uk/news/technology-12607364

--
Was this reply relevant?
+0
-0
mogs CClip 5
Expert Contributor 1st Mar, 2011 18:24
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Check your pockets!

More than 17,000 USB sticks were left behind in dry cleaners and launderettes in the UK during 2010, according to a new survey.

Perhaps unsurprisingly the research was commissioned by a data security firm, but the figure is impressive nonetheless!

According to Credant Technologies, the number of USB sticks left behind at the shops increased 400 percent from 2009 levels. Over 500 dry cleaners up and down the country participated in the survey.

"The numbers of USB sticks forgotten in trousers and shirt pockets is staggering and is a direct result of growth in ‘IT consumerisation,' as consumers today carry more and more mobile devices than ever before, such as smart phones, laptops, iPads, USB sticks and other portable devices," said Sean Glynn, VP of marketing at Credant Technologies.

"Inevitably, unsuspecting consumers leave the USB sticks behind, creating a potential risk for their employers if these devices have proprietary information on them and end up in the hands of criminals," he added.

http://www.hexus.net/content/item.php?item=29301

--
Was this reply relevant?
+0
-0
mogs CClip 6
Expert Contributor 1st Mar, 2011 21:23
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows XP vs. Windows 7 – User Ratio 2 to 1

March 1st, 2011, 18:15 GMT| By Marius Oiaga

There is now one user of Windows 7 for every two users of Windows XP worldwide. Similarly, there are two customers running Windows 7 for each one still on Windows Vista.

According to statistics released by Internet metrics company Net Applications, Windows 7 continues to gain traction worldwide, having reached a usage share of no less than 23.08%.

More importantly, Windows 7’s momentum seems to keep steady and not indicate any signs of declaration, which is important, especially as more and more details on Windows 8, the next major iteration of Windows, will make it to the public in the future.

More at :-
http://news.softpedia.com/news/Windows-XP-vs-Windo...

--
Was this reply relevant?
+0
-0
mogs CClip 7
Expert Contributor 2nd Mar, 2011 20:45
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Security Updates Available for Mozilla Firefox and Thunderbird

March 2nd, 2011, 08:30 GMT| By Lucian Constantin



Mozilla has released security updates for its Firefox browser and Thunderbird email client addressing a significant number of critical vulnerabilities that can lead to arbitrary code execution.

There were a total of ten vulnerabilities fixed in the new Firefox 3.6.14 and 3.5.17, while Thunderbird 3.1.8 contains patches for three.


More info and downloads :-
http://news.softpedia.com/news/Security-Updates-Av...

--
Was this reply relevant?
+0
-0
mogs CClip 8
Expert Contributor 2nd Mar, 2011 20:49
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Opera (finally) gets hard on WebGL 3D

Three years in the hardening
By Cade Metz in San Francisco • Get more from this author
Posted in Applications, 2nd March 2011 00:53 GMT
Opera Software has released the first public build of its desktop browser that includes 3D hardware acceleration based on the WebGL standard.

The company announced the Windows preview build with a blog post on Monday, after two years of work on WebGL. "We have been working on a WebGL implementation since early 2009, when the standardization process started," the company says.

Read more at :-
http://www.theregister.co.uk/2011/03/02/opera_debu...

--
Was this reply relevant?
+0
-0
mogs CClip 9
Expert Contributor 2nd Mar, 2011 20:55
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Britons caught out by booby-trapped web ads


Tens of thousands of people could have been caught out by cyber criminals who put booby-trapped adverts on popular webpages.

The criminals racked up the victims by compromising the computers used by ad firm Unanimis to display adverts to popular websites.

The ads appeared on the websites of the London Stock Exchange, Autotrader, the Vue cinema chain and six other sites.

Unanimis said it moved quickly to pull the adverts once they were discovered.

More at :-
http://www.bbc.co.uk/news/technology-12608651

--
Was this reply relevant?
+0
-0
mogs CClip 10
Expert Contributor 2nd Mar, 2011 21:00
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
IE9 has been downloaded 36 million times

Microsoft cheers for its fans
By David Neal
Wed Mar 02 2011, 16:10
INTERNET EXPLORER 9 (IE9) has been downloaded some 36 million times according to Microsoft, which added that IE9 has a whopping 0.66 per cent of all worldwide browser users.
Since it was thrust onto an unexpectant world on 10 February, the Vole's latest creaky browser has slowly built up its download total with the IE9 beta and then the release candidate, which drew 11 million downloads.


Read more: http://www.theinquirer.net/inquirer/news/2030185/i...
The Inquirer

--
Was this reply relevant?
+0
-0
mogs CClip 11
Expert Contributor 2nd Mar, 2011 21:03
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK


Dev Channel Update
Monday, February 28, 2011 | 18:30
Labels: Dev updates
Note: We've updated the Dev channel to 11.0.686.1 for All platforms. This new build fixes the HTML5 issue noted below (Issue 74451).

The Dev channel has been updated to 11.0.686.0 for All platforms
All
Updated V8 - 3.1.6.1
Accelerated compositing turned on by default (use --disable-accelerated-layers to disable).
Fixed a bug affecting the bookmark manager and other extensions. (Issue 43448)
FTP: fixed a compatibility issue. (Issue 72060)
Windows
GPU acceleration and WebGL disabled for Windows XP
Windows Restart Manager restores Chrome on update-triggered restarts. (Vista/2008+).
Mac
Fix bugs related to the new infobar UI (Issue 73357) and Issue 73590))
Known Issues
HTML5 videos don't play on Vimeo.com (Issue 74451)
Gmail renders with narrower lines.

More details about additional changes are available in the log of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann...

--
Was this reply relevant?
+0
-0
mogs CClip 12
Expert Contributor 3rd Mar, 2011 08:36
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Banking Trojan Hijacks SSL Connections

March 3rd, 2011, 05:06 GMT| By Lucian Constantin

Security researchers from Symantec warn of a new banking trojan capable of hijacking the SSL connections between browsers and online banking sites in a way that is hard to spot.

Variants of this malware, which Symantec detects as Trojan.Tatanarg, have been in circulation since last October, but its code is believed to be based on an older threat called W32.Spamuzle.

The trojan has a modular architecture, with separate components handling different tasks, and the functionality of most banking malware.

It can inject rogue HTML code into pages (man-in-the-browser attacks), disrupt antivirus software, uninstall other banking trojans and enable Windows remote access.

It also features a backdoor component through which attackers can issue commands to control the infected computers

More at :-
http://news.softpedia.com/news/Banking-Trojan-Hija...

--
Was this reply relevant?
+0
-0
mogs CClip 13
Expert Contributor 3rd Mar, 2011 08:44
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Rogue AV pimps finally show love for alternative browsers

Ruse spoofs Firefox, Chrome, Safari
By Dan Goodin in San Francisco • Get more from this author
Posted in Malware, 2nd March 2011 22:50 GMT
For years, ads pimping malware disguised as legitimate antivirus programs have gone to great lengths to mimic the look and feel of Microsoft's Internet Explorer browser and Windows operating system. Now Mozilla Firefox, Google Chrome, and Apple Safari are getting the same treatment.

A security researcher from Zscaler has recently uncovered a campaign that's tailored to the browser that the intended victim is using. Those with IE will see the same tired graphic depicting a Windows 7 security alert, but look what happens when the visitor is using Firefox...............

Read more at :-
http://www.theregister.co.uk/2011/03/02/rogue_av_m...

--
Was this reply relevant?
+0
-0
mogs CClip 14
Expert Contributor 3rd Mar, 2011 08:47
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Beta Channel Update
Wednesday, March 2, 2011 | 17:56
Labels: Beta updates
The Chrome Beta channel has been updated to 10.0.648.126 for all platforms. This release contains stability improvements and UI tweaks. There is one known issue:

[Bug 74709] Clicking "Disable individual plug-ins" in Options causes crash

Full details about the Chrome changes are available in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 15
Expert Contributor 3rd Mar, 2011 10:44
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
From Windows 1.0 to Windows 7 – Upgrade Evolution

March 3rd, 2011, 08:03 GMT| By Marius Oiaga

There was a lot of criticism pointed at Microsoft for its decision not to support Windows XP to Windows 7 upgrades, but only allow Windows Vista users to seamlessly make the jump to the latest iteration of the Windows client.

However, the Redmond company did note at the time that customers could opt to upgrade from XP to Vista, and then from Vista to Windows 7, as both paths were supported.

Some Softpedia readers might remember that back in February 2009 I did a test to see whether this was indeed possible.

I set up to upgrade from Windows XP SP3 to Windows Vista SP1 and then to Windows 7. You can still read my article at this link.

More recently, one user has gone even further back. Andrew Tait proved that customers could have, at least theoretically, upgraded from Windows 1.0 all the way to Windows 7, by simply jumping from one version of the operating system to another.

Read more at :-
http://news.softpedia.com/news/From-Windows-1-0-to...

--
Was this reply relevant?
+0
-0
mogs CClip 16
Expert Contributor 3rd Mar, 2011 23:14
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Beta Channel Update
Thursday, March 3, 2011 | 11:03
Labels: Beta updates

The Chrome Beta channel has been updated to 10.0.648.127 for all platforms. This release fixes the following issue:
[Bug 74709] Clicking "Disable individual plug-ins" in Options causes crash
Full details about the Chrome changes are available in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome

http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 17
Expert Contributor 3rd Mar, 2011 23:19
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Yes, IE9 Is Very Close to RTW / Release

March 3rd, 2011, 11:58 GMT| By Marius Oiaga

Yes, Internet Explorer 9 is extremely close to Release to Web (RTW), a milestone which marks the global availability deadline.

I have seen reports today indicating that the development process for IE9 is moving forward, and of course, to say that this is true would be nothing more than stating the obvious.

Unfortunately, I cannot share details with the public at this point in time, nor will I be able to until the Redmond company gives me green light to do so.

But what I can say, what they’ll let me say, is that users, developers, partners, etc. should get ready, because IE9 is extremely close.

More at :-
http://news.softpedia.com/news/Yes-IE9-Is-Very-Clo...

--
Was this reply relevant?
+0
-0
mogs CClip 18
Expert Contributor 3rd Mar, 2011 23:24
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
WebGL: Interwebs 3D tech emerges from puberty

Google. Mozilla. Opera. Apple. Microsoft
By Cade Metz in San Francisco • Get more from this author
Posted in Developer, 3rd March 2011 20:02 GMT
WebGL – the emerging standard that provides hardware-accelerated 3D inside the browser – has reached the 1.0 milestone.

On Thursday, media-happy standards organization The Khronos Group announced the final 1.0 release of the WebGL specification, which maps JavaScript to the existing OpenGL desktop graphics interface. "We've been working on this for a couple of years, with experimental and provisional implementations," Nvidia's Neil Trevett, the president of The Khronos Group, tells The Register. "But today is a significant milestone, when we have finalized the 1.0 spec and released it publicly, so the browser vendors are able to push ahead to full production.

More at :-
http://www.theregister.co.uk/2011/03/03/webgl_one_...

--
Was this reply relevant?
+0
-0
mogs CClip 19
Expert Contributor 3rd Mar, 2011 23:27
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft pushes anti-AutoRun update at XP, Vista users
Changes update offer from optional to automatic

By Gregg Keizer
March 3, 2011 01:06 PM ETComments (0)Recommended (2)
Computerworld - Microsoft last week changed how it delivers an update that disables AutoRun, a Windows feature that big name worms, including Conficker and Stuxnet, have used to infect millions of PCs.

The company is now pushing the update to Windows XP and Vista users automatically.

More at :-
http://www.computerworld.com/s/article/9212938/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 20
Expert Contributor 3rd Mar, 2011 23:30
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft won't patch IE before Pwn2Own
Will address four vulnerabilities in next week's Patch Tuesday, including first fix for Windows 7 SP1

By Gregg Keizer
March 3, 2011 04:15 PM ETComments (0)Recommended (0)
Computerworld - Microsoft today revealed that it will not update Internet Explorer (IE) before the Pwn2Own hacking contest begins next week.

Instead, Microsoft plans to ship three security updates on Tuesday to patch four vulnerabilities in Windows and its Office Groove 2007 collaboration software, the company announced today.

More at :-
http://www.computerworld.com/s/article/9213078/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 21
Expert Contributor 4th Mar, 2011 08:16
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chrome OS Beta Channel Update
Thursday, March 3, 2011 | 14:31
Labels: Chrome OS

The Chrome OS Beta channel has been updated to R10 release 0.10.156.46 including the new Chrome 10 Beta, new trackpad and several stability and functional improvements over the previous release. This release contains the following security fixes:
Scratchpad application security vulnerability fix
In addition to all Chrome 10 new features (see Chrome 10 blogpost), there are several Chrome OS great improvements including:
3G modem activation fixes
3G connection to the carrier fixes
Wi-Fi connectivity/Out of the Box fixes
New trackpad and sensitivity setting adjusted
Auto update engine and debugging improvements
Power optimizations
GTalk video/chat optimizations
Audio CPU utilization improvements
Improved on screen indicators: brightness, network status, update icon
There is one known issue:
[Bug 12085] Audio does not pick up until browser refresh upon lid re-open
You can find full list of fixes that are in Chrome OS R10 in the chromium-os bug tracker . If you find new issues, please let us know by visiting our help site or filing a bug.
Josafat Garcia
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 22
Expert Contributor 4th Mar, 2011 10:32
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Dev Channel Update......Note
Monday, February 28, 2011 | 18:30
Labels: Dev updates
Note: We've updated the Dev channel to 11.0.686.3 for All platforms. This new build fixes the autofill related crash (Issue 74511).

Note: We've updated the Dev channel to 11.0.686.1 for All platforms. This new build fixes the HTML5 issue noted below (Issue 74451).

The Dev channel has been updated to 11.0.686.0 for All platforms
All
Updated V8 - 3.1.6.1
Accelerated compositing turned on by default (use --disable-accelerated-layers to disable).
Fixed a bug affecting the bookmark manager and other extensions. (Issue 43448)
FTP: fixed a compatibility issue. (Issue 72060)
Windows

--
Was this reply relevant?
+0
-0
mogs CClip 23
Expert Contributor 4th Mar, 2011 10:36
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Download Opera 11.10 Barracuda Alpha Build 2018 Now with Zoomable Speed Dial

March 4th, 2011, 09:19 GMT| By Marius Oiaga

The latest development snapshot of Opera 11.10 codenamed Barracuda takes Speed Dial to a whole new level, with the feature having already been kicked up a notch in an earlier Alpha preview.

Opera Software made it very clear early on in the development of codenamed Barracuda , that Opera 11.10 would be synonymous with a consistent boost to how users navigate to their favorite online destinations immediately after firing up the browser, or after opening a new Tab / window.

As of Opera 11.10 Barracuda Alpha Build 2018, early adopters can take advantage of zoomable Speed Dial.

Read more at :-
http://news.softpedia.com/news/Download-Opera-11-1...

--
Was this reply relevant?
+0
-0
mogs CClip 24
Expert Contributor 4th Mar, 2011 10:40
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Apple to patch Safari before Pwn2Own, say researchers
Clues point to impending update that will beef up browser before next week's hacking contest

By Gregg Keizer
March 3, 2011 03:07 PM ETComments (0)Recommended (7)
Computerworld - Apple will patch its Safari browser before the Pwn2Own hacking contest kicks off next week, security researchers hinted today.

If accurate, Apple will join both Google and Mozilla, which earlier this week issued security updates for Chrome and Firefox as preparation for Pwn2Own

More at :-
http://www.computerworld.com/s/article/9213018/App...




--
Was this reply relevant?
+0
-0
mogs CClip 25
Expert Contributor 4th Mar, 2011 23:29
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
First Patch for Windows 7 SP1 RTM Will Fix Critical Vulnerability

March 4th, 2011, 11:51 GMT| By Marius Oiaga

In less than a month after the general availability deadline of Windows 7 Service Pack 1, Microsoft is preparing to release the first update designed to resolve a Critical security vulnerability in the upgraded copies of Windows Vista’s successor.

As part of the company’s normal patch cycle, this month’s security bulletins will be released on March 8th at 10:00 a.m. PST.

Only customers running Windows and Office will need to apply the patches, with those leveraging the operating system having to treat one of the security bulletins as a priority when it comes down to deployment.

Read more at :-
http://news.softpedia.com/news/First-Patch-for-Win...

--
Was this reply relevant?
+0
-0
mogs CClip 26
Expert Contributor 4th Mar, 2011 23:32
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Download Firefox 4.0 RC Preview and Firefox 3.6.15

March 4th, 2011, 18:25 GMT| By Marius Oiaga

The first Release Candidate for Firefox 4.0 is just around the corners, and early adopters that “know their way around” a nightly build can grab a preview of the RC development milestone and start testing it.

