Avast! has just released the first public beta version of the company’s 2012 security lineup. Interested users can download Avast Free, Avast Pro and Avast Internet Security from the official beta announcement thread in the Avast forum. First thing that users notice is the new installer. Avast notes that the beta versions can be installed [...]

Back in 2006 hackers managed to download source codes of Symantec software after successfully gaining access to Symantec’s infrastructure. The hackers managed to obtain Norton Antivirus Corporate Edition, Norton Utilities, Norton GoBack, pcAnywhere and Norton Internet Security source codes during the operation. The incident came to light only recently, when hackers started to upload code [...]

You may have heard about so called ransom ware before. This is a type of malware that tries to extort money from computer users by making the system or data inaccessible until the money has been paid. This can be a serious issue, especially if you need access to the data immediately. Kaspersky WindowsUnlocker is [...]

Bundling third party applications with your own software is not a new thing on the Internet. It is for instance quite common that you see the Ask Toolbar, Babylon Toolbar, or any other toolbar added to software installations. Users who do not pay attention to the installation are then not only installing the software they [...]

The FBI back in November managed to close down a botnet that was created with the help of a malware called DNSChanger. In operation since 2007 it grew to a size of nearly 4 million infected computer systems of which about 500,000 were located in the United States. The operators manipulated the DNS system of [...]

After a relatively quite holiday period attacks on popular services on the Internet seem to have picked up again. After the Zappos incident a few days ago, it is now the popular web hoster Dreamhost who noticed unauthorized activity within one of the company’s databases. Dreamhost is not going into further detail but mentions that [...]

Zappos yesterday notified all of their employees and customers that a company server has been compromised. The email, accessible online only for visitors from the US, indicates that the attackers may have gotten hold of part or all of the customer account database of Zappos.com. Information that may have been retrieved by the attacker include [...]

The Virustotal online virus scanning service is one of the services that I use on a regular basis. Whenever I find a great looking software in a “not so great” location, I use the service to check the software out before I execute it on my system. This is for instance the case when software [...]

Microsoft today has released seven security related bulletins that fix issues in the Windows operating system and in Microsoft’s Developer Tools. One bulletin has received the maximum severity rating of critical, the highest available rating, while the remaining six bulletins have all received a rating of important, the third highest rating. It is interesting to [...]

Microsoft has released an out-of-band security update for the Windows operating system that fixes a number of security vulnerabilities in the Microsoft .NET Framework. The vulnerability affects all 32-bit and 64-bit versions of Windows that receive security updates, and the following versions of the Microsoft .NET Framework: Microsoft .Net Framework 1.1, 2.0, 3.5 Service Pack [...]

Attackers who try to brute force accounts to get system passwords have several options at hand to reduce the time it takes until passwords are found. Most nowadays test the passwords against a dictionary file containing commonly used passwords before they start to test all possible character combinations. A WiFi Protected Setup (WPS) vulnerability has [...]

HP has released firmware updates for some of its LaserJet printer models that aims to mitigate a security vulnerability discovered in November. Researchers at Columbia University discovered that some HP LaserJet printers can be manipulated into accepting a modified firmware. The modified firmware can then be used to steal information, run network attacks or even [...]

The Firefox NoScript add-on is one of the best, if not the best, web browser security extensions. NoScript’s core functionality, the blocking of all scripts on all websites, protects the user from script based web attacks. Additional functionality has been integrated into the add-on over years, including anti-XSS protection, Application Boundaries Enforcer or the inclusion [...]

We all know that there is not a single antivirus software on the market, either free or commercial, that detects 100% of malicious software. Some users help themselves by adding additional layers of protection to their system. This can be virtualization or sandboxing, or the installation of another security application. Others use online services such [...]

SuperAntiSpyware is a popular and effective malware scanner that is available as a free and professional version. The developers of the program have now launched SuperAntiSpyware Online Safe Scan, a free portable scanner for Windows systems. Some users may find the name to be misleading, as it is not a web based scanner such as [...]

Yesterday’s Patch Tuesday brought 13 security bulletins fixing a total of 19 different vulnerabilities affecting Microsoft products. The majority of security patches have been released for Microsoft’s Windows operating system and Microsoft Office, with a cumulative security update released for Internet Explorer as well. The updates are already available on Windows Update and via the [...]

