Secunia has released a beta of the upcoming Secunia Personal Software Inspector 2, a software update scanner that scans the computer system for insecure programs. The beta version comes with improvements over the last stable release of the security scanner, namely the ability to automatically update insecure or unpatched programs, a new user interface and [...]

Did you know that more than one user accounts is created during the installation of the Windows 7 operating system? This actually is something that Microsoft did in previous operating systems as well. In Windows 7, a guest and administrator account are created next to the account of the installing user. The following guide explains [...]

There are times when you need to delete a file…REALLY need to delete a file. Anyone who has been in the business of PCs long enough knows that when you simply delete a file it can be recovered. If someone is clever enough, and has the means, they could recover a file that had been [...]

A vulnerability was recently discovered in Microsoft Windows operating systems that exploits the default dll loading behavior. A Microsoft Security Advisory explains that the “issue is caused by specific insecure programming practices that allow so-called binary planting or DLL preloading attacks”. In simple terms: Applications that do not use qualified paths for external dynamic link [...]

So you’ve followed the latest series on KDE 4.5 (see Ghacks KDE 4.5 content) and you are now using the spectacular latest release from the KDE team. You want to use Compiz, but quickly realize that it is not necessary as KDE has it’s own built-in compositing effects. What you will find is that the [...]

AV Test have now released the results of their 2010 best anti-virus for Windows 7.  The tests put each anti-virus package through a rigorous set of tests to determine not only how good they are at detecting and removing malware and viruses, but also how usable the software is…

Adobe in a security advisory yesterday released new versions of their popular pdf reading applications Adobe Reader and Acrobat. Adobe Reader 9.3.3, which was released less than a month ago, is replaced by version 9.3.4. Adobe Reader and Acrobat 9.3.4 fix several critical security vulnerabilities in Adobe Reader 9.3.3 and earlier for Windows, Macintosh and [...]

BitDefender recently launched their security product line for 2011, with improvements all over the board, a set of new features to increase the protection of the system, and a new customizable interface suitable suitable for users of all experience levels. Total Security 2011 is the top of the line product that includes all features that [...]

New technologies and more powerful computer systems have made it important in the last years to create secure passwords to avoid successful automatic password cracking attempts via brute force and dictionary attacks. But how do passwords have to look like to be considered secure? And who determines that? There is no authority with guidelines on [...]

Today is the second Tuesday of the month and that means it is Microsoft Patch Day. Microsoft is keeping a tight schedule when it comes to security patches. If they are not heavily exploited or very critical they are released on the second Tuesday of each month. Today’s patch day is already available via the [...]

Windows XP Service Pack 2 users may have noticed that the latest Microsoft out of band security patch released a few days ago was not offered for their operating system. Neither Windows Update, nor the direct download via Microsoft Downloads listed the security patch. Windows XP SP3 users, and newer Microsoft operating system users, were [...]

What is it with Adobe Reader and vulnerabilities? It feels like new security vulnerabilities are found in the software at an accelerated pace this year. Adobe yesterday released a security advisory for Adobe Reader and Acrobat, to announce to the world that critical security vulnerabilities have been found – once again – in Adobe Reader [...]

Microsoft as expected has just released an out of band security update for the Windows operating system that fixes a critical security vulnerable. The vulnerability affects all Microsoft operating systems that have been released in the past years, including Windows XP, Windows Vista, Windows 7, and the Windows Server product line. The severity of the [...]

Leveraging search engines to identify vulnerable systems and data in corporate networks, websites and services is generally known as Google Hacking, with Google standing synonymous for all search engines. Recent changes in Google’s SOAP-API rendered many security tools using Google useless. The aim of the Diggity project is to provide security researchers and network admins [...]

An increase in attacks exploiting a recent vulnerability in LNK files in the Windows operating system, sparked the creation and imminent release of an out of band patch to protect PCs running Windows from those attacks. Until now, only workarounds were available to protect Windows systems from those attacks. This included a Microsoft Fix-IT solution, [...]

I do a lot of work with Linux servers. Many of those servers are either web or mail that require the use of a signed certificate for authentication. In some of these cases a CA authorized certificate is necessary. In other cases though a self-signed certificate can be used. I can generate a self-signed certificate [...]