Firefox 4.0rc1-candidates are now available for download via the browser maker’s FTP servers, but as I said above, this is nothing more than a nightly Build, and certainly not the fully fledged RC.

This is why, early adopters that can bear to exercise their patience a tad longer should do so, because it won’t be long now until Mozilla will launch Firefox 4.0 RC.

“[On March 3, 2011] we ordered release candidate builds for Firefox 4, which have been duly produced and are now being validated by our QA team before we ship them to our beta audience,” revealed Mike Beltzner, Mozilla’s Director of Firefox

Read more at :-
http://news.softpedia.com/news/Download-Firefox-4-...

--
Was this reply relevant?
+0
-0
mogs CClip 27
Expert Contributor 5th Mar, 2011 11:38
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
WordPress' Automattic dashboard shows the outage caused by a DDoS attack this morning.
(Credit: WordPress)
The popular blogging-site hoster WordPress was hit with another distributed denial-of-service attack this morning, the second in two days.
"Unfortunately, the DDoS attack from yesterday returned in a different form this morning and affected sitewide performance," the company said in a notice on its Automattic site, which serves as a dashboard for the service. "The good news is that we were able to mitigate it quickly and performance returned to normal around 11:15 UTC. We are continuing to monitor the situation closely."
Stats on Automattic.com show that the site was affected for about an hour or so starting around 3:15 a.m. PST. One day earlier, WordPress was hit with an attack that reached "multiple Gigabits per second and tens of millions of packets per second," hampering the company's three ... Read full post & comments


Read more: http://news.cnet.com/security/#ixzz1FiiigFTB

--
Was this reply relevant?
+0
-0
mogs CClip 28
Expert Contributor 5th Mar, 2011 11:42
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Rate of Malicious Email Spikes: MessageLabs
March 2, 2011
By Stuart J. Johnston

Malware accounted for one in every 290 emails in February, according to the latest report from MessageLabs, and the study's authors say it's getting worse, not better.

The most popular vehicle for delivering malicious software in February was to conceal the threat within a PDF file.

MessageLabs estimated that 65 percent of targeted attacks in 2010 used a PDF exploit, up 12.4 percent from the 2009 market of 52.6 percent.

More at :-
http://www.esecurityplanet.com/features/article.ph...

--
Was this reply relevant?
+0
-0
mogs CClip 29
Expert Contributor 5th Mar, 2011 11:45
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Germany provides a secure way to deal with spam
By demanding real-world identification from email senders, a new government-backed service may stop spam

By Peter Sayer | IDG News Service


In theory, stopping spam is easy: just make it uneconomic to send millions of messages by charging for each one sent, or make senders authenticate their identity to stop address spoofing and simplify blocking.

In practice, that would involve building a secure, parallel email infrastructure linking electronic authentication with real-world identities: a daunting task. Yet that's just what Germany is about to do.

Read more at :-
http://www.infoworld.com/d/security/germany-provid...

--
Was this reply relevant?
+0
-0
mogs CClip 30
Expert Contributor 5th Mar, 2011 19:33
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Giveaway: Ashampoo Photo Commander
March 5th, 2011, 11:57 GMT| By Ionut Ilascu

Photo Commander from Ashampoo: some of you know it, some may have only heard of its abilities others. Regardless of the case, our deal is fairly simple: we have 10 licenses to give away for this application, and to get one you have to show us you can put the program to good use.

To achieve this, you can drop several lines in the comments section of our review. The text has to be relevant to the software. In other words, anything relating to Ashampoo Photo Commander, be it good or bad, makes for a perfect fit.

If you want to express your opinion in a video, feel free to do so, but remember to let us know of your project in the comments. Winners will be those who come up with the most pertinent content.

Read more at :-
http://news.softpedia.com/news/Giveaway-Ashampoo-P...

--
Was this reply relevant?
+1
-1
mogs CClip 31
Expert Contributor 5th Mar, 2011 20:20
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
What does an error message from anti-virus software AVG mean?
A conflict between AVG and Zonealarm software causes an error message to pop up on computers running Windows XP, but there are a couple of things you can do


Read more: http://m.computeractive.co.uk/ca/pc-help/1937033/e...


--
Was this reply relevant?
+0
-0
mogs CClip 32
Expert Contributor 5th Mar, 2011 20:26
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Q I use Windows XP and have recently had to use the System Restore feature.
It made me wonder what happens to all the automatic updates that were downloaded before the restore – are they lost or will Windows install them again automatically?
Tony Atkinson


Read the answer at: http://m.computeractive.co.uk/ca/pc-help/1937034/s...


--
Was this reply relevant?
+0
-0
mogs CClip 33
Expert Contributor 6th Mar, 2011 03:13
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Countdown to Internet Explorer 6 (IE6) Extinction

March 5th, 2011, 21:47 GMT| By Marius Oiaga

10 years ago a browser was born, and now it’s time for it to come full circle. Microsoft has launched a new online experience designed to monitor the countdown to the near-extinction of Internet Explorer 6.

Near-extinction for the software giant is equivalent with getting IE6 usage worldwide to under 1%, a realistic goal for the foreseeable future of the decade-old browser.

Microsoft’s message is quite simple, and the Redmond company has been consistent in transmitting it: IE6 was a great browser, for its time, but it has also become obsolete and it’s time for users worldwide to embrace browsers capable of supporting modern web standards.

“Now that it’s 2011, IE6 is officially a ten-year old browser. According to Net Applications, IE6 still has 12% share worldwide,” revealed Roger Capriotti, director, Internet Explorer Product Marketing.

More at :-
http://news.softpedia.com/news/Countdown-to-Intern...

--
Was this reply relevant?
+0
-0
mogs CClip 34
Expert Contributor 6th Mar, 2011 11:28
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
The Dawn of the Super Server
By GARY ORENSTEIN of GigaOm
Published: March 5, 2011

We’re in the midst of a computing implosion: a re-centralization of resources driven by virtualization, many-core CPUs, GPU computing, flash memory, and high-speed networking. Some have predicted, only half-jokingly, that we will be able to buy a mainframe in a pizza box server that fits in a small fraction of a data center rack. That possibility — and in my opinion, inevitability — means we have a lot to watch over the next few years: what I like to call the coming of the Super Server.

More at :-
http://www.nytimes.com/external/gigaom/2011/03/05/...

--
Was this reply relevant?
+0
-0
mogs CClip 35
Expert Contributor 6th Mar, 2011 11:32
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
U.S. Cites a Top Chinese Web Site in the Sale of Fake Goods
By THE ASSOCIATED PRESS

BEIJING (AP) — The United States government has labeled China’s top search engine, Baidu, and Taobao, a popular Chinese-based e-commerce platform, as “notorious markets” linked to sales of pirated and fake goods.

The two companies were among 33 Web sites or public markets in China, Russia, India and other countries that the United States Trade Representative’s office said facilitated commerce in music, clothing and other goods that were fake or unauthorized copies.

More at :-
http://www.nytimes.com/2011/03/02/business/global/...

--
Was this reply relevant?
+0
-0
mogs CClip 36
Expert Contributor 7th Mar, 2011 09:08
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Mozilla challenges Apple, Google with 'open' app store

HTML5 on road to recovery with Web Applications
By Gavin Clarke in San Francisco • Get more from this author
Posted in Software, 7th March 2011 04:00 GMT
Firefox daddy Mozllla has released early code in its campaign to create a completely open alternative not only to Apple's app stores but also Google's fledging Chrome web store.

Mozilla's Labs has delivered the first developer release of its Web Application project. The goal is to serve up web-based apps for any device and any browser.

Read more at :-
http://www.theregister.co.uk/2011/03/07/mozilla_we...

--
Was this reply relevant?
+0
-0
mogs CClip 37
Expert Contributor 7th Mar, 2011 09:13
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Denial of Service Attacks: A Hall of Shame
By Tim Greene, NetworkWorld Mar 6, 2011 5:27 pm

Distributed denial of service (DDoS) attacks like the ones that nailed WordPress blogs in early March have been around for decades, but it's only in the last dozen years that they've had enough impact to grab public attention.

With the rise and commercial availability of botnets that provide a distributed platform from which to launch these attacks the means to carry them out are accessible.

BEYOND DDOS: PayPal CISO says DDoS attacks just one of many threats

Due to the cost, though, they have to be carried out by a motivated adversary bent on harm since there is little way to reap monetary profit from them aside from blackmailing potential victims with threats of crippling their servers.

More at :-
http://www.pcworld.com/article/221460/denial_of_se...

--
Was this reply relevant?
+0
-0
mogs CClip 38
Expert Contributor 7th Mar, 2011 10:35
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows 8 Plus the Cloud, the Possibilities Are Endless

March 7th, 2011, 09:16 GMT| By Marius Oiaga

Leaked screenshots reportedly from a Milestone 2 Build of Windows 8 seem to indicate that the Cloud will play a bigger role than it does today for Windows 7.

More specifically, the leaked info is focused on Windows Live, with Windows vNext reportedly being capable of enabling users to connect local and Cloud accounts seamlessly.

The information wasn’t confirmed by Microsoft officially, and customers are warned that it could turn up to be nothing more than speculation, with no actual results in the successor of Windows 7.

More at :-
http://news.softpedia.com/news/Windows-8-Plus-the-...

--
Was this reply relevant?
+0
-0
mogs CClip 39
Expert Contributor 7th Mar, 2011 11:19
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Apple Pushes to See Safari 5 Uncompromised at Pwn2Own 2011, Plans Update

March 7th, 2011, 09:22 GMT| By Filip Truta

Apple will attempt to stop hackers in their tracks with a Safari patch set to fix numerous WebKit vulnerabilities, according to security firm Vupen. The move was rather foreseeable with the Pwn2Own hacking contest mere days away.

A leading IT security research company providing vulnerability management and security intelligence solutions, France-based Vupen Security said Apple would be rolling out a patch to close up Safari’s holes after a similar patch was issued last week for iTunes.

The software vendor doesn’t specify whether this information is coming directlyfrom Apple, or whether it is simply logical that Apple will do everything in its power to surround Safari with walls as hackers take aim at it with their know-how.

More at :-
http://news.softpedia.com/news/Apple-Pushes-to-See...

--
Was this reply relevant?
+0
-0
mogs CClip 40
Expert Contributor 7th Mar, 2011 19:40
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
IE9 vs. IE8 vs. IE7

March 7th, 2011, 18:00 GMT| By Marius Oiaga

Just in case you still have doubts about the huge evolution that Internet Explorer 9 represents over its predecessors, Microsoft has put together a comparison chart designed to illustrate the advantages that the next generation of IE has over IE8 and IE7.

IE9 has been downloaded over 36 million times already, 25 million while it was still in Beta and the remaining 11 million after it graduated to the Release Candidate (RC) stage.

There have to be absolutely no questions about IE9’s superiority to IE7 and IE8 for the early adopters that have already tested the browser.

I’ve said it, and I’m going to say it again, IE9 is in a different league than any other IE release offered by the software giant.

The comparison chart offered by the Redmond company is simply a visual representation of IE9’s superiority in three categories: performance, user interface and user experience, and security.

See chart at :-
http://news.softpedia.com/news/IE9-vs-IE8-vs-IE7-1...

--
Was this reply relevant?
+0
-0
mogs CClip 41
Expert Contributor 7th Mar, 2011 19:52
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

IE6 Isn't the Only Obsolete Browser In Use
By Michael Muchmore0digg

With Microsoft's push to eradicate its aging, problematic IE6 browser, PCMag looked into what other outdated surfing software people are still using. The array of Web browsers still in circulation would probably surprise the majority of Internet users, who by a large margin now browse with newer versions of IE, Firefox, Chrome, and Safari.
To conduct this investigation, we started PCMag.com's own traffic analysis tools, Adobe Omniture SiteCatalyst, to see what unlikely software our readers were using, then checked out Internet-wide stats from Net Applications' NetMarketShare.
First, let's see where the leaders stand on PCMag.com. For all of 2011 up to the present moment, 28 percent of our readers used Firefox 3.6, followed closely by Internet Explorer 8, with 26 percent. A bigger gap separated the next app—Google Chrome 8, with 9.6 percent. Since the latest version of Chrome is 9, and the software updates automatically, I checked the first week of March, finding Chrome 9's share up over 17 percent, with version 8 dropping all the way to 0.4 percent. That's a great case for Google's auto-update strategy, which would have saved Microsoft from its present IE6 predicament. But it didn't save over 600 of our site visitors from using Chrome 1.0, and over twice that from using version 2.
More at :-
http://www.pcmag.com/article2/0,2817,2381526,00.as...

--
Was this reply relevant?
+1
-1
mogs CClip 42
Expert Contributor 8th Mar, 2011 08:22
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Internet Explorer 9 (IE9) Power Tips from Microsoft
By Marius Oiaga

Internet Explorer 9 is nearly complete, and as Microsoft is gearing up for the RTW (release to web) milestone, the release Candidate (RC) build continues to be available for those users that want to get a taste of the next generation of IE.

One way to get a tad more from the successor of IE8 is to access the “Power tips for Internet Explorer 9” webpage that the software giant has set up.

The page, which is live on the IE9 site on Windows.com, offers a total of four tips:

“1. Faster ways to get to your websites - Discover different ways to easily get to your favorite websites.

2. Top keyboard shortcuts - Learn how keyboard shortcuts can help you accomplish tasks more quickly.

3. Change and manage search providers - Take advantage of all that the address bar has to offer.

4. Manage add-ons - Find out how to manage add-ons, like toolbars, in Internet Explorer 9.”

While the recommendations from Microsoft might not seem as much, users should not shrug them off entirely.

Fact is that proper add-on management can speed up IE9 considerably, for example. I for one am always running without any extensions or add-ons enabled, and it’s just a pure browsing experience.

More at :-
http://news.softpedia.com/news/Internet-Explorer-9...

--
Was this reply relevant?
+0
-0
mogs CClip 43
Expert Contributor 8th Mar, 2011 08:39
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Mozilla urges users to update graphics drivers for Firefox 4
Tells users to download newest Windows graphics drivers for hardware acceleration

By Gregg Keizer

Computerworld - Mozilla has urged users to update their graphics cards' drivers if they want to take advantage of Firefox 4's hardware acceleration.

Last Friday, Benoit Jacob, who works on Mozilla's platform engineering team, spelled out why users should verify that their computers, especially PCs powered by Windows, have the latest graphics drivers.

"When we turned these features on by default in nightly builds around September last year, and then in [Firefox 4] Beta 7, crash statistics and bug reports quickly showed that bugs in graphics drivers were often making these features misbehave," Jacob said in a blog post. "We reacted by selectively disabling these new features on buggy drivers, based on the large amounts of information collected by beta testers."

More at :-
http://www.computerworld.com/s/article/9213648/Moz...

--
Was this reply relevant?
+0
-0
mogs CClip 44
Expert Contributor 8th Mar, 2011 21:04
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft Detects Spikes in SWF Malware Attacks Using Embedded JavaScript

March 8th, 2011, 11:09 GMT| By Lucian Constantin

Microsoft has seen spikes in the number of attacks using SWF malware that embeds malicious JavaScript and warns that this technique might become more prevalent in the near future.

SWF-based malware is not new. It is commonly used to exploit vulnerabilities in Adobe Flash Player in order to install further threats on computers.

The new trojan identified by Microsoft and dubbed Trojan:SWF/Jaswi.A targets CVE-2010-0806, an arbitrary code execution vulnerability in Internet Explorer 6 and 7.

More at :-
http://news.softpedia.com/news/Microsoft-Sees-Spik...

--
Was this reply relevant?
+0
-0
mogs CClip 45
Expert Contributor 8th Mar, 2011 21:11
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
IPv6 intro creates spam-filtering nightmare

Blacklist extinction looms
By John Leyden • Get more from this author
Posted in Spam, 8th March 2011 14:16 GMT
The migration towards IPv6, which has been made necessary by the expansion of the internet, will make it harder to filter spam messages, service providers warn.

Read more at :-
http://www.theregister.co.uk/2011/03/08/ipv6_spam_...