A sandbox in computing in layman terms puts a border around programs running in the sandbox so that they run isolated from the rest of the system. This protects the rest of the system if the sandboxed program is attacked or exploited. Sandboxing can be a very effective option when testing programs, running files where [...]

More and more Internet companies are beginning to implement 2-step verification processes to counter the ever increasing attacks on customer accounts. Yahoo! is the latest company to upgrade the account security with a 2-step verification option. The new second sign-in verification feature is opt-in at this point in time, and only available to users from [...]

The majority of threats that land on a Windows PC can be removed by antivirus software while the operating system is running. Some threats on the other hand cannot be fully removed when the system is running. The only solution in this case is to either boot into a different operating system, restore a previous [...]

The security software market is flooded with products. Consumers not only have to cope with dozens of companies, but also with multiple products offered by the same company. The majority of companies offer two or three different security programs that are updated every year. With different security products available, consumers face the problem that they [...]

If you have never heard about Carrier IQ before you can rest assured that you are not the only one. Security researcher Trevor Eckhart published a research paper on Carrier IQ, a software that he discovered running on his HTC Android device, in mid November. Lets start at the beginning, and with a simple question: [...]

Phishing emails are a huge problem and one that numerous attempts to rectify have so far failed to achieve.  Now a large group of tech companies have joined forces with a start-up company called Agari to try and stop phishing emails from even reaching your inbox.  Microsoft, Google, AOL, Yahoo! and other firms have all [...]

Many electronic devices ship with Internet access these days. And I’m not talking about traditional devices like PCs or even gaming consoles, but more about peripherals like printers and household items such as fridges or microwaves. Columbia University researchers have discovered a vulnerability in some Hewlett-Packard LaserJet printer lines that could allow attackers to install [...]

Password strength has become more of a issue in recent years. While it has always been important to select secure passwords, advancements in processing power and distributed computing (for instance cloud computing) have made it more of a pressing matter. Passwords that may have taken weeks or years to crack in the past are now [...]

Did you know that YouTube saves information about every video that you view on the video hosting site when you are logged into your Google account and also when you are not? And that those video views are saved indefinitely by the service? The saving of YouTube video views may be a privacy issue to [...]

Microsoft’s free security software, Microsoft Security Essentials, has become a very popular program in the world of Windows. There is no single reason for that, factors that weight in heavily are that it is free, relatively lightweight and unobtrusive, and that it is developed by Microsoft directly. Microsoft yesterday has opened registrations for the next [...]

The Steam forums were for a time not accessible a few days ago. What felt like a hardware or software issue at that time was actually more serious than this. Users who visit the Steam forums today see an announcement on the first page that informs them that the Steam forum and Steam databases have [...]

The Security Intelligence Report is a biannual report by Microsoft that analyzes past and present security trends. It focuses on “software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches”. The latest report published yesterday focuses on the first and second quarter of 2011 and compares the findings with data from previous [...]

A security update for Adobe Flash Player has been released today that fixes several critical security vulnerabilities that Adobe identified in the software. Affected by vulnerabilities are all desktop versions of Adobe Flash Player 11.0.1.152 and earlier for Windows, Apple Macintosh, Linux and Solaris as well as Adobe Flash Player 11.0.1.153 or earlier versions for [...]

Users with the file synchronization and hosting service Dropbox running on their system needed to take good care of the authentication files of the service. These files were generated during first authentication on the system. The issue here for many users was that a third party could copy the authentication files to sync all of [...]

Today Microsoft has released security updates exclusively for Microsoft Windows operating systems. Of the four bulletins released today, one has received the maximum severity rating of critical while the other three have received one of important. Maximum severity means that at least one Microsoft operating system has received the critical vulnerability rating. In this case, [...]

Back in October a rootkit was discovered that exploits a critical security vulnerability in the Windows operating system. We covered a detection and removal tool two days ago that would scan a PC and remove any traces of the Duqu rootkit from a system. Microsoft today has releases a security advisory to give customers “guidance [...]

Origin is a controversially “Steam-like” distribution and gaming platform by Electronic Arts. The service has recently received bad press because of its end user license agreement which EA in the meantime has updated several times. Regardless of that, it is still heavily criticized by privacy organizations and end users alike for its abilities to crawl [...]