Stuxnet is family of new threats that have emerged in mid July 2010, with the majority of infected computer systems in Iran, Indonesia, India and the US. The rootkit is distributed by direct attacks, email, infected executables and the recently discovered lnk shortcut security vulnerability in Windows. Stuxnet uses the aforementioned .lnk technique to install [...]

Users of the encryption software True Crypt have the option to encrypt a full partition of a hard drive, or a container with a specific file size, say 20 Gigabytes. Problems arise if the container reaches its size limit, as there is not an elegant official solution to increase the size of the existing container. [...]

Jailbreaking refers to methods to modify a device to remove some, or even all, of the restrictions that are imposed on it by its developer. Most people think iPhone if they talk about jailbreaking. A standard iPhone is severely limited, users can for instance only use AT&T as their carrier, and apps are only available [...]

A recently discovered vulnerability in the processing of lnk files in the Windows operating system may be used by attackers to executed malicious code on the target system. Windows users can take a look at our previous coverage of the security issue for additional details. The nature of the vulnerability makes it possible to exploit [...]

Some time ago I did a series on the Postfix email server here on Ghacks (see the Postfix content on Ghacks for more information). Hopefully you found this outstanding mail server as easy to set up and maintain as I do. But you might have noticed a bit of a challenge using your smtp server [...]

Microsoft Security Essentials has risen in popularity ever since initial betas were released to the public. Microsoft recently made available a beta of the upcoming Microsoft Security Essentials 2 suite, and many experts expect the final version to increase the popularity and acceptance of the security software further. It may happen that users experience problems [...]

Apple software had more reported security vulnerabilities than any other company in the first half of 2010, according to security company Secunia, a reputable security company that tracks security vulnerabilities since 2002. Last years leader, Oracle, dropped to second spot while Microsoft managed to retain the third spot firmly in the last five years. Adobe [...]

Evolution is an outstanding groupware suite with one of the finest email clients in all of Linux-land. For many users the standard email setup is great. It does everything they need: it sends and receives email (even HTML email if you so desire). But for others a little extra is needed…especially in the form of [...]

A new Windows security vulnerability was disclosed a few days ago. The Windows Shell Vulnerability allows attackers to execute code with specifically prepared .lnk or .pif files. The security issue can be exploited automatically, by connecting a removable storage device to a Windows computer. It is also possible to exploit the issue through WebDav or [...]

There is an old saying in the Linux community (actually in just about every community – but I heard it from a Linux developer first) “eating your own dog food” (or the shorter “hipster friendly” version dogfooding. This basically means using the product you create. It can also be associated with practice what you preach. [...]

Microsoft today announced the availability of the new Microsoft Security Essentials 2.0 Beta, the next big version of the well acclaimed Windows security software. The beta was announced over at the Windows Team Blog with a link to Microsoft Connect to download the 32-bit or 64-bit edition of the application. A problem with the downloads [...]

The Emsisoft Emergency kit is a portable computer cleanup and virus scanning tool for Windows. The kit is basically a collection of programs, four to be precise, that can be run without installation from any device that is connected to the computer system. Included in the emergency kit are a disc scanner to check and [...]

A new version of the encryption software TrueCrypt 7.0 has been released yesterday, as usual for Windows, Mac and Linux systems. The jump from version 6.3a to 7.0 is more than justified by the new feature additions in TrueCrypt 7.0. True Crypt now supports hardware acceleration; By default, hardware accelerated AES on computers that have [...]

Rogue antivirus programs like Defense Center look on first glance as valid security software that protects a computer system from threats. On second glance though they usually displays non-existing infections deliberately, usually to convince the user to upgrade to a premium version to remove those infections or to buy another software that cleans them. Defense [...]

A recently discovered vulnerability in Windows Shell allows remote code execution on affected computer systems if exploited correctly. A security advisory that was posted yesterday on Microsoft’s Technet website confirms limited, targeted attacks that are exploiting a vulnerability in Windows Shell and the parsing of .lnk files. Attackers could exploit the vulnerability to infect Windows [...]

Microsoft has just released four security bulletins on this months’ Patch Tuesday fixing vulnerabilities in Microsoft software products. Three of the four bulletins have a maximum severity rating of critical, the highest rated, while one is rated as important. Affected software includes several Microsoft operating systems and Microsoft Office, take a look at the listing [...]

Oracle has released an update to the Java SDK and Java Runtime Environment raising the version of both to 6 Update 21. The official download site over at the Java website lists Java 6 Update 20 as the latest version even though update 21 has been released, this is likely going to change in the [...]