--
Was this reply relevant?
+0
-0
mogs CClip 46
Expert Contributor 8th Mar, 2011 21:14
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chrome Stable Release
Tuesday, March 8, 2011 | 08:00
Labels: Stable updates
The Google Chrome team is excited to announce the arrival of Chrome 10.0.648.127 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame. Chrome 10 contains some really great improvements including:
New version of V8 - Crankshaft - which greatly improves javascript performance
New settings pages that open in a tab, rather than a dialog box
Improved security with malware reporting and disabling outdated plugins by default
Sandboxed Adobe Flash on Windows
Password sync as part of Chrome Sync now enabled by default
GPU Accelerated Video
Background WebApps
webNavigation extension API

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 47
Expert Contributor 8th Mar, 2011 21:19
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
The average website is vulnerable more than 270 days a year

Faulty code is often the problem
By Asavin Wattanajantra
Tue Mar 08 2011, 11:43
THE AVERAGE WEBSITE is vulnerable most days of the year, according to a report.
Insecurity firm Whitehat examined more than 3,000 websites across 400 organisations during 2010. It looked at each website's window of exposure, combining research about vulnerability prevalence, time to took to fix problems, and the percentage that were cleaned up.
It found that the average website fell into the category of "always" or "frequently" vulnerable, exposed more than 270 days of the year.
"It's inevitable that websites will contain some faulty code - especially in sites that are continually updated," said Whitehat Security founder Jeremiah Grossman.
The research also found that 64 per cent of websites had at least one information leakage flaw, overtaking cross-site scripting as the top bugbear from the year before. This is a vulnerability where a website will reveal sensitive information, like user or technical data for example.


Read more: http://www.theinquirer.net/inquirer/news/2032118/a...
The Inquirer

--
Was this reply relevant?
+0
-0

jannypan

RE: Daily CYBERCLIPS March
[+]
This reply has been deleted
mogs CClip 48
Expert Contributor 9th Mar, 2011 08:18
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Chrome Dev Channel Update
Tuesday, March 8, 2011 | 18:29
The Dev channel has been updated to 11.0.696.0 for Windows, Macintosh, and Chrome Frame platforms

All
Updated V8 - 3.2.0.1
New “cookies and other data” page in tabbed settings (Issue 64154).
Mac
Turned confirm to quit on by default (Issue 60591)
Tweak the Tab Overview UI (Issue 50307)
Cloud Print connector UI enabled.
Known Issues
Regression: Can not select omnibox auto suggested entries by clicking at it (Issue 75366)
REGRESSION: Bookmark focus is not lost when moved away from the bookmark bar (Issue 75367)
More details about additional changes are available in the log of all revisions. You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann... If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry
Karen Grunberg
Google Chrome

--
Was this reply relevant?
+0
-0
mogs CClip 49
Expert Contributor 9th Mar, 2011 09:31
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
New Browser Plug-In Provides Real-Time URL Scanning in Search Results

March 8th, 2011, 17:49 GMT| By Lucian Constantin

A new Firefox and Internet Explorer plug-in called M86 SecureBrowsing offers real-time malware scanning for URLs displayed in search results and on social media websites.

The plug-in was developed by M86 Security, a provider of gateway Web and messaging security solutions, and is free to use.

Once installed, M86 SecureBrowsing anonymously sends all URLs displayed in search results on Google, Yahoo! and Bing, back to the company's cloud systems.

The cloud scanners check those pages using the company's Real-Time Code Analysis (RTCA) technology and report back with the status.

Read more at :-
http://news.softpedia.com/news/New-Browser-Plug-In...

--
Was this reply relevant?
+0
-0
mogs CClip 50
Expert Contributor 9th Mar, 2011 09:35
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows 7 SP1 RTM Blue Screens of Death Due to Language Packs

March 8th, 2011, 16:20 GMT| By Marius Oiaga

Microsoft has confirmed an issue with the deployment of Windows 7 Service Pack 1 RTM in which, following the installation process, some customers can experience a Blue Screen of Death crash accompanied by "Error C000009A."

According to the Redmond company, at fault are language packs that the users have already integrated with the operating system prior to starting to install SP1.

Customers do have a solution, but it requires quite a lot of time and effort on their part, as they will need to perform all steps manually.

Read more at :-
http://news.softpedia.com/news/Windows-7-SP1-RTM-B...

--
Was this reply relevant?
+0
-0
mogs CClip 51
Expert Contributor 9th Mar, 2011 18:50
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Internet Explorer 9 pulls on best pants for 14 March release

'We want to make the interwebs a more beautiful place', say two grey MS men
By Kelly Fiveash • Get more from this author
Posted in Applications, 9th March 2011 17:07 GMT
Microsoft is to release its forthcoming browser Internet Explorer 9 on 14 March.

The company said in a blog post that the final HTML5-heavy IE 9 software code – which comes loaded with hardware-accelerated graphics as well as a new fast JavaScript engine, codenamed Chakra – will be pushed out to all comers next Monday.

Apparently, Microsoft still has some "surprises" in store for anyone interested in downloading the company's latest iteration of Internet Explorer, which remains the dominant browser despite hot competition from Mozilla and Google.

Read more at :-
http://www.theregister.co.uk/2011/03/09/internet_e...

--
Was this reply relevant?
+0
-0
mogs CClip 52
Expert Contributor 9th Mar, 2011 18:55
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Confusion Mounts as EU Cookie Law Implementation Deadline Draws Near
March 9th, 2011, 09:33 GMT| By Lucian Constantin

As the deadline to implement the controversial EU Telecoms Reform Directive (TRD) draws near there is still confusion as to how its tracking cookie requirements will be put into practice.

The proposed regulation is sometimes referred to as the "Cookie Directive," because of one of the most important amendments it brings to the Privacy and Electronic Communications Directive (PECD), concerns browser cookies.

The new regulation would require websites to ask for explicit consent from users before storing tracking cookies like those used for behavioral advertising purposes.

But despite member states having until May 25 to implement this regulation, there are still questions about how the consent should be obtained.

Read more at :-
http://news.softpedia.com/news/Confusion-Mounts-as...

--
Was this reply relevant?
+0
-0
mogs CClip 53
Expert Contributor 9th Mar, 2011 19:03
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
PWN2OWN Goes Deep to Exploit Browsers

By Sean Michael Kerner
The Pwn2own hacking challenge, sponsored by HP TippingPoint has emerged as one of the pre-eminent security events in any given calendar year. Security researchers compete to see who can hack web browsers and mobile platforms with cash and prizes up for grabs.

This year more money than ever will be on this line for researchers that specifically target Chrome, though Firefox, IE and Safari are still in researchers' crosshairs. Google is putting up $20,000 for Chrome vulnerabilities, while the total contest prize pool is approximately $125,000. Mobile platforms are also set to be targeted as researchers go beyond just the operating system to take aim at the underlying hardware as well. Researchers will also be going after the most secure aspects of browser security in an effort to demonstrate vulnerabilities.

More at :-
http://www.esecurityplanet.com/features/article.ph...

--
Was this reply relevant?
+0
-0
mogs CClip 54
Expert Contributor 9th Mar, 2011 19:08
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
MARCH 09, 2011
Anti-virus tests find security programs fooled by attack vector
Malware that is blocked one time may be allowed through via another route, such as through a local network fileshare or USB drive

A new round of anti-virus testing has found some products fail to detect malware that tries to infect a computer via a different attack vector, such as through a local network fileshare or a USB drive.

The tests, conducted by NSS Labs, sought to find out how effective security products are at detecting malware from various attack vectors. Malware can be delivered to a computer via rigged websites, email attachments, and USB flash drives, among other ways.

More at :-
http://www.infoworld.com/d/security/anti-virus-tes...

--
Was this reply relevant?
+0
-0
mogs CClip 55
Expert Contributor 10th Mar, 2011 19:37
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
IE8 Hacked at Pwn2Own with Three Chained Exploits

March 10th, 2011, 09:57 GMT| By Lucian Constantin

Internet Explorer 8 was the second browser to fall at the Pwn2Own hacking contest, but the security researcher responsible for the hack had to chain together three exploits.

Pwn2Own 2011 kicked off yesterday at the CanSecWest conference in Vancouver, Canada, with Safari being compromised in five seconds by researchers from VUPEN Security.

Internet Explorer 8 followed shortly, but unlike the Safari exploit which was executed via a transparent drive-by-download attack, the IE hack required the user to interact with the page and click on a link.

The compromise was the achievement of Irish security researcher and Metasploit developer Stephen Fewer, who had to exploit three vulnerabilities in order to get the job done.

In addition to proving arbitrary code execution by launching calc.exe, Fewer's attack also bypassed the IE Protected Mode and write to a file.

The researcher told ZDNet he needed six weeks to find the three vulnerabilities and write a reliable exploit, the Protected Mode bypass being the hardest part.

Read more at :-
http://news.softpedia.com/news/IE8-Compromised-at-...

--
Was this reply relevant?
+0
-0
mogs CClip 56
Expert Contributor 10th Mar, 2011 19:46
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Google's Chrome untouched at Pwn2Own hack match
Scheduled attackers don't show, or pass on exploiting sandboxed browser

By Gregg Keizer
March 10, 2011 06:34 AM ETComments (13)Recommended (33)
Computerworld - Google's $20,000 was as safe at Pwn2Own Wednesday as if it had been in the bank.

The search giant had promised to pay $20,000 to the first researcher who broke into Chrome on the hacking contest's opening day.

But no one took up Google's offer.

More at :-
http://www.computerworld.com/s/article/9214022/Goo...

--
Was this reply relevant?
+0
-0
mogs CClip 57
Expert Contributor 10th Mar, 2011 19:58
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Mozilla puts out a Firefox 4 release candidate

The wait is almost over
By Lawrence Latif
Thu Mar 10 2011, 09:52
SOFTWARE DEVELOPER Mozilla has announced that its Firefox 4 web browser has finally made it out of beta and is now available as a release candidate.
Mozilla released 12 betas of Firefox 4 before reaching the release candidate stage and says that those who are currently on the beta release will be automatically updated to the release candidate, which is available in 70 languages. Those who update will be "validating the new features, enhanced performance and stability and HTML5 capabilities in Firefox 4", says Mozilla.


Read more: http://www.theinquirer.net/inquirer/news/2032904/m...
The Inquirer

--
Was this reply relevant?
+0
-0
mogs CClip 58
Expert Contributor 11th Mar, 2011 06:49
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
New Fake DHL Notifications Spread Trojans

March 10th, 2011, 16:22 GMT| By Lucian Constantin

Security researchers warn about a new wave of fake DHL email notifications that try to trick people into installing the SpyEye banking trojan on their computers.

The rogue emails bear a subject of "DHL Noticifaction" [sic.] and have forged headers to appear as originating from a infoom@dhl.com email address.

The body message tells recipients to expect a parcel in seven days and instructs them to read more information in the attached document.

"Dear customer. The parcel was send your home address. And it will arrice [sic.] within 7 bussness [sic.] day. More information and the tracking number are attached in document below. Thank you," it reads.

The attachment is called DHL_Document.zip and contains an executable with the same name. There appears to be two different pieces of malware being distributed by this campaign.

One is a almost certainly a trojan dropper, but according to a Virus Total scan, detection is all over the place. Some antivirus programs detect it as Oficla, others as a backdoor called Bitfrose, while a few as the Zbot banking trojan.

More at :-
http://news.softpedia.com/news/New-Fake-DHL-Notifi...

--
Was this reply relevant?
+0
-0
mogs CClip 59
Expert Contributor 11th Mar, 2011 07:00
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Dev Channel Update
Thursday, March 10, 2011 | 18:21
The Dev channel has been updated to 11.0.696.3 for All platforms

The following bugs were fixed
Can not select omnibox auto suggested entries by clicking at it (Issue 75366).
Linux: "Behavior " string is not externalized on the Exceptions page(Issue 74080).
Chromium not loading some plugins (Issue 75351).
POST omits body after NTLM authentication (Issue 62687).

Known Issues
Crash when opening tab/startup @ SkBitmap::lockPixels (Issue 75531).

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann...

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

--
Was this reply relevant?
+0
-0
mogs CClip 60
Expert Contributor 12th Mar, 2011 08:10
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
IE9 Safe from IE8 Pwn2Own 2011 Type Attacks

March 11th, 2011, 14:21 GMT| By Marius Oiaga

According to Microsoft, the soon-to-be-released Internet Explorer 9 is safe from the type of attack used to hack its predecessor, Internet Explorer 8 at the Pwn2Own 2011 hack contest at CanSecWest.

A representative of the Microsoft Security Response Team turned to Twitter after what it appears to be an initial investigation of the IE8 hack techniques used at Pwn2Own 2011 to reveal to the world that IE9 is not impacted by the issue which allowed IE8 to be pwned.

But I have to mention from the start that the wording of the Redmond company’s tweets is a tad strange, and it could generate some confusion.

This because the member of the security response team at Microsoft acknowledges only a single exploit and a single vulnerability in Internet Explorer 8.

More at :-
http://news.softpedia.com/news/IE9-Safe-from-IE8-P...

--
Was this reply relevant?
+0
-0
mogs CClip 61
Expert Contributor 12th Mar, 2011 08:18
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Pwn2own: BlackBerry and iPhone Fall, Chrome and Firefox Untouched
March 11, 2011
By Sean Michael Kerner

The Pwn2own hacking challenge claimed two more victims this week.

Apple's iPhone and Research in Motion’s BlackBerry were both successfully exploited by security researchers. The iPhone and BlackBerry join Microsoft's IE and Apple Safari as technologies that researchers were able to exploit. Google's Android and Chrome, as well as Mozilla's Firefox, all emerged unscathed.

The Pwn2own hacking challenge is run by HP TippingPoint and offers security researchers cash and prizes for showing security exploits in browsers and mobile platforms. The demonstrated flaws are then kept under wraps and provided to the affected vendor so that a patch can be built.

More at :-
http://www.esecurityplanet.com/features/article.ph...

--
Was this reply relevant?
+0
-0
mogs CClip 62
Expert Contributor 12th Mar, 2011 08:21
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Stable and Beta Channel Updates
Friday, March 11, 2011 | 10:26
Labels: Beta updates, Stable updates
The Chrome Stable and Beta channels have been updated to 10.0.648.133 for Windows, Mac, Linux and Chrome Frame. This release fixes the following security issue:

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
[$1337] CVE-2011-1290 [75712] High Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI.
If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 63
Expert Contributor 12th Mar, 2011 19:34
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
IE9 RTW - 9 Reasons Chrome and Firefox Users Will Love It

March 12th, 2011, 12:30 GMT| By Marius Oiaga

Internet Explorer 9 RTW (release to web) is just a couple of days away. And with IE9 RTW scheduled to go live on March 14th, 2011 at 9 p.m., the browser has already been downloaded well in excess of 36 million times.

Even so, IE9’s journey will only truly begin on Monday. Starting next week, Windows Vista SP2 and Windows 7 users running IE8 will have an amazing upgrade available, guaranteed to take their browsing experience to the next level.

And customers that switched from IE to Firefox and Chrome will finally have a valid reason to switch back, with those thinking about jumping ship also bound to find reasons for a change of heart. In preparation for the IE9 RTW launch in just two days, I thought I’d provide my view of why Firefox and Chrome users would love IE9.

Read more at :-
http://news.softpedia.com/news/IE9-RTW-9-Reasons-C...

--
Was this reply relevant?
+0
-0
mogs CClip 64
Expert Contributor 13th Mar, 2011 09:53
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Denmark to swap stamps for texts

Run out of stamps? In Denmark you will be able to use a mobile instead.
People stuck for a stamp in Denmark will soon be able to send a text message to pay the postage on a letter.

From 1 April, the Danish post office is introducing The Mobile Postage service that does away with stamps for standard sized letters.

Instead, people will send a text to the post office and get back a code they write on the envelope.
More at :-
http://www.bbc.co.uk/news/technology-12703744

--
Was this reply relevant?
+0
-0
mogs CClip 65
Expert Contributor 13th Mar, 2011 09:57
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Last edited on 13th Mar, 2011 09:58
I get errors when Windows starts - what's wrong?
We show how to disable troublesome programs using a Windows tool
Tom Royal PC help Windows 12/03/2011


If you get errors every time Windows starts up, there's probably a program running when Windows starts that's causing the error.
The MSCONFIG tool allows you to see which programs run every time Windows starts and disable any that you do not want.
Our video shows how to run MSCONFIG and disable a program. Remember to only ever disable one program at a time, and take great care when choosing - disabling the wrong one could prevent Windows from starting altogether.


Read more and watch the video at: http://www.computeractive.co.uk/ca/pc-help/2030339...


--
Was this reply relevant?
+0
-0
mogs CClip 66
Expert Contributor 13th Mar, 2011 10:13
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
New Attacks Leverage Unpatched IE Flaw, Microsoft Warns
By Robert McMillan, IDG News Mar 12, 2011 6:50 am

Editor's Note: An earlier version of this story confused two similar Windows flaws, both of which were disclosed in January, by two different parties. The bug being used in the new attacks was disclosed anonymously on the Full Disclosure mailing list.

An Internet Explorer flaw made public two months ago is now being used in online attacks.