Protecting a computer system has become one of the most important tasks for computer users in the past decade. While you had your fair share of viruses, hacks and all that stuff on computer systems like the C-64 or Amiga as well, they have never managed to spread far thanks to expensive modems and data [...]

If you have been following security news lately you may have already heard about the Duqu rootkit that combines the technology of the Stuxnet rootkit with a backdoor trojan and keylogger. Duqu has been discovered on October 18 and infection reports have started to come in soon thereafter. Not all security suites and products detect [...]

The autocomplete feature can be pretty handy at times. It helps you log in on your favorite website faster or load a website in your browser without having to enter the full web address. Researchers from Minded Security Labs have released a proof of concept that demonstrates how a third party website can get access [...]

As we carry more devices around with us, smartphones, tablets, netbooks, ultraportables, than ever before and now I’m wrondering if biometrics are fast becoming the must-have addition for mobile computing in the 21st century.  I have a variety of mobile devices myself and have tested a great many more in the last year.  Of these, [...]

When you are on the Internet you face a dilemma. You do not know an awful lot about new sites that you visit. You do not know much about the company or people that operate a website for instance. That may not be a problem on sites that you just access for information, but what [...]

Hardware manufacturers that want to ship Microsoft’s upcoming Windows 8 operating system with their PCs need to implement the Secure Boot feature that is part of the UEFI specification. The feature basically determines which code or programs can be started during boot. The core intention here is to prevent malware and other unauthorized code from [...]

Oracle has released a critical patch update for its Java products including the Java Development Kit and the Java Runtime Environment. According to the security advisory the cumulative update fixes a total of 20 security related issues across all Java based products. Java users can verify their computer system’s Java version on this page. Affected [...]

About two weeks ago word got out that the Chaos Computer Club got their hands on what they identified as a German state-sponsored trojan. The initial analysis assumed that the trojan would only run on 32-bit Windows systems. We reviewed a software that would detect the trojan on the system. Two weeks later things have [...]

Security researchers Nicholas Carlini, Adrienne Porter Felt, and Prateek Saxena reviewed 50 popular and 50 random Chrome extensions from the official Chrome Web Store for security vulnerabilities and discovered that 27 of the 100 extensions “leak all of their privileges to a web or WiFi attacker”. These 27 extensions account for a total of 51 [...]

Microsoft releases Windows updates on the second Tuesday of the month. A total of eight different security bulletins have been released today by Microsoft. They update the operating system Microsoft Windows and other Microsoft products such as the .NET Framework, Microsoft Silverlight and Internet Explorer. Two of the eight bulletins have been given the highest [...]

It is prudent to have backup antivirus software in the event that something goes wrong with the primary antivirus suite on your PC. Sometimes malware can lock the primary antivirus program and at other times it can simply stop working or experience technical difficulties of unknown cause. Though you do not need to run more [...]

I have monitored news about the alleged German state-sponsored trojan closely ever since the German Chaos Computer Club posted information about it online. While there is not a definitive proof that it is indeed malware designed and operated by German police forces, it is definitely something that computer users need to be aware of. I [...]

Sometimes you do not want to or cannot install another security software on your computer system to scan for malware. Maybe you do not have the rights to install software on the computer or you have a program installed and do not want to risk incompatibilities. The alternative is an application like F-Secure’s Online Scanner [...]

News about big hacks and the publication of user databases have slowed down considerably in past months. Before that reports of hacks were nearly daily in the news with companies like Sony, Gawker or Ashampoo the target. Many user databases that the hackers dumped during the hack were published on the Internet afterwards. Not all [...]

We all know that you can practically buy anything on the Internet, from bulk email accounts over credit card information and even PayPal accounts. Brian Krebs in a post on the Krebs on Security blog sheds some light on the latter. He identified websites were PayPal account data, and sometimes linked email account information, were [...]

If you go out to the computer store and buy yourself a new router and take it home, you’ll probably find that it will work straight out of the box. Most these days have wizards that help you to configure settings to connect to your Internet service quickly and easily. Most routers also are set [...]

Adobe yesterday evening released a security patch for Adobe Flash Player that fixes several critical security vulnerabilities. Affected are all versions of Adobe Flash Player 10.3.183.7 and earlier for all supported operating systems (Windows, Macintosh, Linux, Solaris) as well as Adobe Flash Player 10.3.186.6 and earlier for the Android operating system. According to Adobe, attackers [...]