Microsoft said last week that a skew toward more exploits on Windows Vista can be attributed to the demise of support for the operating system's first service pack.
Data from the company's newest security intelligence report showed that in the second half of 2011, Vista SP1 (Service Pack 1) was 17 percent more likely to be infected by malware than Windows XP SP3, the final upgrade to the nearly-11-year-old operating system.
WHMCS, a provider of online billing services, is the latest victim of a high-profile security breach launched by a hacker group claiming moral high ground for its actions.
Malware writers have used Crossrider, a cross-browser extension development framework, to build a click-fraud worm that spreads on Facebook, security researchers from antivirus firm Kaspersky Lab said on Monday.
Crossrider is a legitimate Javascript framework that implements a unified API (application programming interface) for building Mozilla Firefox, Google Chrome and Internet Explorer extensions.
When it comes to log management, most administrators follow the traditional route of generating all possible events that might need to be captured, then choosing which events should create actionable alerts. The centralized log management system then picks up, centralizes, and correlates these entries. The result is information overload, much akin to the log entries generated by the average firewall (you all know how much I love firewalls).
The hackers in charge of the Flashback botnet managed to generate $14,000 from their click fraud campaign, but have not been paid, Symantec said Thursday.
New analysis of the Flashback botnet and the traffic between infected Macs and C&C (command-and-control) servers exposed the earnings and the lack of payment, Liam O Murchu, manager of operations at Symantec's security response center, said in an interview.
Cyber spies have planted Java- and Flash-exploiting malware on websites focused on human rights, defense, and foreign policy.
Over the last two weeks, the Shadowserver Foundation, a nonprofit group that tracks Internet threats, has discovered several such compromised Web sites that download the malware through visitors' browsers. The malware, which exploits known flaws in Adobe Flash and Java, is aimed at Mac and Windows systems.
I love offering opinions that generate comment after comment about how dumb I am, as my post "Why you don't need a firewall" has achieved. Little do these detractors know that my family and classmates said much meaner things as I was growing up, so it's like water sliding off a duck's back. I appreciate most of the comments -- because many were valid.
Some commenters, for example, guessed that I might have been exaggerating the tone of the article for effect. Mea culpa!
I love Facebook. I also hate it. And sometimes I'm indifferent, but not often.
As the big IPO day looms closer, lots of folks are taking a second look at this thing that started out as kind of a goofy diversion for college kids and has grown into the beast with 900 million heads.
Visitors to Wikipedia who see advertisements on the site have most likely fallen victim to a browser-based malware infection, Wikimedia Foundation, the organization operating the website, said on Monday.
Firewalls need to go away. I'm just saying what we all already know. Firewalls have always been problematic, and today there is almost no reason to have one.
Computer firewalls have been with us since the 1980s. Even early on it was pretty clear that they didn't really work; if they did, we would have defeated malicious hackers and malware a long time ago. But at least back in the day there was a decent reason to need them.
Apple on Monday issued its first security-related update for OS X 10.5, or Leopard, in nearly a year, to disable long-outdated versions of Adobe's Flash Player.
Security Update 2012-003 does not patch any known vulnerabilities, but is instead a Leopard-specific version of what Apple released last week for OS X 10.6, or Snow Leopard, and the newer OS X 10.7, better known as Lion.
Nearly nine in 10 executives and employees are using their personal smartphones or tablets for business and about half are doing so without the permission of their companies, a new study shows.
Making the situation even more precarious, less than half of the more than 4,000 mobile device users surveyed by Juniper Networks in the U.S., U.K., Germany, China and Japan took even the most basic precautions in using mobile applications.
Facebook says it intends to make further changes to its privacy policy in order to respond to an audit by the Irish government, but privacy advocates saw the move as an inadequate attempt to quell privacy concerns prior to Facebook's planned initial public offering.
After being pummeled by customers and security experts for telling users to spend hundreds of dollars on upgrades because it wasn't going to patch critical bugs in older versions of its software, Adobe has reversed course.
The company will now fix the eight vulnerabilities in the one-year-old Illustrator and Flash Professional CS5.5, and the two-year-old Photoshop CS5, an Adobe spokeswoman said via email late Friday.
Government is up to its neck in tech. From IRS computers calculating taxes to computerized parking meter systems all the way to modern weapons systems, government at every level is utterly tangled up in computing.
Facebook has started to roll out a new file-sharing capability -- and Dropbox shouldn't be the only worried party. The addition of a low-security file-sharing tool to the world's most popular social networking site could open a world of security pain on businesses and home users alike.
Apple yesterday patched 36 vulnerabilities in Mac OS X, most of them critical, plugging a hole that revealed passwords used to encrypt folders with an older version of FileVault.
Both Mac OS X 10.7, aka Lion, and 10.6, better known as Snow Leopard, were updated with fixes. The two operating systems were last updated in February.
Booby-trapped RTF documents are one of the most common types of malicious Microsoft Office files that are used to infect computers with advanced persistent threats (APTs), according to security researchers from Trend Micro.
"Taking data from exploit documents gathered last April, we can see that the most exploited MS Office software is MS Word," said Trend Micro senior threat researcher Ryan Flores, in a blog post on Wednesday.
View Channel