The flaw, which has not yet been patched, has been used in "limited, targeted attacks," Microsoft said Friday in an update to its security advisory on the issue.

More at :-
http://www.pcworld.com/article/221978/new_attacks_...

--
Was this reply relevant?
+0
-0
mogs CClip 67
Expert Contributor 14th Mar, 2011 07:43
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Major Security Hole Found on the German Finance Agency's Website
By Lucian Constantin

The Chaos Computer Club (CCC) hacker collective has notified the German Federal Finance Agency (Bundesfinanzagentur) of a serious security hole present on its website for years.

The vulnerability allowed any user to modify the content of the website through a Web-based file manager that was left unprotected.

The German Finance Agency is a state owned financial services company responsible for managing federal debt, as well as issuing Federal securities.

By leveraging the security hole, attackers could have added their own transaction quotes and could have changed the destination of the site's "Internet banking" link.


http://news.softpedia.com/news/Security-Security-H...

--
Was this reply relevant?
+0
-0
mogs CClip 68
Expert Contributor 14th Mar, 2011 17:24
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows 7 customers hit by service pack 1 install 'fatal error' flaws
Microsoft remains clueless about cause
By Kelly Fiveash • Get more from this author
Posted in Operating Systems, 14th March 2011 13:26 GMT
A brace of "fatal errors" is hampering Windows 7-based computers that have been updated with Microsoft's first service pack for its current operating system.

In fact, since Windows 7 SP1 was released late last month, many users have been grumbling on forums about problems with the install of the update package.

Similarly, The Register has heard from lots of disgruntled readers who are wasting precious time having to rebuild their machines after the service pack had led to fatal flaws in the OS.

"Basically, if you have an OEM machine connected to a server running WSUS [Windows Server Update Services] with the default settings it offers and installs SP1 automatically. This is killing machines and stopping them booting with a C00000034 fatal error," said Reg reader Simon, who has seen 15 machines downed by the flaw.

Read more at :-
http://www.theregister.co.uk/2011/03/14/microsoft_...

--
Was this reply relevant?
+0
-0
mogs CClip 69
Expert Contributor 14th Mar, 2011 18:23
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft IE9 set for release today
by Daniel Robinson
14 Mar 2011

Microsoft is preparing to release IE9 later today, as its browser faces greater competition in the marketplace than ever before.
The company has confirmed that the release version of IE9 will be available to download at 9pm Pacific time in the US, which equates to 4am Tuesday in the UK.

Microsoft has already hinted that the final code will contain some previously unseen features, but is playing its cards close to its chest until the official announcement at the South by South West (SXSW) Interactive festival in Austin, Texas.


Read more: http://www.v3.co.uk/v3-uk/news/2033852/microsoft-i...


--
Was this reply relevant?
+0
-0
mogs CClip 70
Expert Contributor 15th Mar, 2011 07:55
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Internet Explorer 9 (IE9) RTW Is Here

March 15th, 2011, 00:31 GMT| By Marius Oiaga

One year after the first Platform Preview of Internet Explorer 9 was unveiled to the world, IE9 RTW (release to web) is here.

IE9 RTW will be available for download at 9:00 PM PDT via BeautyOfTheWeb in 39 languages.

“We’ve been both humbled and excited by the praise and the response that we’ve gotten to the release,” Roger Capriotti, Director, Internet Explorer Product Marketing told me over the phone last week.

There have been in excess of 40 million downloads of the Beta and the Release Candidate (RC), the largest Beta of Internet Explorer in company history.

According to Capriotti, the size of the IE9 Beta is about double that of the IE8 Beta, with more than 2% of Windows 7 users already running it, but the number of early adopters is just one of the aspects in which the latest iteration of IE leaves its predecessor in the dust.

IE9 is faster than IE8, it sports an overhauled UI, comes with better security for end users, and delivers a collection of new and innovative features that together account for an amazing evolution for IE.

Read more at :-
http://news.softpedia.com/news/Internet-Explorer-9...

--
Was this reply relevant?
+0
-0
mogs CClip 71
Expert Contributor 15th Mar, 2011 22:52
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
IE9 RTW Language Packs for Windows 7 and Vista

March 15th, 2011, 11:41 GMT| By Marius Oiaga

Concomitantly with the general availability of Internet Explorer 9, Microsoft also released the language packs for the browser.

The Windows Internet Explorer 9 Language Packs for Windows 7 and Windows Server 2008 R2 and Windows Internet Explorer 9 Language Packs for Windows Vista and Windows Server 2008 went live on the Microsoft Download Center as the IE9 RTW bits rolled out worldwide.

The language resources on the Download Center are freely available to customers worldwide.

“The Internet Explorer 9 Language Packs install language specific resource files, allowing users to view the user interface (UI) of Internet Explorer 9 in a different supported language,” Microsoft revealed.

More at :-
http://news.softpedia.com/news/IE9-RTW-Language-Pa...

--
Was this reply relevant?
+0
-0
mogs CClip 72
Expert Contributor 15th Mar, 2011 22:56
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Adobe promises emergency patch for Flash, Reader bugs

Limited attacks under way
By Dan Goodin • Get more from this author
Posted in Enterprise Security, 14th March 2011 20:49 GMT
Adobe Systems plans to release emergency patches for its Flash and Reader applications after learning a critical vulnerability is being exploited to install malware on vulnerable machines.

The out-of-cycle patches for Adobe Flash Player 10 and Acrobat and Reader versions 9, 10, and X will arrive during the week March 21, the company said on Monday. The updates will cover all versions of those programs except for Reader X for Windows, which ships with a security sandbox that blocks the exploits Adobe has observed so far.

More at:-
http://www.theregister.co.uk/2011/03/14/adobe_flas...

--
Was this reply relevant?
+0
-0
mogs CClip 73
Expert Contributor 15th Mar, 2011 23:50
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Stable and Beta Channel Updates
Tuesday, March 15, 2011 | 13:19
Labels: Beta updates, Stable updates

The Chrome Stable and Beta channels have been updated to 10.0.648.134 for Windows, Mac, Linux and Chrome Frame. This release contains an updated version of the Adobe Flash player. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 74
Expert Contributor 16th Mar, 2011 07:51
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft and Mozilla edge towards web privacy consensus?

Header debate beats government regulation
By Gavin Clarke in San Francisco • Get more from this author
Posted in ID, 16th March 2011 03:00 GMT
Nothing helps rivals in the private sector find common ground quicker than the threat of government intervention.

Microsoft and Mozilla – makers of dueling browsers Internet Explorer and Firefox – could be headed towards some kind of industry agreement on giving netizens the power to stop ad networks from tracking their behavior.

More at :-
http://www.theregister.co.uk/2011/03/16/do_not_tra...

--
Was this reply relevant?
+0
-0
mogs CClip 75
Expert Contributor 16th Mar, 2011 07:54
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Oracle kills Sun.com after starvation diet

Goodbye to one of the web's oldest domains
By Gavin Clarke in San Francisco
Posted in Music and Media, 16th March 2011 04:00 GMT
Oracle is killing Sun.com, the online home of Sun Microsystems and one of the oldest dot-com domain names.

An entry on the Oracle's OTN Garage says that sun.com will be decommissioned on June 1.

The closure comes after Sun's new owner, Oracle, moved most of the content on BigAdmin, OpenSolaris.com, and some sections of Sun Developer Network to the Systems Admin and Developer Community of OTN.

That apparently leaves just a hardware compatibly list, which OTN Garage said engineers are "working on a solution" for. Once that's been relocated to the happy fields of Redwood Shores, Sun's domain will be turned off.

More at :-
http://www.theregister.co.uk/2011/03/16/oracle_clo...

--
Was this reply relevant?
+0
-0
mogs CClip 76
Expert Contributor 16th Mar, 2011 08:00
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Last edited on 16th Mar, 2011 08:01
Dev Channel Update
Tuesday, March 15, 2011 | 17:34
The Dev channel has been updated to 11.0.696.12 for Macintosh, Windows, Linux and Chrome Frame platforms

The following bugs were fixed
New York Times Chrome app crashes on the Chorme Dev Channel (Issue 75563).
Sync login dlg is truncated (Issue 72490 ).
Status bar / target URL not shown when hovering over links(Issue 75268).
Several known crashes (Issues 75171 and 75443 and 75828).
Bookmark focus is not lost when moved away from the bookmark bar (Issue 75367).
Tooltips from browser tabs are persisting for too long (Issue 75334 ).
Content settings updates don't reflect the current Incognito session(Issue 74466).
NewTabPage is not updating when a new theme is applied (Issue 74311).
fixed download requests in chrome frame which occur in response to top level POSTs (Issue 73985 ).
Chrome locks up on form submit, constantly duplicating autofill settings to blame(Issue 74911).

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann...

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

--
Was this reply relevant?
+0
-0
mogs CClip 77
Expert Contributor 16th Mar, 2011 10:34
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows 7 SP1 RTM Black Screen of Death Loop 0xc0000034

March 16th, 2011, 08:30 GMT| By Marius Oiaga

According to Microsoft, Windows 7 customers that deploy the RTM version of Service Pack 1 can be affected by an issue which impacted users installing SP2 RTM on top of Windows Vista back in 2009.

Essentially, following the installation of SP1 RTM, Windows 7 machines can freeze or be thrown into a black screen of death loop by restarting.

The software giant explained that after reboot, Windows 7, now with SP1 RTM, will present the following error message on a black screen: “!! 0xc0000034 !! 142/53007 (_0000000000000000.cdf-ms).”

Restarting the operating system again will do no good since Windows 7 SP1 RTM users will end up at the same black screen with the same 0xc0000034 error message.

The Redmond company does not offer any details on the cause of the problems described above, but it does detail manual workarounds.

Read more at :-
http://news.softpedia.com/news/Windows-7-SP1-RTM-B...

--
Was this reply relevant?
+0
-0
mogs CClip 78
Expert Contributor 16th Mar, 2011 20:22
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Mozilla to ship Firefox 4 on 22 March

Ready your best browser trousers
By Kelly Fiveash • Get more from this author
Posted in Applications, 16th March 2011 10:39 GMT
Mozilla looks set to release Firefox 4 on 22 March, unless developers encounter any nasty bugs in their final tests.

The open source outfit's Damon Sicore confirmed yesterday that the Release Candidate build of Firefox 4 that Mozilla pushed out last week is likely to be the final test version of the browser.

More at :-
http://www.theregister.co.uk/2011/03/16/mozilla_sh...

--
Was this reply relevant?
+0
-0
mogs CClip 79
Expert Contributor 17th Mar, 2011 09:22
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Phishers dodge fraud protections in Firefox, Chrome

Outmaneuver blacklists
By Dan Goodin in San Francisco • Get more from this author
Posted in Security, 17th March 2011 03:00 GMT
A recent round of phishing attacks targeting customers of Bank of America and PayPal circumvent fraud protections built in to the Mozilla Firefox and Google Chrome browsers by attaching an HTML file to the spam email.

More at :-
http://www.theregister.co.uk/2011/03/17/phishers_o...

--
Was this reply relevant?
+0
-0
mogs CClip 80
Expert Contributor 17th Mar, 2011 10:52
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Download Opera 11.10 Barracuda Beta
March 17th, 2011, 09:38 GMT| By Marius Oiaga

The first Beta development snapshot of Opera 11.10 codenamed Barracuda is now available for download.

Softpedia readers have been able to read about the imminent release of Opera 11.10 Barracuda Beta yesterday, and since that announcement Opera Software released two pre-Beta Builds designed to deal with various bugs.

Early adopters can now download Build 2048 and start testing the Beta immediately.

The Norway-based browser maker emphasizes that Opera 11.10 codenamed Barracuda Beta is still pre-release software, and that users should only test it and not deploy it into production environments.

Opera 11.10 Barracuda Beta features UI improvements, better standard support, including CSS3 gradients and multiple columns, and enhancements to plug-in integration.

However, the most consistent evolution that user will notice is in terms of the Speed Dial feature.

More at :-
http://news.softpedia.com/news/Download-Opera-11-1...

--
Was this reply relevant?
+0
-0
mogs CClip 81
Expert Contributor 17th Mar, 2011 11:59
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Malware is showing high growth

Trojans reign supreme
By Dean Wilson
Thu Mar 17 2011, 10:21
MALWARE HAS INCREASED by 26 per cent in the first quarter of 2011, according to a report by insecurity research firm Pandalabs.
The worrying increase means that over 73,000 samples of new malware are being detected on a daily basis so far in 2011, an extra 10,000 per day compared to 2010.
Most of the malware are Trojans, accounting for 70 per cent of all threats. Viruses are at just under 17 per cent, while worms are at just under eight per cent. Adware, spyware and backdoor malware took a much smaller chunk of the pie, but still present a valid threat.


Read more: http://www.theinquirer.net/inquirer/news/2034905/m...
The Inquirer

--
Was this reply relevant?
+0
-0
mogs CClip 82
Expert Contributor 17th Mar, 2011 16:10
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Fix IE9 Printing on Canon Printers
March 17th, 2011, 14:37 GMT| By Marius Oiaga

Microsoft has confirmed the existence of some issues related to Internet Explorer 9 RTW and Cannon printers, which can prevent users from printing a webpage.

The problem impacts IE9 RTW running on all supported operating systems, namely, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 and Windows Server 2008 R2.

According to the software giant, the glitch involves failed print jobs of a webpage opened in IE9.

More at :-
http://news.softpedia.com/news/Fix-IE9-Printing-on...

--
Was this reply relevant?
+0
-0
mogs CClip 83
Expert Contributor 17th Mar, 2011 16:14
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
The EU is looking at enforcing new privacy rules to give web users the "right to be forgotten."
By Justyna Pawlak, Reuters, 17 Mar 2011 at 08:16

New EU data privacy rules could mean tech giants like Google and Facebook will have to rethink their data rules, European Union (EU) justice chief Viviane Reding said yesterday.

More at :-
http://www.itpro.co.uk/631966/eu-data-protection-t...

--
Was this reply relevant?
+0
-0
mogs CClip 84
Expert Contributor 17th Mar, 2011 16:19
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Firefox 4 will be released on 22 March, and Mozilla's Web o' Wonder will help to show if your graphics card drivers are out of date for the browser's hardware acceleration. Credit: Seth Rosenblatt/CNET News

The current Firefox 4 release candidate is available for Windows, Mac, and Linux. Firefox 4 was originally projected to arrive around October or November 2010, but was delayed as work on new features and integrating graphics card-powered hardware acceleration took longer than expected. GPU hardware acceleration is the short-term Holy Grail for modern browsers because it allows them to leverage high-powered graphics cards to give the browser an edge in rendering complicated in-site graphics faster.

The current stable release of Chrome 10 only offers partial hardware acceleration, while Internet Explorer 9 won't work on Windows XP precisely because of the hardware acceleration hang-up.

For more on this ZDNet UK-selected story, see Mozilla sets a date for Firefox 4 on CNET News.

Read more at :-
http://www.zdnet.co.uk/news/desktop-apps/2011/03/1...

--
Was this reply relevant?
+0
-0
mogs CClip 85
Expert Contributor 18th Mar, 2011 06:12
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Dev Channel Update
Thursday, March 17, 2011 | 16:35
The Dev channel has been updated to 11.0.696.14 for Macintosh, Windows, Linux and Chrome Frame platforms

The following bugs were fixed
about:gpu can still launch GPU process even though GPU is blocked by software rendering list (Issue 76115).
REGRESSION: After crash, Restore infobar shows up everytime you open a link from external app (Issue 75654 ).
App context-menu doesn't disappear even after uninstalling the extension, causes crash when selected (Issue 75662).
A known crash (Issue 74777).
Fails SPDY-related check (Issue 77893).

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann...

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Karen Grunberg
Google Chrome

Stable and Beta Channel Updates
| 13:00
Labels: Beta updates, Stable updates

The Chrome Stable and Beta channels have been updated to 10.0.648.151 for Windows, Mac, Linux and Chrome Frame. This release blacklists a small number of HTTPS certificates. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 86
Expert Contributor 18th Mar, 2011 22:08
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Computerworld - Microsoft yesterday urged users of older Office suites to install and run a complicated tool to protect themselves against ongoing attacks exploiting an unpatched bug in Adobe's Flash Player.

"For users of Office prior to 2010, the Enhanced Mitigation Experience Toolkit (EMET) can help," said Andrew Roths and Chengyun Chu, a manager and security engineer, respectively, with the Microsoft Security Response Center (MSRC). "Turning on EMET for the core Office applications will enable a number of security protections called 'security mitigations'," the pair wrote in a Thursday post to the company's Security Research & Defense blog.