The MAC address is a very important string of characters that your computer depends upon in order to be networked. MAC stands for Media Access Control and represents the true address of a machine on a LAN. The MAC address of an ethernet device is a 6-byte number that is expressed as a 12 digit hexadecimal [...]

Adobe just recently released updates to their pdf reader Adobe Reader, raising its version to 9.3.3. The update fixed several security issues of which at least one was actively exploited in the wild. Computer users who visit the Adobe website might notice that Adobe is not offering that version for download, anywhere on the page. [...]

Google back in March introduced a warning system in Gmail that would notify Gmail users about suspicious account activity. From what we could tell back then the system compared IP addresses of the computers used to log into Gmail. Logins from different regions in the world, for example the U.S. and Russia in short succession [...]

An unpatched bug in the Windows XP Help and Support system is being increasingly attacked by  virus and malware writers, as reported by the BBC. Microsoft has reported it’s seen more than 10,000 PCs hit by the attack so far and it’s still not been able to find a fix for the problem.

Security sometimes equates to sanity. You have to keep sensitive information from prying eyes for various reasons. You might have a folder that needs to be given access only to certain people and it lives within a public folder. Or you have a folder on your desktop machine that you want to ensure no one [...]

Users of the free DNS service OpenDNS are already familiar with additional blocking options that an OpenDNS account offers. It is for instance possible to configure web filters to block contents such as adult themes, pornography, proxies and anonymizers or gambling. The web filter is fully customizable to block only the selected contents in the [...]

How many passwords do you have to remember? Or how many client passwords do you have to keep hidden away from prying eyes? If you have too many passwords to remember, I always find it best to store those passwords in some form of encrypted tool. Because of the amount of passwords I have to [...]

The Internet Fraud Alert System is a partnership between Microsoft and the US National Cyber Forensics and Training Alliance (NCFTA) backed up by organizations and companies like Accuity, American Bankers Association, the Anti-Phishing Working Group, eBay and PayPal. The system addresses a problem that security researchers and companies have faced in the past. Security researchers [...]

There are a number of reasons why you would want to restrict network access. You run a cafe with web access or you have young or teenage children and you want them to only be able to use the network at certain times. Their are certainly tools out there to do this on a PC-by-PC [...]

Google’s Street View Cars came under immense international pressure earlier this year after it became known that the cars did not only take pictures of streets in countries they were operating in but also recording Wi-FI traffic. Google’s initial response to the allegations was that the recorded data was used to power and improve location [...]

A vulnerability in Windows Help and Support Center was discovered recently that could allow remote code execution on affected systems. Only Windows XP and Windows Server 2003 are affected by it. Microsoft is aware of limited targeted attacks that exploit the vulnerability. These attacks use specially crafted links on web pages or email messages with [...]

Carrying an USB-stick around with you can be beneficial in numerous situations. USB devices are for instance ideal to copy data without having to carry a larger device like a notebook or netbook around. They are also ideal for accessing portable programs on third party computer systems, nothing beats working with familiar programs on unfamiliar [...]

Most web users are accustomed to filling out login forms to access a web account. These login forms usually ask for the username and password of a account. The information entered by the user is then compared to the information in the site’s database and access is only granted if the username and password combination [...]

If you’ve been around Linux long enough you know there are many ways to secure your box. What you may or may not know is that a number of those means are simply front-ends for the all-mighty iptables tool. IPtables is a very powerful, complicated system which can control packet traffic on your system. It [...]

If you are new to Fedora, or if you are now returning to Fedora from a long haitus (since Fedora 9 for me), Fedora 13 has been a welcoming experience. Not only has it reached near-Ubuntu-like levels of user-friendliness, it includes some of the best tools around for certain jobs. One of those tools is [...]

Remember Virus Total and No Virus Thanks? The two services allow anyone to upload files to check them in dozens of antivirus engines. That’s very handy considering that no antivirus software solution is yet offering a 100% protection against malicious software and viruses. The developers of No Virus Thanks have created URLVoid which uses the [...]

Google has released a security update for the stable version of Google Chrome that fixes several security vulnerabilities that existed in previous versions of the browser. Google Chrome Stable is the official Google browser offered to the public, while Google Chrome Beta and Google Chrome Dev are offered to tech enthusiasts and developers. The update [...]