Read more at :-
http://www.computerworld.com/s/article/9214795/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 87
Expert Contributor 18th Mar, 2011 22:20
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
As RSA has its servers hacked, its two-factor authentication customers will no doubt be highly concerned.
By Tom Brewster, 18 Mar 2011 at 12:55

RSA - the security arm of EMC - has admitted to having a number of its servers hacked, as data on its two-factor authentication product SecurID was compromised.

The firm warned the data could be used to “reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack,” and RSA urged customers to take immediate remedial action.

RSA executive chairman Art Coviello said the firm’s security systems had been targeted by an “extremely sophisticated cyber attack.”

It is believed the attack was in the Advanced Persistent Threat (APT) category, which may indicate a well-funded group of individuals were responsible for the attack.

More at :-
http://www.itpro.co.uk/632023/rsa-servers-hacked-a...

--
Was this reply relevant?
+0
-0
mogs CClip 88
Expert Contributor 18th Mar, 2011 22:32
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
ZDNet UK

Study finds 'flaw' in IE9 privacy feature
By Ben Woods (@BenWoodsZD), ZDNet UK, 17 March, 2011 17:38

NEWS
A new privacy feature in Internet Explorer 9 could be allowing websites to see data that users thought they had blocked, research carried out by the independent consumer body Which? has shown.

Read more at :-
http://www.zdnet.co.uk/news/desktop-apps/2011/03/1...

--
Was this reply relevant?
+0
-0
mogs CClip 89
Expert Contributor 19th Mar, 2011 08:18
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Tweak Internet Explorer 9

Version reviewed: TweakIE9 1.0.0.0
TweakIE9 is a small and comprehensive application that allows you to customize Windows Internet Explorer 9.


It is well known that no matter how much software developers strive to offer the best version of a product there will always be some nitpicker expecting a different configuration. Internet Explorer 9 just launched on Monday but tweaking solutions for the application have been around for a long time.

TweakIE9 is not the first and definitely won’t be the last third party application designed to offer you an easy way to customize the web browser a bit. As most of this sort of programs, this too is free of charge for home users.

Read more at :-
http://www.softpedia.com/reviews/windows/TweakIE9-...

--
Was this reply relevant?
+0
-0
mogs CClip 90
Expert Contributor 19th Mar, 2011 18:32
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Google patches Flash bug before Adobe

Rest of world must wait
By Dan Goodin in San Francisco • Get more from this author
Posted in Enterprise Security, 18th March 2011 23:33 GMT
Google has already released an update for its Chrome browser that fixes a critical vulnerability in Adobe's Flash Player that's under attack. Users of the animation software on other browsers and operating systems will have to wait until next week for the same patch.

Chrome was able to beat the rest of the pack thanks to ongoing collaboration with Adobe that allows Google advanced access to updated builds of Flash, Adobe spokeswoman Wiebke Lips said. Google is then able to push the update to Chrome users through the browser's automatic update mechanism.

More at :-
http://www.theregister.co.uk/2011/03/18/google_chr...

--
Was this reply relevant?
+0
-0
mogs CClip 91
Expert Contributor 19th Mar, 2011 18:35
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft: IE9's web privacy hole? A feature, not a bug

When do-not-track lists clash
By Gavin Clarke in San Francisco • Get more from this author
Posted in Applications, 18th March 2011 21:59 GMT
A hole has been spotted in Internet Explorer 9's do-not-track technology, and Microsoft says it's a feature not a bug.

In response to a US government call for greater protection of consumers' privacy online, Microsoft added a Tracking Protection Lists (TPLs) feature to IE9. Netizens can use one or more lists to prevent certain ad networks and websites from tracking their behavior online. But when an IE9 user downloads multiple TPLs and a site's blocked on one list but allowed on another, IE9 will allow the site, letting it to track the user's activities.

The hole was flagged up by UK consumer watchdog Which?. Tracking Protection Lists are available from four Microsoft IE9 partners: Abine, EasyList, PrivacyChoice, and Truste.

More at :-
http://www.theregister.co.uk/2011/03/18/microsoft_...

--
Was this reply relevant?
+0
-0
mogs CClip 92
Expert Contributor 19th Mar, 2011 23:11
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
US-Cert warns of new phishing attacks
by Shaun Nichols
The US Computer Emergency Response Team is (US-Cert) warning users and administrators following the discovery of a potent new phishing operation.
US-Cert said that the operation is targeting a number of institutions, including Bank of America, Lloyds, PayPal and TSB. The attacks appear as unsolicited e-mails carrying HTML attachments.
The attack is particularly dangerous in that it utilises techniques to get around security filters designed to catch phishing sites.
"This attack is unlike common phishing attacks because it locally stores the malicious webpage rather than directing user to a phishing site via a URL," the agency said.


Read more: http://www.v3.co.uk/v3-uk/news/2035559/-cert-warns...


--
Was this reply relevant?
+0
-0
mogs CClip 93
Expert Contributor 19th Mar, 2011 23:17
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
PHP flaws fixed in latest software update
by Phil Muncaster
19 Mar 2011

PHP developer the PHP Group has released an updated version of the near-ubiquitous web scripting language designed to fix security flaws and offer other server and application-based security enhancements.
Sophos Canada senior security advisor Chester Wisniewski explained in a blog post that at least two of the five flaws addressed in PHP version 5.3.6 have been rated high severity by the US National Vulnerability Database, while the others remain as yet unclassified.


Read more: http://www.v3.co.uk/v3-uk/news/2035567/php-flaws-f...


--
Was this reply relevant?
+0
-0
mogs CClip 94
Expert Contributor 20th Mar, 2011 08:55
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Next Version of Microsoft Office to Ship With Facebook IM
By MARSHALL KIRKPATRICK of ReadWriteWeb

Times are changing: while corporate management all around the world worries about the distractibility and entitlement of the next generation of workers, Microsoft appears set to embrace the future warmly. The next version of Microsoft Word and the rest of the Office 15 suite will include some features very familiar to the kids these days.

"For Office 15 we're building new products to deliver integration of instant messaging/presence with social networks such as Facebook," the company wrote in a job posting put online today. Stephen Chapman first reported on the news at ZDNet and said he found it bewildering. Not everyone feels that way, though; to some observers it makes perfect sense.

More at :-
http://www.nytimes.com/external/readwriteweb/2011/...

--
Was this reply relevant?
+0
-0
mogs CClip 95
Expert Contributor 20th Mar, 2011 09:01
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
ISPs defend plans for two-tier net
By Jane Wakefield
Technology reporter

ISPs have defended their right to operate a two-speed internet, at a key debate into the future of the web.

The debate was organised by the government, which is keen to see the principles of a free and equal net maintained.

ISPs are increasingly looking to prioritise some traffic on their networks and block some.

After the meeting the BBC called for the creation of a broadband content group to represent content providers.

It, along with content providers such as Google, Yahoo, Facebook and Skype, is growing increasingly concerned about how the issue of net neutrality is being dealt with.

More at :-
http://www.bbc.co.uk/news/technology-12791376

--
Was this reply relevant?
+0
-0
mogs CClip 96
Expert Contributor 21st Mar, 2011 07:40
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft+IE9: Holier than Apple open web convert?

About HTML time
By Tim Anderson • Get more from this author
Posted in Software, 21st March 2011 03:00 GMT
It is a remarkable turnaround. Microsoft, the company that more than any other was responsible for freezing web standards by first killing the browser competition and then failing to update its browser for five years, has come out with a browser that is - at the very least - decent.

Internet Explorer 9 combines hardware-accelerated graphics with a just-in-time compiler for JavaScript and significant support for some of the new standards that form HTML 5. It also has a de-cluttered user interface that seems close in philosophy to Google's Chrome: the browser gets out of the way of the web content or application.

It is not unequivocally the best browser on Windows. It does not win every performance test, nor is its HTML 5 support as extensive as that in some other browsers. Integration with Windows is strong though, as you would expect, and its privacy controls are excellent. Microsoft has also fixed some long-standing annoyances, such as the rudimentary download management in previous versions. IE9 has a download manager that means users can easily find their downloads once completed. Overall IE9 is good enough that using a third-party web browser is no longer an obvious choice.

Read more at :-
http://www.theregister.co.uk/2011/03/21/ie9_micros...

--
Was this reply relevant?
+0
-0
mogs CClip 97
Expert Contributor 21st Mar, 2011 21:37
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft launched IE9 on March 15th, 2011 providing a modern browser designed as a valid alternative to rivals.

The software giant is allowing third-parties to build custom installation packages of IE9 RTW, similar in nature to the copy optimized for Softpedia that you can download.

For this, the company is offering the Internet Explorer Administration Kit (IEAK) 9. Customers that want to take advantage of IEAK 9 will first need to download and install IE9 RTW. Documentation on just how to leverage IEAK 9 is available for free via TechNet.

Download Internet Explorer 9 (IE9) RTW Optimized for Softpedia via this link.

The Internet Explorer Administration Kit (IEAK) 9 is available for download here.

Windows Internet Explorer 9 RTW for Windows 7 and Windows 7 SP1 is available for download here.

Windows Internet Explorer 9 RTW for Windows Vista SP2 and Windows Server 2008 SP2 is available for download here.

Windows Internet Explorer 9 RTW for Windows Vista SP2 64-bit edition and Windows Server 2008 SP2 64-bit edition is available for download here.

Windows Internet Explorer 9 RTW for Windows 7 64-bit edition, Windows 7 SP1 64-bit edition, Windows Server 2008 R2 64-bit edition and Windows Server 2008 R2 SP1 64-bit edition is available for download here.

Full article here :-
http://news.softpedia.com/news/Download-IE9-RTW-Op...

--
Was this reply relevant?
+0
-0
mogs CClip 98
Expert Contributor 21st Mar, 2011 21:41
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
PHP.net breach: Concern over safety of source code

Poisoned well pondered
By Dan Goodin in San Francisco • Get more from this author
Posted in Enterprise Security, 21st March 2011 18:34 GMT
Maintainers of the PHP programming language spent the past few days scouring their source code for malicious modifications after discovering the security of one of their servers had been breached.

The compromise of wiki.php.net allowed the intruders to steal account credentials that could be used to access the PHP repository, the maintainers wrote in a brief note. They continue to investigate details of the attack, which exploited a vulnerability in the Wiki software and a separate security flaw in Linux. The site has been down since at least Friday.
More at ;-
http://www.theregister.co.uk/2011/03/21/php_server...

--
Was this reply relevant?
+0
-0
mogs CClip 99
Expert Contributor 21st Mar, 2011 21:46
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Computerworld - Adobe Monday patched a critical vulnerability in Adobe Reader, making good on a promise last week to plug the hole.

The company promised to ship a fix for Flash Player later today.

Last Monday Adobe announced that attackers were exploiting an unpatched, or "zero-day," vulnerability in Flash Player using malicious Microsoft Excel documents attached to e-mail messages. At the time, Adobe said it would patch Flash, Reader and Acrobat sometime this week, but did not set a specific date.

Reader and Acrobat were also vulnerable because the same Flash flaw existed in the "authplay.dll" component of those two programs. Authplay is the interpreter included in Reader and Acrobat that renders Flash content inside PDF files.

Adobe rolled out a patch for Reader and Acrobat around 3 p.m. EDT, but said that the same fix for Flash would not appear until later in the afternoon.

More at :-
http://www.computerworld.com/s/article/9214874/Ado...

--
Was this reply relevant?
+0
-0
mogs CClip 100
Expert Contributor 22nd Mar, 2011 08:08
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Dev Channel Update
Monday, March 21, 2011 | 16:05
The Dev channel has been updated to 11.0.696.16 for Macintosh, Windows, Linux and Chrome Frame platforms

The following bugs were fixed
clicking on the labels of checkboxes / radio buttons closes content settings dialog box (Issue 76115).
Unlock Keyring makes chrome unusable (Issue 72499 ).
Sample extension for chrome.experimental.proxy API (Issue 62700 ).
Several known crashes (Issue 76401 and Issue 75264 ).

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann...

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Karen Grunberg
Google Chrome

--
Was this reply relevant?
+0
-0
mogs CClip 101
Expert Contributor 22nd Mar, 2011 18:06
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Adobe Patches Flash Player 0-Day
March 22nd, 2011, 08:18 GMT| By Lucian Constantin

Adobe has released a new version of Flash Player in order to address a critical vulnerability actively exploited in the wild since the beginning of last week.

Last Monday, Adobe issued a security advisory warning users of attacks targeting a previously unknown vulnerability in Flash Player.

The attacks used maliciously crafted SWF files embedded into Excel documents in order to install a backdoor on people's computers.

The rigged XLS files were delivered via email, but the vulnerability can also be potentially exploited over the Web.

More at :-
http://news.softpedia.com/news/Adobe-Patches-Flash...

--
Was this reply relevant?
+0
-0
mogs CClip 102
Expert Contributor 22nd Mar, 2011 18:12
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows Live Essentials 2011 QFE1 Served via MU
March 22nd, 2011, 15:30 GMT| By Marius Oiaga

The first Quick Fix Engineering update for Windows Live Essentials 2011 is now live on Microsoft Update for Windows Vista and Windows 7 users.

Windows Live Essentials 2011 QFE1 is served as an optional update, and only to those that opted to turn MU on.

Arthur de Haan, Vice President, Windows Live Test and Systems Engineering explains that QFE1 will be delivered to all 48 localized versions of Windows Live Essentials 2011.

“After launching Windows Live Essentials 2011 last fall, we’ve been closely watching incoming data, monitoring the quality of service, and listening to the issues you were reporting. This update, called QFE1, primarily addresses the top quality-related issues that impact a large number of our customers,” de Haan stated.

The software giant gave green light to this particular update to Windows Live Essentials 2011 in early December 2010. However, users needed to manually download and install the refresh.

All users that deployed Windows Live Essentials 2011 ahead of December 2nd, 2010, either the entire suite or standalone components such as Messenger or Photo Gallery need to also grab QFE1.

More at :-
http://news.softpedia.com/news/Windows-Live-Essent...

--
Was this reply relevant?
+0
-0
mogs CClip 103
Expert Contributor 22nd Mar, 2011 18:16
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Play.com: Only customer emails lost in data breach

Mailshotter Silverpop blamed for malwarey kerfuffle
By John Leyden • Get more from this author
Posted in ID, 22nd March 2011 15:42 GMT
Online retailer Play.com has named its marketing partner Silverpop as the guilty party behind the disclosure of customer names and email addresses.

The breach led to distribution of spam to email addresses only registered with the online retailer on Sunday, a development that led to howls of protest from users.

These emails offered supposed software updates from Adobe but actually linked to sites serving up malware.

More at :-
http://www.theregister.co.uk/2011/03/22/play_blame...

--
Was this reply relevant?
+0
-0
mogs CClip 104
Expert Contributor 22nd Mar, 2011 18:23
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Young should help older net users

Five million older people in the UK regard the TV as their main company

A campaign is urging the six million older people in the UK who have never been online to get connected as a way to help stave off loneliness.

The charity Age UK is calling on net-savvy friends and relatives to help the older generation take their first steps in the digital world.

A survey suggests that less than half of the UK's over-55s use the internet.

By contrast, 58% of older citizens in Norway and Luxembourg are online.

The statistics, collated by Eurostat, show that 43% of UK citizens aged 55-74 are web users. The average across Europe is 28%.

http://www.bbc.co.uk/news/technology-12813311

--
Was this reply relevant?
+0
-0
mogs CClip 105
Expert Contributor 22nd Mar, 2011 18:27
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
The latest version of the Firefox web browser, Firefox 4, is now available to download as a 'release candidate' version.
Firefox 4 will run on Windows, Mac and Linux operating systems. Changes to the browser include an updated interface, improvements to performance and HTML5 support. The release candidate version is the final test version of the browser before a final launch.
Competition to be the best browser is fierce, with Microsoft's Internet Explorer 9 already available for download. Google has also released a beta update for its Chrome browser.
To find out how Internet Explorer 9 and Firefox 4 performed in our speed tests, check out the Computeractive Blog.


Read more: http://www.computeractive.co.uk/ca/news/2036015/mo...

--
Was this reply relevant?
+0
-0
mogs CClip 106
Expert Contributor 22nd Mar, 2011 20:08
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Beware of SEO Poisoning Attacks
March 21, 2011
By eSecurityPlanet Staff

According to GFI Labs, an increase in search engine optimization (SEO) poisoning attacks are exploiting several recent high-profile news events. GFI Labs, the dedicated malware research center of GFI Software, warned that searching topics as the disasters in Japan, Charlie Sheen and the NCAA “March Madness” tournament should be on high alert for poisoned search engine links leading to malicious websites.
In fact, according to Yahoo! Sports, recent searches for the term “NCAA brackets” have increased by 109,038%, making it an attractive, high-volume target for malware writers.

Using blackhat SEO poisoning techniques, cyber criminals are able to manipulate popular search engine results to include malicious websites. Unsuspecting users are then tricked into clicking on seemingly legitimate links. To avoid falling victim to this type of attack, GFI Software offers consumers the following tips:

Read more at :-
http://www.esecurityplanet.com/features/article.ph...

--
Was this reply relevant?
+0
-0
mogs CClip 107
Expert Contributor 23rd Mar, 2011 08:17
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Chrome OS Beta Channel Update
Tuesday, March 22, 2011 | 16:55
Labels: Chrome OS
The Chrome OS Beta channel has been updated to the latest R10 release 0.10.156.54 including Chrome update (10.0.648.151) and trackpad dead zone width adjustment.
Full details of the Chrome 10 beta update is available in the blogpost. If you find new issues, please let us know by visiting our help site or filing a bug.

Josafat Garcia
Google Chrome

2 comments | Links to this post | Email Post

Chrome Beta Release
| 16:35
Labels: Beta updates
The Chrome team is happy to announce the arrival of Chrome 11.0.696.16 to the Beta channel for Windows, Mac, and Linux.

Chrome 11 contains some really great improvements including:
HTML5 speech input API
GPU-accelerated 3D CSS
The brand new shiny Chrome icon

More on what's new at the Official Chrome Blog.

You can find full details about the changes that are in Chrome 11 in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Karen Grunberg

--
Was this reply relevant?
+0
-0
mogs CClip 108
Expert Contributor 23rd Mar, 2011 08:44
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Massive Security Update Released for Mac OS X

March 22nd, 2011, 14:55 GMT| By Lucian Constantin

Apple has released the first major security update for Max OS X in 2011, patching crtical vulnerabilities in various components and bundled software.

The new Security Update 2011-001 is available for Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6 and Mac OS X Server v10.6 through v10.6.6.

In total, there were 54 vulnerabilities patched, including one reported by Charlie Miller and Dion Blazakis, the team that hacked the iPhone 4 at Pwn2Own.

More at :-
http://news.softpedia.com/news/Massive-Security-Up...

--
Was this reply relevant?
+0
-0
mogs CClip 109
Expert Contributor 23rd Mar, 2011 08:47
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Spam Received by Play.com Customers Possibly Tied to Silverpop Breach

March 22nd, 2011, 17:59 GMT| By Lucian Constantin

Play.com, one of the largest online UK retailers of video games, books and DVDs, has apologized for a wave of malicious spam received by its customers and said that it's possibly connected to a breach at an email marketing company called Silverpop.

According to The Register, Play.com customers began receiving rogue email messages on Monday which advertised Adobe Reader upgrades but actually led to malware.

Affected individuals were able to track down the problem to Play.com, because they only registered their email addresses with the website.

After being notified of the problem, the company alerted all customers of the threat and apologized for the incident.

More at :-
http://news.softpedia.com/news/Spam-Received-by-Pl...

--
Was this reply relevant?
+0
-0
mogs CClip 110
Expert Contributor 23rd Mar, 2011 08:51
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Computerworld - Firefox 4 got off to a strong start today, with 1 million copies of the new browser downloaded in the first three hours.

If it keeps up the early pace, Firefox 4 will easily beat Microsoft's claim that users downloaded 2.4 million copies of its Internet Explorer 9 (IE9) in the first 24 hours of availability last week.

More at :-
http://www.computerworld.com/s/article/9214914/Moz...

--
Was this reply relevant?
+0
-0
mogs CClip 111
Expert Contributor 23rd Mar, 2011 21:43
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Easter Search Results Poisoning Has Already Begun

March 23rd, 2011, 10:20 GMT| By Lucian Constantin

Security researchers from GFI Software warn that black hat SEO attacks poisoning search results related to Easter have already begun, even though the holiday is still a month away.

The rogue links were spotted when searching for Easter printable cards and most of them pointed to domains in the .pl zone.

Black hat SEO attacks leverage the PageRank of compromised legit websites by using them to host so called doorway pages.

A doorway page appears filled with relevant content and keywords to search engine crawlers, but redirect real users to malicious sites.

In this case, like with most black hat SEO campaigns, the rogue search results lead users to scareware distribution pages.

More at :-
http://news.softpedia.com/news/Easter-Search-Resul...

--
Was this reply relevant?
+0
-0
mogs CClip 112
Expert Contributor 23rd Mar, 2011 21:48
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Firm points finger at Iran for SSL certificate theft
Bogus certificates obtained for Google, Microsoft, Skype and Yahoo sites

By Gregg Keizer
March 23, 2011
Computerworld - Iran may have been involved in an attack that resulted in hackers acquiring bogus digital certificates for some of the Web's biggest sites, including Google and Gmail, Microsoft, Skype and Yahoo, a certificate issuing firm said today.

The bogus certificates -- which are used to prove that a site is legitimate -- were acquired by attackers last week when they used a valid username and password to access an affiliate of Comodo, which issues SSL certificates through its UserTrust arm.

Today, Comodo's CEO said his company believes the attack was state-sponsored and pointed a finger at Iran.

More at :-
http://www.computerworld.com/s/article/9214998/Fir...

--
Was this reply relevant?
+0
-0
mogs CClip 113
Expert Contributor 23rd Mar, 2011 21:52
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Mozilla confirms over 5 million Firefox 4 downloads in 24 hours

Exclusive More than doubles Microsoft's IE9 record
By Lawrence Latif
Wed Mar 23 2011, 15:06
OPEN SOURCE browser developer Mozilla has confirmed to The INQUIRER that Firefox 4 has smashed the download 'record' recently set by Microsoft's Internet Explorer 9.
Last week Microsoft proudly proclaimed that its Internet Explorer 9 web browser had been downloaded over 2.3 million times within 24 hours, however by this morning Mozilla's Firefox 4 download counter had passed the 4 million mark and Mozilla has just confirmed to The INQUIRER that over 5 million downloads have been logged within 24 hours.


Read more: http://www.theinquirer.net/inquirer/news/2036733/m...

--
Was this reply relevant?
+0
-0
mogs CClip 114
Expert Contributor 24th Mar, 2011 07:35
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Browsers Rush to Block Fake SSL Certificates for High-Value Websites

March 23rd, 2011, 14:34 GMT| By Lucian Constantin

An attacker has managed to obtain nine SSL certificates for high-value domains from Comodo, prompting Chrome and Firefox to release updates to blacklist them.

The incident was the result of a compromise at a Comodo affiliate registration authority (RA) in Southern Europe which resulted in hackers stealing its username and password.

Rogue certificates were requested for mail.google.com, www.google.com, login.yahoo.com (multiple ones), login.skype.com, addons.mozilla.org, login.live.com and a global trustee.

One certificate for login.yahoo.com has already been seen in the wild being associated with a server in Iran. Soon after it was revoked by Comodo, the server stopped working.

The fact that the main IP used in the attack was also from Iran makes Comodo believe that this was likely a state-driven attack intended for surveillance.

More at :-
http://news.softpedia.com/news/Browsers-Rush-to-Bl...

--
Was this reply relevant?
+0
-0
mogs CClip 115
Expert Contributor 24th Mar, 2011 12:39
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Java updates may include annoying McAfee scanner
By Robert McMillan
March 24, 2011 04:12 AM ETComments (0)Recommended (0)
IDG News Service - Windows users who install the latest Java security patches may end up with a little more security than they bargained for, at least that's the risk they take if they don't pay close attention to the installation process.

Starting last month, Oracle began bundling a security scanning tool called the McAfee Security Scan Plus with its Java updates for the Windows operating system. The software is installed by default with the Java update, so unless users notice and uncheck the McAfee installation box as they're updating Java, they'll end up downloading McAfee's software too.

Security Scan Plus checks the PC to see if has antivirus and firewall software and if they're both up-to-date. The program comes with pop-up windows and is a bit more noticeable than the previous software that was bundled with Java in the U.S., such as the Yahoo Toolbar. Oracle bundles different products with Java in different regions, so not all Windows users may get Security Scan Plus with their Java updates.

More at :-
http://www.computerworld.com/s/article/9215021/Jav...

--
Was this reply relevant?
+0
-0
mogs CClip 116
Expert Contributor 24th Mar, 2011 14:32
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
0-Day Vulnerability Announced for RealPlayer

March 24th, 2011, 08:54 GMT| By Lucian Constantin

A critical RealPlayer vulnerability that could be exploited in drive-by download attacks has been disclosed as a zero-day.

According to Luigi Auriemma, the independent security researcher who discovered it, the flaw is a classic heap overflow in rvrender.dll that occurs when handing Internet Video Recording (IVR) files.

It is "caused by the allocation of a certain amount of data (frame size) decided by the attacker and the copying of another arbitrary amount on the same buffer," the researcher explains.

RealPlayer 14.0.2.633 for Windows is confirmed as being vulnerable, but older versions of the player, as well as those for other supported platforms, are likely vulnerable.

More at :-
http://news.softpedia.com/news/0-Day-Vulnerability...

--
Was this reply relevant?
+0
-0
mogs CClip 117
Expert Contributor 24th Mar, 2011 14:37
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Comodo admits hackers issued fraudulent SSL certificates

Microsoft issues a patch for Live users
By Lawrence Latif
Thu Mar 24 2011, 13:13
WEB SECURITY OUTFIT Comodo has admitted that an affiliate registration authority (RA) was compromised leading to the issuance of fraudulent secure sockets layer (SSL) certificates.
Although Comodo's RA was compromised, the firm confirmed that its root keys and intermediate certification authorities were unaffected in the attack. Nevertheless, the compromised RA allowed several bogus SSL certificates to be issued, which have now been revoked.
While Comodo has revoked the SSL certificates, Microsoft has taken more direct action on this issue, releasing a patch that is a "mitigation update", as one of the fraudulent certificates could potentially affect Windows Live ID users when they try to login at login.live.com.
Comodo claims the breach at its RA was due to the attacker getting hold of a username and password of one of its Trusted Partners in southern Europe. Perhaps more worrying is that at this point Comodo says it is "not yet clear about the nature or the details of the breach suffered by that partner".


Read more: http://www.theinquirer.net/inquirer/news/2037113/c...


--
Was this reply relevant?
+0
-0
mogs CClip 118
Expert Contributor 24th Mar, 2011 14:48
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK


Which Web browser is guaranteed to make your Internet browsing experience perfectly safe? The answer is none, of course. If you have the need for high security on a computer you manage, then you shouldn't allow it to surf on the public Web. It's that simple. But if your need for security is not extreme, there are a number of things you can do to make your Web browser more secure and your Web surfing safer. Let this Deep Dive be your guide.

Internet browsers are highly complex pieces of software that interact with highly complex programming code, much of it not so friendly. There is no "super secure" browser. The number of known exploits against a particular browser exactly tracks to its popularity. No surprise there. Even secure alternatives to Internet Explorer, which all new browsers seem to claim to be, generally have been targeted by dozens of exploits. (Even the newest of these, Google Chrome, already has a dozen.)

Today, a significant portion of computer attacks comes from legitimate websites that have been maliciously modified. In short, limiting your surfing to only well-known, legitimate websites does not ensure a safe Internet browsing experience. And the problem will only get worse, not better, for the near-term future.

More at :-
http://www.infoworld.com/d/security-central/the-in...

--
Was this reply relevant?
+0
-0
mogs CClip 119
Expert Contributor 24th Mar, 2011 16:27
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
BitDefender Launches Free Web Antivirus

March 24th, 2011, 09:59 GMT| By Lucian Constantin

Romanian antivirus vendor BitDefender has opened public beta testing for a free security solution designed specifically to protect users when browsing the Web.

Called TrafficLight, the product is capable of scanning Web traffic in real time and blocking malicious code and other threats.

It also taps BitDefender's cloud network to check if accessed URLs are associated with phishing or black hat SEO attacks.

Since search engines and social networks are popular distribution platforms for malicious URLs, TrafficLight adds visual safety indicators to all links listed in search results or popular social media sites.

These icons can be green for safe, yellow for suspicious and red for harmful. Users will have the option to force the loading of harmful pages with the known malicious elements stripped out.

The antivirus vendor takes pride in the browser-agnostic design of the product and work is being done to make it OS-independent too.

TrafficLight does not install any browser extensions which means that it functions at the protocol level, probably as a network filter driver.

This implementation approach is not new. In fact, it is used for the Web protection components in most full-blown antivirus solutions, including BitDefender's own commercial products.

Read more at :-
http://news.softpedia.com/news/BitDefender-Launche...

--
Was this reply relevant?
+0
-0
mogs CClip 120
Expert Contributor 24th Mar, 2011 21:45
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Forget Firefox 4.0, Firefox 4.2 Already Cooking

March 24th, 2011, 16:43 GMT| By Marius Oiaga

Just a few days after the global availability of Firefox 4.0, Mozilla is already offering early adopters a taste of the next version of its open source browser.

And despite what has already been said, the successor of Firefox 4.0 is not Firefox 5.0. As I told you earlier this month, Mozilla will provide an interim iteration of Firefox, version 4.x.

And it now appears that it’s safe to switch that “x” with the number “2.”

Early adopters that know what testing a nightly build of Firefox implies can download a preview of the first post-4.0 version of the open source browser.

The first Alpha of Firefox 4.2 can be grabbed from the Firefox Nightly Builds page. Users are advised that these builds are designed for deployment in testing environments and not into production.
More at :-
http://news.softpedia.com/news/Forget-Firefox-4-0-...

--
Was this reply relevant?
+0
-0
mogs CClip 121
Expert Contributor 25th Mar, 2011 06:13
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Google Chrome Releases

Dev Channel Update

Thursday, March 24, 2011 | 16:58
Labels: Dev updates
The Dev channel has been updated to 12.0.712.0 for Windows, Mac, Linux, Chrome Frame.

This release contains lots of behind the scenes work (code cleanup and refactorings) in addition to numerous crash and regresson fixes.

All
Updated V8 - 3.2.3.1
Tab Multi-Select - The ability to select multiple tabs, using the ctrl key, and applying actions (e.g. reload) to them all.
Mac
New and improved bookmark bar animations
More details about additional changes are available in the svn log of all revision.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-chann...

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Anthony Laforge
Google Chrome

26 comments | Links to this post | Email Post

Stable Channel Update
| 14:32
Labels: Stable updates
The Chrome Stable and Beta channels have been updated to 10.0.648.204 for Windows, Mac, Linux and Chrome Frame. Included in this release is support for the password manager on Linux, performance and stability fixes, as well as the security fixes listed below.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
[$500] [72517] High CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin.
[$1000] [73216] High CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek.
[$2000] [73595] High CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov.
[$1500] [74562] High CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov.
[$2000] [74991] High CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov.
[$1500] [75170] High CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov.
The full list of changes is available from the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome


--
Was this reply relevant?
+0
-0
mogs CClip 122
Expert Contributor 25th Mar, 2011 16:48
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Yahoo 'enhances' Internet Explorer 9

Browser receives the Yahoo treatment
By Dean Wilson
Fri Mar 25 2011, 10:15
ONCE RIVALS, NOW BEST MATES Yahoo and Microsoft are teaming up further to offer Yahoo themed 'enhancement' for Internet Explorer 9.
Yahoo has revealed that it has been working closely with Microsoft to customise the latest iteration of the Vole's web browser to suit a bunch of Yahoos.
The "Yahoo-enhanced experience" - yes, you read that right - is basically Internet Explorer 9 with easy access to Yahoo Search, the Yahoo homepage and the Yahoo toolbar. Users could have just bookmarked the websites and downloaded the toolbar, but Yahoo has saved us all a few minutes, the generous souls, in an attempt to lock us into using its portal predominantly if not exclusively.


Read more: http://www.theinquirer.net/inquirer/news/2037356/y...


--
Was this reply relevant?
+0
-0
mogs CClip 123
Expert Contributor 25th Mar, 2011 16:52
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Spotify splattered with malware-tainted ads

Sounds dodgy
By John Leyden • Get more from this author
Posted in Enterprise Security, 25th March 2011 11:15 GMT
Updated Users of the ad-supported version of Spotify were hit by a malware-based attack on Thursday.

The assault takes advantage of a Java-based exploit to deposit Trojan horse malware or exploit kits on vulnerable Windows machines. Only users of the free version of the music streaming service seem to be affected.

In response, Spotify pulled its ad feed on Friday while it investigating the problem.

We're currently investigating and have pulled all third party display ads that could have caused the problem until we locate the specific advert.

More at :-
http://www.theregister.co.uk/2011/03/25/spotify_ma...

--
Was this reply relevant?
+0
-0
mogs CClip 124
Expert Contributor 25th Mar, 2011 16:55
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Santander blames Firefox 4 for website fail

Downgrade yourself
By John Oates • Get more from this author
Posted in Applications, 25th March 2011 11:40 GMT
Customers unable to log-in to Santander's personal banking site this morning need to try another browser.

Several Reg readers got in touch with us this morning because they were met by a holding page which said: "We're sorry, but the online logon service for Online Banking is temporarily unavailable."

Customers were offered various phone numbers instead.

More at :-
http://www.theregister.co.uk/2011/03/25/santander_...

--
Was this reply relevant?
+0
-0
mogs CClip 125
Expert Contributor 25th Mar, 2011 17:00
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
T-Online Free Hosting Abused by Scareware Pushers

March 25th, 2011, 08:30 GMT| By Lucian Constantin

Security researchers from Commtouch warn that T-Online's free hosting packages are being abused by scareware pushers to host redirect scripts.

Deutsche Telekom-owned T-Online is the largest Internet service provider in Germany with also a strong presence in Hungary, Austria, Switzerland and France.

In addition to DSL and mobile services, the company offers a variety of web hosting packages for clients, the most basic of which is free.

Called "Inklusiv Homepage" the offering allows customers to use an automatioc tool to create a five-page website on a subdomain of the form [name].homepage.t-online.de.

According to Commtouch's Avi Turiel, spammers have began registering accounts in order host redirect scripts that lead to scareware pages.

More at :-
http://news.softpedia.com/news/T-Online-Free-Hosti...

--
Was this reply relevant?
+0
-0
mogs CClip 126
Expert Contributor 25th Mar, 2011 17:44
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Top 5 Online 2011 Tax Scams
In the run-up to the 2011 tax deadline, online scammers are out in force with new tax-related tricks and traps to rip you off.
By Ian Paul, PCWorld Mar 25, 2011 1:00 am

You may not want to think about your taxes until Tax Day on April 18, but online scammers are already plotting to separate you from your tax refund and your identity. Scams for the 2011 tax season include promises of tax credits for charitable donations to disaster relief in Japan, malware-laden Websites optimized for search engines, dangerous e-mail, and so-called 'likejacking' techniques found on the social network Facebook.

About 19 million people have already filed their taxes at home in 2011, an increase of almost 6 percent from the year previous, according to the Internal Revenue Service. Consequently, this time of year is ripe for tax-related online scams. Crooks know that taxpayers are looking for information on deductions and tax laws. They know that this is the time of year when taxpayers submit personal information online and store sensitive financial documents on their hard drives.

Read more at :-
http://www.pcworld.com/article/223261/top_5_online...

--
Was this reply relevant?
+0
-0
mogs CClip 127
Expert Contributor 26th Mar, 2011 08:10
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Critical Vulnerability Patched in Google Picasa

March 25th, 2011, 16:31 GMT| By Lucian Constantin

Google has released a new version of its Picasa image organizing software in order to address a vulnerability that could be exploited to execute arbitrary code remotely.

According to vulnerability research vendor Secunia, which rates it as highly critical, the flaw allows for attacks known as DLL hijacking or binary planting.

More at :-
http://news.softpedia.com/news/Critical-Vulnerabil...

--
Was this reply relevant?
+0
-0
mogs CClip 128
Expert Contributor 26th Mar, 2011 11:17
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Mozilla regrets keeping quiet on SSL certificate theft
'We should have informed Web users,' says Firefox maker of Comodo hack

By Gregg Keizer
March 25,
Computerworld - Mozilla today said that it regretted staying silent when it found out last week that hackers had stolen digital certificates for some of the Web's biggest sites, including Google, Skype, Microsoft, Yahoo and its own add-on site.

On March 15, attackers used a valid username and password to obtain nine SSL certificates -- which essentially prove that a site is what it says it is -- from an Comodo certificate reseller. The certificates were for six Web sites, including the log-on sites for Microsoft's Hotmail, Google's Gmail, the Internet phone and chat service Skype, and Yahoo Mail. A certificate for Mozilla's Firefox add-on site was also acquired.

More at :-
http://www.computerworld.com/s/article/9215077/Moz...

--
Was this reply relevant?
+0
-0
mogs CClip 129
Expert Contributor 26th Mar, 2011 11:22
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hackers step up attacks on security firms
As attacks on the security infrastructure increase, we must ask if the firms responsible for our safety can protect themselves, much less us

By Robert Lemos | InfoWorld

The Internet's security infrastructure is under attack. Two major incidents against Comodo and RSA have raised the question of not just whether the enterprise can withstand hacker attacks but if the security firms we all count on to guard the infrastructure can protect themselves.

Earlier this week, Internet security firm Comodo revealed it had been tricked into minting nine high-value digital certificates that could allow the attackers to create fraudulent sites that fool users into thinking they are visiting Google, Yahoo, Skype or Microsoft's Live service. The sting on Comodo follows a more serious attack on RSA, which netted the infiltrators unspecified information that could compromise the security of the company's one-time password product SecurID.

More at :-
http://www.infoworld.com/t/security-management/hac...

--
Was this reply relevant?
+0
-0
mogs CClip 130
Expert Contributor 26th Mar, 2011 11:28
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Uninstall programs properly
We explain the good and bad ways to uninstall programs from Windows
Rob Beattie PC help Windows 26/03/2011


Windows' Add or Remove tool can be used to get rid of programs
Uninstalling Windows programs isn't as straightforward as it should be.
Programs seem to have a way of leaving bits of themselves all over the place, clogging up the PC and eventually slowing it down.
In this Back to Basics article we will look at why this happens and explain the most effective methods for removing unwanted programs.
The problem with uninstalling files
The way Windows is built does not encourage tidy installations. By the same token, getting rid of old or otherwise unwanted programs requires a certain amount of clearing. The majority of Windows programs, for example, create a folder for themselves inside C:\Program Files\ and then one or more sub-folders inside that.
So far, so good. Unfortunately, at the same time they spray bits of themselves into other folders where Windows keeps the different libraries and other supporting components it needs to make everything work together properly.
As well as this new programs will also usually make changes to the Windows Registry, a kind of database where all kinds of important settings are stored.
The upshot of all this is that while it is possible to right-click a folder where a program was installed and choose Delete, this will leave lots of stuff behind. So how do you get rid of a program you don't need any more?


Read more: http://www.computeractive.co.uk/ca/pc-help/2026155...


--
Was this reply relevant?
+0
-0
mogs CClip 131
Expert Contributor 26th Mar, 2011 20:30
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft Disables Always-On HTTPS Option in Hotmail for Many Countries

March 26th, 2011, 08:57 GMT| By Lucian Constantin

The Electronic Frontier Foundation (EFF) warns that Microsoft has, for some reason, disabled the ability of users in over a dozen countries to enable the always-on HTTPS setting in Hotmail.

The option was introduced in November last year and allows Hotmail users to have HTTPS enabled automatically for their entire session after authentication.

The EFF reports that users from Bahrain, Morocco, Algeria, Syria, Sudan, Iran, Lebanon, Jordan, Congo, Myanmar, Nigeria, Kazakhstan, Uzbekistan, Turkmenistan, Tajikistan, and Kyrgyzstan no longer have this ability.

Read more at :-
http://news.softpedia.com/news/Microsofts-Disables...

--
Was this reply relevant?
+0
-0
mogs CClip 132
Expert Contributor 26th Mar, 2011 20:33
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Fake USPS Emails in Circulation

March 26th, 2011, 09:30 GMT| By Lucian Constantin

A wave of fake United States Postal Service (USPS) emails currently making the rounds are trying to pass a trojan downloader for a shipping label.

The spam emails pose as failed delivery notifications and bear a subject of "Post Express Information. Your package is available for pick up."

The contained message claimed that an error in the shipping address caused the package to be returned to the post office, from where it can be retrieved.

"Your package has been returned to the Post Express office. The reason of the return is 'Error in the delivery address' Important message!

"Attached to the letter mailing label contains the details of the package delivery. You have to print mailing label, and come in the Post Express office in order to receive the packages!" the emails read.

The attachment is called Post_Express_Label_ID_[number].zip and contains a malicious executable of the same name.

More at :-
http://news.softpedia.com/news/Fake-USPS-Emails-in...

--
Was this reply relevant?
+0
-0
mogs CClip 133
Expert Contributor 27th Mar, 2011 11:05
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Yahoo Fine-Tunes Its Search Engine
By VERNE G. KOPYTOFF

SUNNYVALE, Calif. — Since Yahoo surrendered its search engine to Microsoft two years ago as part of a major overhaul of its business, it has been trying to innovate on top of Microsoft’s technology to keep people coming to its site.

The latest effort was announced Wednesday when Yahoo introduced a refinement that gives users answers to their questions without having to click on the search results. Search Direct, as the product is called, provides weather forecasts, celebrity biographies and news reports before users finish typing the question.

If it sounds familiar, that is because it is Yahoo’s response to Google Instant, which automatically pulls up search results as people type their queries. Yahoo’s version goes a little bit further by presenting edited information and images just under the search box instead of a page full of links.

More at :-
http://www.nytimes.com/2011/03/24/technology/24yah...

--
Was this reply relevant?
+0
-0
mogs CClip 134
Expert Contributor 27th Mar, 2011 11:23
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Talking to your computer (with HTML!)

Labels: chrome
Today, we’re updating the Chrome beta channel with a couple of new capabilities, especially for web developers. Fresh from the work that we’ve been doing with the HTML Speech Incubator Group, we’ve added support for the HTML speech input API. With this API, developers can give web apps the ability to transcribe your voice to text. When a web page uses this feature, you simply click on an icon and then speak into your computer’s microphone. The recorded audio is sent to speech servers for transcription, after which the text is typed out for you. Try it out yourself in this little demo. Today’s beta release also offers a sneak peek of GPU-accelerated 3D CSS, which allows developers to apply slick 3D effects to web page content using CSS.

Lastly, as mentioned in yesterday's blogpost, those of you on the beta channel will start seeing the brand new shiny Chrome icon on your desktops.

Stay tuned as we make all these updates widely available in the stable channel soon!

Correction (March 23, 2011): This beta release's Speech API implementation is a prototype of Google’s proposal to the HTML Speech Incubator Group. The title of the blogpost has been changed to reflect this.

http://chrome.blogspot.com/?hl=en-GB

--
Was this reply relevant?
+0
-0
mogs CClip 135
Expert Contributor 27th Mar, 2011 21:34
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Q Windows XP used to offer an option to clean up the hard disk that would also delete old Restore Points created by System Restore to free up disk space.
I upgraded to a Windows 7 PC but cannot find a way to achieve the same result. How do I do it?
Also, is it possible to delete all the Restore Points apart from the most recent?
David Johnson, Northumberland


Read more: http://www.computeractive.co.uk/ca/pc-help/2026170...


--
Was this reply relevant?
+0
-0
mogs CClip 136
Expert Contributor 28th Mar, 2011 16:29
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Spotify turns off ads on free version after malware attacks

Malvertising hits music streamers
By Asavin Wattanajantra
Mon Mar 28 2011, 12:09
MUSIC STREAMING OUTFIT Spotify is investigating malware attacks hitting users of its free service, turning off advertisements while it tries to sort out the problem.
Internet services firm Netcraft said that users of the Spotify free service have been targeted by drive-by malware launched through third-party ads. It said that at least one attack was using a Java exploit to drop malicious executable code.
In a tweet, Spotify wrote, "We've turned off all third party display ads that could have caused it until we find the exact one." And in a later tweet it said, "We're still investigating but we take this very seriously and will take every step possible to ensure it doesn't happen again."


Read more: http://www.theinquirer.net/inquirer/news/2037732/s...


--
Was this reply relevant?
+0
-0
mogs CClip 137
Expert Contributor 28th Mar, 2011 16:32
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Sun.com and Mysql.com succumb to SQL injection attack

Two letter passwords stolen
By Lawrence Latif
Mon Mar 28 2011, 12:25
DATABASE VENDOR Oracle has suffered an attack on two of its highest profile websites, Mysql.com and Sun.com.
Oracle, which obtained the two domains after purchasing Sun Microsystems, is faced with the embarrassment of having two of its most widely known websites hacked through an SQL injection attack. The result was that parts of the websites' databases were dumped to a third party website.
At present it seems that both Mysql.com and Sun.com did not fall victim to database vulnerabilities, but rather to poor coding and testing practices. SQL injection attacks are fairly common and the finger of blame would be on the web developers behind the two websites, as testing for large websites like these usually includes taking measures to prevent such attacks.


Read more: http://www.theinquirer.net/inquirer/news/2037717/s...


--
Was this reply relevant?
+0
-0
mogs CClip 138
Expert Contributor 28th Mar, 2011 16:37
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Hackers target business secrets

Many net-savvy thieves are scouring corporate networks for saleable secrets

Intellectual property and business secrets are fast becoming a target for cyber thieves, a study suggests.

Compiled by security firm McAfee, the research found that some hackers are starting to specialise in data stolen from corporate networks.

McAfee said deals were being done for trade secrets, marketing plans, R&D reports and source code.

More at :-
http://www.bbc.co.uk/news/technology-12864666

--
Was this reply relevant?
+0
-0
mogs CClip 139
Expert Contributor 28th Mar, 2011 16:42
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
New Variant of Destructive Ransomware Identified
March 28th, 2011, 05:21 GMT| By Lucian Constantin

Security researchers from Kaspersky Lab have identified a new variant of a destructive ransomware program that encrypts personal files with an uncrackable algorithm.

Ransomware applications block critical system functionality or lock access to important documents and ask for money to restore normal operations.

It's a form of online blackmail and is considered the next step in the evolution of scareware, programs that scare users into paying money by making false claims.

Many ransomware programs, especially those that block access to the system, can be cleaned safely from Safe Mode with the right tools.

However, those that encrypt personal files are more dangerous if the algorithm is not crackable and can lead to data loss.

This is the case of programs in the Gpcode ransomware family, which make use of the secure RSA public-key algorithm with an 1024-bit key.

Once installed, these applications start encrypting files with predefined extensions, including documents and images, and post a warning message on the desktop advising users to read an instructions file that tells them to send money if they want the special encryption key.

More at :-
http://news.softpedia.com/news/New-Variant-of-Dest...

--
Was this reply relevant?
+0
-0
mogs CClip 140
Expert Contributor 28th Mar, 2011 16:55
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Serious Doubts Cast Over Comodo's State-Sponsored Attack Hypothesis

March 28th, 2011, 07:57 GMT| By Lucian Constantin

The Comodo digital certificate theft plot thickens as lone Iranian hacker claims to be responsible for the compromise and offers evidence.

The security world was taken by storm last week when it was revealed that someone managed to obtain fake digital certificates for high-profile domains from Comodo.

The company, which is a Certification Authority (CA) trusted by default by all browsers and operating systems, said the hackers abused credentials stolen from one of its resellers.

It also pointed the finger at the Iranian government for being behind the attack, based on the fact that one rogue certificate was temporarily spotted on a server in Iran and the attackers connected from an Iranian IP address.

However, on Saturday, someone posted a message on pastebin.com claiming to be the hacker behind the compromise and blasting Comodo and the media for advancing the government-sponsored attack hypothesis.

The hacker describes himself as a 21-year-old Iranian student and judging by his message he is very patriotic, but more in the spiritual sense rather than political.

He does, however, issue threats in his open letter, calling Microsoft, Google and Mozilla his new enemies for updating their software "as soon as instructions came from CIA" and warning that "I'll do it again, but this time nobody will notice it."

More at :-
http://news.softpedia.com/news/Hacker-Claims-He-Ac...

--
Was this reply relevant?
+0
-0
mogs CClip 141
Expert Contributor 29th Mar, 2011 07:32
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Beta Channel Update
Monday, March 28, 2011 | 16:13
Labels: Beta updates
The Beta channel has been updated to 11.0.696.25 for Macintosh, Windows, Linux and Chrome Frame platforms

The following bugs were fixed
cloud print: Error running service on the headless machine (Issue 76991).
sync: Not registering for NIGORI data types (Issue 76268).
A known crash (Issue 76998 ).
REGRESSION: img of extensions not displayed in chrome://extensions within an incognito window (Issue 74905).
Cloud policy fetch loop upon POLICY_NOT_FOUND answer from the server (Issue 77232).
Token fetcher doesn't correctly enter unmanaged state (Issue 77185).
Memory Leak in ChromeFrame in the AutomationResourceMessageFilter::SetCookiesForUrl function (Issue 77421).
REGRESSION: Arrows not showing up on tabstrip while dropping links (Issue 74764).
Java: Direct users to the right download page (Issue 76634).
add es-419, fr-Foo and en-Foo and zh_HK/zh_Hant_HK to Accept-Language list(Issue 62715).
You can find full details about the changes that are in this version of Chrome 11 in the SVN revision log.

If you find new issues, please let us know by filing a bug.

Want to change to another Chrome release channel? Find out how.
http://googlechromereleases.blogspot.com/

--
Was this reply relevant?
+0
-0
mogs CClip 142
Expert Contributor 29th Mar, 2011 07:51
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Microsoft Fixes Hotmail Always-On HTTPS Problem

March 28th, 2011, 15:03 GMT| By Lucian Constantin





Microsoft has fixed the error that prevented Hotmail users in many countries from enabling the always-on HTTPS setting under their accounts.
More at :-
http://news.softpedia.com/news/Microsoft-Fixes-Hot...

--
Was this reply relevant?
+0
-0
mogs CClip 143
Expert Contributor 29th Mar, 2011 07:55
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Vulnerabilities Disclosed on Sun Websites

March 28th, 2011, 12:23 GMT| By Lucian Constantin

The hackers who disclosed vulnerabilities in MySQL.com also published details about SQL injection flaws in older Sun Microsystems websites.

Sun Microsystems was acquired by Oracle at the beginning of 2010 and its products were integrated into the latter's portfolio.

However, given the sheer size of Sun many of its web properties still need to be moved under Oracle's brand and some have been neglected security-wise.

Such is the case of reman.sun.com and ibb.sun.com, two sites dedicated to remanufactured systems and spare parts.

Although some might think that hacking such sites has little value, Romanian hacker TinKode's proof-of-concept attack shows their databases can still contain sensitive information.

More at :-
http://news.softpedia.com/news/Vulnerabilities-Dis...

--
Was this reply relevant?
+0
-0
mogs CClip 144
Expert Contributor 29th Mar, 2011 16:16
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

McAfee's website full of security holes, researcher says
The portion of the site that could be used for cross-site scripting attacks host some of McAfee's files for downloading software

By Julie Bort | Network World

The McAfee.com website is full of security mistakes that could lead to cross-site scripting and other attacks, researchers said in a post on the Full Disclosure site on Monday. The holes with the site were found by the YGN Ethical Hacker Group, and reported to McAfee on Feb. 10, YGN says, before they were publicly disclosed to the security/hacking mailing list.

In addition to cross-site scripting, YGN discovered numerous information disclosure holes with the site including seeing an internal hostname and finding 18 source code disclosures. The portion of the site that could be used for cross-site scripting attack hosts some of McAfee's files for downloading software, YGN says on its Full Disclosure post.

More at :-
http://www.infoworld.com/d/security/mcafees-websit...

--
Was this reply relevant?
+0
-0
mogs CClip 145
Expert Contributor 29th Mar, 2011 16:20
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
McAfee confirms security bugs on its web site
by David Neal
29 Mar 2011

Security firm McAfee has confirmed that its site contains vulnerabilities, but has promised that the problems do not affect customer security.
Reports about the vulnerabilities spread on Monday after researchers posted details on the Seclists.org disclosure site.
Further reading
McAfee EMEA chief talks malware and endpoint security
McAfee steps up smartphone and tablet security
Intel wraps up McAfee acquisition
The YGN ethical hacker group said that it had found a number of problems on the McAfee web pages, including some that could lead to cross site scripting attacks and information disclosure.
However, McAfee played down the reports, and said that the company is fixing the problems and that customers are not at risk.


Read more: http://www.v3.co.uk/v3-uk/news/2038134/mcafee-conf...


--
Was this reply relevant?
+0
-0
mogs CClip 146
Expert Contributor 29th Mar, 2011 17:00
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Windows 8 Available for Download via Microsoft Connect, Reportedly

March 29th, 2011, 14:16 GMT| By Marius Oiaga
Microsoft is broadening the testing program for the next major iteration of Windows, according to various sources.

Reports indicate that Windows 8 bits are now available for download through Microsoft Connect, the Redmond company’s distribution and feedback hub for pre-release software.

It appears that the software giant has started offering an early development milestone of Windows 8 to original equipment manufacturers (OEMs), and that’s why the release is offered through Connect.

Of course, Windows 8 can only be downloaded on an invitation-basis only. An incomplete download link has already made its way in the wild, but it’s all but useless since it does not feature the invitation code designed to allow access to Windows 8.

Read more at :-
http://news.softpedia.com/news/Windows-8-Available...

--
Was this reply relevant?
+0
-0
mogs CClip 147
Expert Contributor 29th Mar, 2011 17:09
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

ZDNet UK / News and Analysis / Security / Security Threats

Startup Britain site points to scareware
By Tom Espiner , ZDNet UK, 29 March, 2011 15:38

Startup Britain redirected traffic to a site compromised by fake antivirus software.

The site, which launched on Monday, exposed Internet Explorer users to scareware being hosted on a third-party site, Bankling.com. After submitting questions to Startup Britain on Monday, ZDNet UK found the link in question had been removed on Tuesday morning.

UK security company Sophos confirmed the attempted fraud on the site, which is designed to help would-be entrepreneurs. "Startupbritain.org, which is linked to from the 10 Downing Street page — number10.gov.uk, contains links to a WordPress site that automatically puts up a fake antivirus page," said Sophos senior threat researcher Paul Baccas.

More at :-
http://www.zdnet.co.uk/news/security-threats/2011/...

--
Was this reply relevant?
+0
-0
mogs CClip 148
Expert Contributor 29th Mar, 2011 21:33
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
McAfee is fixing security bugs on its website

Insecurity firm is sweeping its own doorstep
By David Neal
Tue Mar 29 2011
INSECURITY OUTFIT McAfee has reacted to a publicly disclosed vulnerability on its website and promised that it has had no impact on the integrity of its services or customers.
The firm issued a statement about the problems in which it said that it was reacting to the vulnerabilities, but omitted that it was first told about the problems weeks ago.
"Early on Monday March 28, 2011, various online news outlets reported on vulnerabilities in McAfee Web sites," it said.
"McAfee is aware of these vulnerabilities and we are working to fix them. It is important to note that these vulnerabilities do not expose any of McAfee's customer, partner or corporate information. Additionally, we have not seen any malicious exploitation of the vulnerabilities."


Read more: http://www.theinquirer.net/inquirer/news/2038175/m...


--
Was this reply relevant?
+0
-0
mogs CClip 149
Expert Contributor 29th Mar, 2011 21:42
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
What is a Microsoft Teredo Tunneling Adapter error?
This common Windows error message can usually be ignored
Computeractive staff PC help Desktops 29/03/2011


The Device Manager in Windows can show harmless error warnings
Q I have a new Fujitsu PC running Windows 7. I was checking various things in Device Manager when I noticed a yellow warning marker alongside the Network adapters group.
I clicked this to investigate the problem and saw errors alongside two entries - Microsoft ISATAP Adapter and Microsoft Teredo Tunneling Adapter.
I visited Microsoft's website for answers but could not find a solution. I do not seem to have any problems with my PC or any computing activities and I have no knowledge when this happened.
Indeed, I would have remained blissfully unaware had I not been checking something else. Is it anything to worry about?
Brian Johnson
A It is nothing to worry about, especially if everything is working as you want.
Microsoft's own advice on the ISATAP Adapter error message is that it can generally be safely ignored, because it doesn't actually indicate a problem with the adapter (you would have to ask Microsoft's programmers why this device gets flagged with an error).
If it adds reassurance, this is a common occurrence. And, if you want, you can prevent the error message from appearing. It has several possible causes, though, so finding the perpetrator may be tricky.
From the screenshot sent with your email, your PC seems to be built around a Nvidia motherboard. So, if you are keen to eradicate the warning triangles from Device Manager, we would start by updating the motherboard drivers.
Download and use a tool such as System Information for Windows to determine the precise motherboard model and download and install the latest drivers - you will find the Nvidia download web page here.


Read more: http://www.computeractive.co.uk/ca/pc-help/2026173...


--
Was this reply relevant?
+0
-0
mogs CClip 150
Expert Contributor 30th Mar, 2011 08:45
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Last edited on 30th Mar, 2011 08:46
Websense warns of massive SQL attack on iTunes and others
by Iain Thomson

30 Mar 2010
Internet monitoring firm Websense is warning of a huge SQL attack that has succeeded in infecting over 28,000 legitimate internet sites.
Dubbed LizaMoon after the originating domain lizamoon.com, the current attack has been injecting a single line of code into web sites that would link the viewer to a well-known fake security software site: hxxp://defender-uqko.in.

So far both the attacking domain and the linking site are offline, but Websense said that could change at any time at the whims of the attacker. The lizamoon.com domain was set up three days ago using data which appears to be faked.
The company also said that it had spotted some of the code in iTunes URLs, but said that Apple's security policies would have blocked any attack.


Read more: http://www.v3.co.uk/v3-uk/news/2038349/websense-wa...


--
Was this reply relevant?
+0
-0
mogs CClip 151
Expert Contributor 30th Mar, 2011 13:33
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Co-operative Group data breach leaks 83,000 customer details online
by Dan Worth

30 Mar 2011

A division of the Co-operative Group, which organises funeral planning and wills, has admitted that data on 83,000 of its customers was accidentally posted online.
A spokesperson for Co-operative Life Planning (CLP) explained that the information was lost by a third-party company used by CLP, but stressed that the data was not of a sensitive nature.
Further reading
ICO in pre-election warning to political parties over privacy laws
Leicester City Council informs ICO of data loss
ICO raps council for dumping documents in a skip
"As a result of an error at a company which provides technical support services to CLP, the security of some data was lowered. The data related only to funeral planning products, not wills, held by Co-operative," the spokesperson said.
"The data is classified as non-sensitive under the Data Protection Act. It did not contain any bank account details, National Insurance numbers, health details, telephone numbers or emails."


Read more: http://www.v3.co.uk/v3-uk/news/2038490/-op-breach-...


--
Was this reply relevant?
+0
-0
mogs CClip 152
Expert Contributor 30th Mar, 2011 16:53
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Comodo admits 2 more resellers pwned in SSL cert hack

How deep does the rabbit hole go?
By John Leyden •
Posted in Enterprise Security, 30th March 2011 14:27 GMT
Comodo has admitted a further two registration authorities tied to the digital certificates firm were hit by a high-profile forged digital certificate attack earlier this month.

No forged certificates were issued as a result of the assault on victims two and three of the attack, but confirmation that multiple resellers in the Comodo community were compromised is bound to renew questions about the trust model applied by the firm.

Read more at :-
http://www.theregister.co.uk/2011/03/30/comodo_gat...

--
Was this reply relevant?
+0
-0
mogs CClip 153
Expert Contributor 30th Mar, 2011 17:05
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Q Is it possible to create a new Restore Point directly from the Windows Desktop? That way, I could easily make a new Restore Point each time I wish to download and install new software.
Mike Pallen
A This is easy to do, but the necessary method is dependent on the version of Windows you have.
In Windows XP, launch Windows Explorer and use it to navigate to the C:\WINDOWS\system32\Restore folder (this assumes that Windows is installed on drive C, obviously).
Now look for a file called ‘rstrui.exe'. Right-click it and, from the pop-up menu, choose Sent To followed by Desktop (create shortcut). The requisite shortcut will now appear on the Windows Desktop.
A different approach is required in Windows Vista and 7. First, right-click on any blank part of the Desktop then select New followed by Shortcut.
Click Browser then use the Browse for Files or Folders dialogue box to navigate to C:\Windows\System32 (again, assuming that Windows is installed on the C drive).
Now look for a file called SystemPropertiesProtection.exe, click once to select it and click OK. Click Next, type a name for the shortcut (such as Create a Restore Point) and click Finish.


Read more: http://www.computeractive.co.uk/ca/pc-help/2026174...


--
Was this reply relevant?
+0
-0
mogs CClip 154
Expert Contributor 30th Mar, 2011 19:22
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hotmail will allow emails to run Javascript

To make content more interactive
By Lawrence Latif
Wed Mar 30 2011, 15:06
EMAIL SERVICE PROVIDER Microsoft will allow companies to run Javascript code within Hotmail users' mailboxes.
Microsoft has said that its Hotmail service will analyse email and present certain forms of content in a way that it believes is the "most common things people do when they receive the email". This means that groups of images will automatically be put into a slideshow or videos will be embedded directly in emails from simple Youtube links.
In a bid to keep users on Hotmail's website, Microsoft has launched a sandboxed environment that it says will allow partners to "insert dynamic content that is up to date and interactive with common tasks through the use of Javascript". And here we thought HTML emails were bad enough.


Read more: http://www.theinquirer.net/inquirer/news/2038675/h...


--
Was this reply relevant?
+0
-0
mogs CClip 155
Expert Contributor 31st Mar, 2011 08:55
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
News
Comodo hacker claims another certificate authority

By Robert McMillan
March 30, 2011
IDG News Service - The hacker who claimed credit for breaking into systems belonging to digital certificate vendor Comodo said he has compromised another certificate authority, along with two more Comodo partners, a move that could further undermine trust in the system used to secure websites on the Internet.


http://www.computerworld.com/s/article/9215360/Com...

--
Was this reply relevant?
+0
-0
mogs CClip 156
Expert Contributor 31st Mar, 2011 08:57
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Samsung investigating report of keylogger on its laptops
By Robert McMillan
March 30, 2011
IDG News Service - Samsung Electronics is investigating allegations that some models of its R Series laptops contain keylogging software that could be used to record anything typed on the laptop computers.


http://www.computerworld.com/s/article/9215367/Sam...

--
Was this reply relevant?
+0
-0
mogs CClip 157
Expert Contributor 31st Mar, 2011 10:47
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

How to detect and remove StarLogger
by Seth Rosenblat


A security researcher revealed today that he had purchased two new laptops from Samsung, and discovered both of them to be infected with the StarLogger (download) keystroke-recording program. While there's very little that can be done about keystrokes already recorded, checking your own laptop for such software is actually quite simple--if you're familiar with mucking about in your system directories and Registry.
Note that the researcher only reported StarLogger on two models, a Samsung R525 and a Samsung R540. CNET examined another new Samsung laptop, the Samsung Series 9, and did not find a keylogger installed.
Because it's a keylogger, most often used for spying on employees and children, StarLogger cannot be accessed from your Start menu. (Or at least, it shouldn't be accessible there. If it is, whoever installed it did a poor job.)
The easiest way to find StarLogger is to look for its Registry key, which is used to load it when Windows is started. To see if this has occurred, open a command prompt and type "Run Regedit". Then go to the Menu bar, select Edit and then Find. You want to search for "winsl", without the quotes. If it's installed, you should see a Registry key that looks like this:
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\winsl


Read more: http://news.cnet.com/security/#ixzz1IAIPRqTs

--
Was this reply relevant?
+0
-0
mogs CClip 158
Expert Contributor 31st Mar, 2011 16:12
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Samsung Cleared of Laptop Keylogger Accusation
It turns out an antivirus suite mistakenly classified a Microsoft folder as a keylogger
By Jeremy Kirk, IDG News Mar 31, 2011 2:19 pm

Samsung Electronics' laptops do not contain a secret program that logs keystrokes, security researchers have found, chalking the problem up to a mistake by an antivirus program.

An IT consultant based in Toronto, Mohamed Hassan, said on Wednesday he bought a Samsung R525 and later a R540 laptop and found the StarLogger program made by a company called de Willebois Consulting. StarLogger can log all keystrokes and capture screenshots.

But Samsung and the security company F-Secure did further research and found that the VIPRE antivirus software mistakenly associated a Windows root directory folder called "SL" with StarLogger.

More at :-
http://www.pcworld.com/article/223859/samsung_clea...

--
Was this reply relevant?
+0
-0
mogs CClip 159
Expert Contributor 31st Mar, 2011 17:46
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Last edited on 1st Apr, 2011 07:32
Websense warns LizaMoon SQL injection attack has hit 380,000 domains
by Phil Muncaster

31 Mar 2011

Security firm Websense is warning that that the mass LizaMoon SQL injection attack discovered earlier this week is much bigger than previously thought, and that over 380,000 URLs have been affected.
The firm first warned of the attack on Tuesday, claiming that hackers had injected a single line of code into thousands of web sites, linking the viewer to a well-known fake anti-virus site at defender-uqko.in.
Among the pages infected were several iTunes URLs, although Websense explained that Apple's security measures would have blocked any attack.
Initially it was thought that the mass SQL injection attack affected some 28,000 domains, but that number has now increased more than 10-fold.
Carl Leonard, senior manager at Websense Security Labs, argued that LizaMoon is now one of the largest mass injection campaigns ever seen.


Read more: http://www.v3.co.uk/v3-uk/news/2039083/websense-wa...

This thread is now closed....thankyou for your support.
The new April edition can be found at :-

http://secunia.com/community/forum/thread/show/798...



--
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability