Forum Thread: Daily CYBERCLIPS September You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it. This thread was submitted in the following forum: This thread has been marked as locked. Daily CYBERCLIPS September 2nd Sep, 2011 22:24 Ranking: Posts: 6,279 User Since: 22nd Apr, 2009 System Score: N/A Location: UK Twelfth Edition.Got here at last!!!!

Well, another spell of threats and controversy begins: without too much furor: let's hope! Whatever your browser.somewhere free of discrimination.impartiality/moderation has got to shine thro'!! Not always an easy choice!! Thankyou for the support thro' the last month. Hope you find something of value/interest in the new thread. The new INDEX thread will follow shortly. Please refrain from scoring on both threads.

The process known as bitcoin-miner belongs to software Bitcoin Miner by Ufasoft (www.ufasoft.com). Description: Sysinfo.exe is not essential for Windows and will often cause problems. The sysinfo.exe file is located in a subfolder of C:. The file size on Windows 10/8/7/XP is 1,080,320 bytes. The program is not visible. The sysinfo.exe file is not a Windows system file.

Security remains the main theme of the thread with some related and varied topics. Scroll down for the latest posts!! Please note that no entry/post should be taken as a personal recommendation, unless otherwise stated. Please continue to keep CYBERCLIPS free of junk and unattractive to any contentious individuals.

* Keep patching: up to date: be Cybersafe! * -- RE: Daily CYBERCLIPS September 2nd Sep, 2011 22:29 Score: 12313 Posts: 9,557 User Since: 4th Jan 2009 System Score: N/A Location: UK Do U want me to lock August? -- Maurice Microsoft Surface 4 Intel i7 64Bit Windows 10 Pro version 1709 (Fall Creators Update) Build 16299.214 16 GB RAM IE & Edge Only Was this reply relevant? 0 CClip 3 3rd Sep, 2011 11:07 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Is It Really Necessary To Logout of Web Sites? By Lincoln Spector, PCWorld Keith Stanley wants to know if he should really logout of Web sites that require a login when he's done with them. That depends on the site, and on the computer you're using. There's not much danger if we're talking about your own computer.

The chances of someone accessing your account via an active logon are pretty thin. And in cases where it might happen, it's probably because either your PC is already infected, or an untrustworthy person has physical access to it. Either way, you're already in trouble. But I'm a cautious person, and I recommend others be cautious, as well.

That's why I recommend logging out of financial and retail sites, where someone else's illegal access can have serious consequences. I don't bother loggin out of other sites. You really don't want to stay logged onto a financial site indefinitely. If a criminal can get access to your bank account or credit card number, your life is going to become very unpleasant. Luckily, most financial sites will log you out automatically after a certain number of minutes of no activity. Read more at:- -- Was this reply relevant?

0 CClip 4 3rd Sep, 2011 18:52 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft's IE will drop under 50% share by mid-2012 About the same time, Chrome will grab 2nd place from Firefox, new stats show By Gregg Keizer Computerworld - Microsoft's Internet Explorer (IE) will lose its place as the majority browser next summer, according to statistics published today by Web metrics company Net Applications. If the pace of IE's decline over the last 12 months continues, IE will drop under the 50% mark in June 2012.

In August, IE lost about seven-tenths of a percentage point in usage share, falling to 55.3%, a new low for the once-dominant browser. In the last year, IE has dropped 6.9 points. But Microsoft continued today to stress the success of IE9, the edition launched last March, particularly on Windows 7.

On that newer operating system, IE9 accounts for 20.4% of all browsers globally, and 27.7% on Windows 7 in the U.S., said Roger Capriotti, director of IE marketing, in an interview today. 'That's how we measure success in the IE business,' said Capriotti, referring to Microsoft's focus on IE9 and Windows 7.

IE9 runs on Windows 7 and Vista, but does not work on Windows XP, the decade-old operating system that still powers more of the world's PCs than any other OS. More at:- -- Was this reply relevant?

0 CClip 5 3rd Sep, 2011 20:46 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Chrome Stable Channel Update Saturday, September 3, 2011 10:23 Labels: Stable updates The Stable channel has been updated to 13.0.782.220 for Windows, Mac, Linux, and Chrome Frame. We're revoking trust for SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program. For more details about the security issues see the Google Security Blog post about DigiNotar and an update from Mozilla, who is also moving to revoke trust in these certificates. If you find a new issue, please let us know by filing a bug.

Anthony Laforge Google Chrome 2 comments Links to this post Email Post -- Was this reply relevant? 0 CClip 6 4th Sep, 2011 08:41 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK 1 2 3 4 5 6 7 8 9 10 11 The Web vs. The world: 9 epic battles The Web and the real world don't always get along. Though the Internet has revolutionized our society in countless positive ways, the always-on network has also created various problems. Ultimately, it's a game of trade-offs: We gain certain benefits from its presence and accept certain drawbacks.

In many cases, it's hard to say which side comes out ahead -- and in some instances, the pluses and minuses harden into something like open combat. Here are some conflicts that pit the Web against the world. More at:- -- Was this reply relevant? 0 CClip 8 4th Sep, 2011 11:52 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Windows 8 desktop to be 'just another app,' says Microsoft exec Conventional desktop UI won't load unless users want it By Gregg Keizer Computerworld - The Microsoft executive who heads the company's Windows division said Wednesday that the next edition of the operating system will let users treat the traditional desktop as 'just another app' that loads only on command.

In a lengthy blog post, Steven Sinofsky, president of Microsoft's Windows and Windows Live division, provided more detail on Windows 8's user interface (UI). In June, when it unveiled parts of the Windows 8 UI, Microsoft said the new OS would feature a 'touch-first' interface to help it compete in the fast-growing tablet market. Underneath that, however, would be a traditional Windows-style desktop. In demonstrations, Microsoft showed the touch-style start screen for Windows 8, and how users could switch to a more familiar icon-based design.

Read more at:- -- Was this reply relevant? 0 CClip 9 5th Sep, 2011 08:34 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Last edited on 5th Sep, 2011 08:35 Hackers Forge Certificates to Break into Spy Agencies By Andreas Udo de Haes, webwereld.nl- Sep 4, 2011 9:33 pm After breaching the Dutch CA (Certification Authority) DigiNotar, Iranian hackers managed to sign forged certificates for the domains of spy agencies CIA, Mossad and MI6. Leading certification authorities like VeriSign and Thawte were also targeted, as were Iranian dissident sites. The cyber attack on DigiNotar, a Dutch subsidiary of VASCO Data Security International Inc, is much more serious than previously thought. In July, hackers gained access to the network and infrastructure of several of DigiNotar's CAs. Once inside, they generated hundreds of forged certificates for third-party domains.

With these certificates hackers can potentially syphon off user login credentials by spoofing a legitimate site, complete with a functioning but forged SSL-certificate, apparently issued by DigiNotar. The forged certificates match domains of the U.S. Central Intelligence Agency, the Israeli secret service Mossad, and the British spy agency MI6. On top of that, the hackers created false certificates of other CA's like VeriSign and Thawte, in an attempt to also misuse their trusted position in securing Internet communications. Read more at:- -- Was this reply relevant? 0 CClip 11 5th Sep, 2011 12:26 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Volume of Malware Increases According to McAfee's Second Quarter 2011 Report McAfee recently released a second quarter report for 2011 in which they highlight the challenges posed by hacktivist groups such as LulzSec and Anonymous. One of the most important changes that occurred in the malware security field was that mobile platforms became more targeted.

In the first quarter of 2011, Android was the third most targeted mobile platform, but now it has moved to first place, with Java Micro Edition following up in second position. As for cybercrime activities, the number of email address books up for sale to spammers has increased. Prices for these enterprises vary according to location. For instance, in the United States, an address book containing 1.000.000 addresses costs $25, while in Turkey the same number of addresses costs $50.

In the past quarter, new products were discovered among exploit kits, the most notable being Eleonore Version 1.6.5, with two 2011 exploits, and Best Pack, with one 2011 exploit. On the good side, law enforcement around the world has continued making progress against the threats imposed by cybercriminals. Their united efforts with security providers has lead to a significant decrease in the number of messaging threats. More at:- -- Was this reply relevant?

0 CClip 15 5th Sep, 2011 17:00 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Open Windows 7 Explorer to Your Favorite Location By Lincoln Spector, PCWorld Sep 5, 2011 7:07 AM Jim Pearson wants to change the default location for Windows 7's version of Windows Explorer, and have it default to opening C: The simplest way to open the Windows 7 version of Explorer is to click the folder icon in the task bar. This opens an Explorer window in the Libraries location, which gives you one-click access to your documents, pictures, videos, and music. For most people, the Libraries location makes a reasonable place to start exploring, but you may not be like most people. Depending on your work habits, My Computer, My Documents, DropBox, or some other alternative may make more sense.

The easiest solution to opening Explorer where you want it is to pin your location to the Windows Explorer icon on the taskbar. To do this, open Windows Explorer. Find your desired location in the left pane, and drag it to the Windows Explorer icon on the taskbar. When you let go, it will be 'pinned' to the Explorer menu. This won't actually change the default.

When you simply click the Windows Explorer icon, you'll still get Libraries. But if you right-click that icon, you'll find your desired location on the resulting menu. You can also drag the location to the desktop or the Start menu and open your preferred location from there. But with a little more work, you can change the default: Read more info. At:- -- Was this reply relevant? 0 CClip 17 6th Sep, 2011 22:13 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft flips 'kill switch' on all DigiNotar certificates Permanently blocks all SSL certificates issued by Dutch company hacked in June By Gregg Keizer September 6, 2011 Computerworld - Microsoft today updated Windows to permanently block all digital certificates issued by a Dutch company that was hacked months ago.

The update -- the second for Windows Vista and Windows 7, but the first for the decade-old Windows XP -- moves all DigiNotar SSL (secure socket layer) certificates to Windows' block list, dubbed the Untrusted Certificate Store. Microsoft's Internet Explorer (IE) uses that list to bar the browser from reaching sites secured with dubious certificates.

More at:- -- Was this reply relevant? 0 CClip 19 6th Sep, 2011 22:25 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Incognito Exploit Kit Discovered After Web Directories Attack Users who've visited the Web Directories site on the 4th of September might have been redirected to a third party page leveraging the Incognito exploit kit. One of the largest directories on the internet, the site was compromised after a program line, representing a redirect to a malicious address containing exploit codes, was inserted. An analysis made by the Websense Security Labs revealed that the hacking tool involved is known as Incognito, which silently infects the client computers with a Trojan virus. According to the Security Labs blog, Incognito is a Malware as a Service (MaaS) which has two versions running in the wild. Underground communities make use of it to launch automated attacks, with the purpose of spreading malware.

This particular tool can be purchased and even rented by those who want to infect the computers of unsuspecting internet users with their own malicious software. If the price for such an exploit kit can reach as high as a few thousand dollars, it can be rented for a weekly fee of $200 of a 15% share of the generated traffic. The cybercriminals who make use of such means work in close collaboration with those who spread fake anti-virus programs. These programs are masqueraded as AV solutions which actually give the hacker access to the target computer. More at:- -- Was this reply relevant?

0 CClip 20 6th Sep, 2011 22:50 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Chrome Beta Channel Update Tuesday, September 6, 2011 12:50 The Chrome Beta channel has been updated to 14.0.835.157 for Windows, Mac, Linux, and Chrome Frame. This release has a number of stability fixes, along with revoking trust for SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program. Full details about what changes are in this build are available in the SVN revision log. Interested in switching to the Beta channel? Find out how.

If you find a new issue, please let us know by filing a bug. Jason Kersey Google Chrome -- Was this reply relevant? 0 CClip 22 7th Sep, 2011 13:36 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Dutch web security breach spreads Google security certificates were among those to be faked following the Dutch attacks Dutch security firm GlobalSign has temporarily stopped issuing authentication certificates for secure websites. It comes after an anonymous hacker claimed to have gained access to the company's servers. If confirmed, it would be the second security breach at a Netherlands-based certificate authority in two months. Hundreds of bogus DigiNotar authentications were issued following an intrusion into its systems. Certificate authorities (CAs) are companies or public bodies whose job is to confirm that secure websites are genuine.

When computers connect to a site with TLS or SSL authentication, a certificate is issued which verifies the site's identity to the web browser. Fake certificates could allow someone to spy on a user's activity. Multiple targets GlobalSign took action as the result of a posting which appeared on the online notice board Pastebin. More at:- -- Was this reply relevant?

0 CClip 24 7th Sep, 2011 13:48 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Catastrophic cyberattacks are not 'science fiction,' says the Bipartisan Policy Center By Jaikumar Vijayan September 7, 2011 06:00 AM ETAdd a comment Computerworld - Ten years after the terrorist attacks of Sept. 11, 2001, the nation faces a critical threat to its security from cyberattacks, a new report by a bipartisan think tank warns. The report, released last week by the Bipartisan Policy Center's National Security Preparedness Group (NSPG), offers a broad assessment of the progress that government has made in implementing the security recommendations of the 9/11 Commission. The comments about cyber security are part of broader discussion on nine security recommendations that have yet to be implemented. The report, the foreword to which is signed by Lee Hamilton, a former Democratic representative from Indiana, and Thomas Kean, former governor of New Jersey, notes that catastrophic cyberattacks against U.S.

Critical infrastructure targets are not a mere theoretical threat. 'This is not science fiction,' the NSPG said its report.

'It is possible to take down cyber systems and trigger cascading disruptions and damage. Defending the U.S. Against such attacks must be an urgent priority.' More at:- -- Was this reply relevant? 0 CClip 25 10th Sep, 2011 21:12 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft Expired License Turns Out to be Ransomware A warning message from Microsoft turns out to be a scam that blackmails people into handing them over amounts of money, supposedly taken for the activation of the product.

Cybercriminals have just created a new method of scaring unsuspecting victims. The new virus finds its way into the computer's registries and just before the operating system starts, a warning message appears on the screen. Ransom.AN, as the virus is called, warns users that their license for Microsoft Windows has expired and that they would have to pay 100 euros in order to make the computer functional again. More at:- -- Was this reply relevant?

0 CClip 27 10th Sep, 2011 21:30 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft today said it will dispense five security updates next week to patch 15 vulnerabilities in Windows, Excel, SharePoint Server, and Groove. All five updates will be rated 'important,' the second-highest threat ranking in Microsoft's four-step system. Microsoft usually ships a smaller number of updates in odd-number months, and kept to that plan today: September's volume is down from August's, when the company patched 22 vulnerabilities with 13 'bulletins,' the word it uses to describe individual security updates.

'Not a lot there, but then we didn't expect much,' said Andrew Storms, director of security operations at nCircle Security. 'It is the light month, the down month.' The company laid out the bare bones of the upcoming patches in an advanced notice of next week's Patch Tuesday. Two of the updates affect Windows, with one of the pair impacting only the server editions: Server 2003, Server 2008 and Server 2008 R2. The second bulletin patches one or more bugs in all supported versions of the operating system, including the decade-old XP and the much newer Windows 7.

Read more at:- -- Was this reply relevant? 0 CClip 28 10th Sep, 2011 21:33 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Mozilla demands security checks from CAs The browser maker has demanded that certificate authorities comply to a list of security tests -- or else By Robert Lemos InfoWorldFollow @infoworld Browser maker Mozilla has showed how much it trusts certificate authorities to handle their own security: Not much. On Thursday the Mozilla Foundation, responsible for the development of the Firefox browser, requested that certificate authorities complete a list of security checks in the next eight days. CAs that fail to comply with the request could find their root certificate and any certificates issued by the firm deemed untrustworthy by Mozilla. 'Participation in Mozilla's root program is at our sole discretion, and we will take whatever steps are necessary to keep our users safe,' Kathleen Wilson, the program manager is charge of Mozilla's CA Certificates Module, said in an email to certificate authorities.

Mozilla is demanding that certificate authorities audit their infrastructure to confirm that it's secure; highlight any dependencies on other CAs; have high hurdles to changes submitted for high-profile domains; require two-factor authentication; and demand that suppliers all take these steps as well. More at:- -- Was this reply relevant?

0 CClip 29 10th Sep, 2011 21:39 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft online services hit by major failure Microsoft's cloud computing suite Office 365 went offline briefly, along with Hotmail and Skydrive Millions of Microsoft users were left unable to access some online services overnight because of a major service failure. Hotmail, Office 365 and Skydrive were among the services affected. Microsoft was still analysing the cause of the problem on Friday morning, but said it appeared to be related to the internet's DNS address system. Such a major problem is likely to raise questions about the reliability of cloud computing versus local storage. Especially embarrassing is the temporary loss of Office 365, the company's alternative to Google's suite of online apps.

Its service also went offline briefly in mid-August, less than two months after it launched. More at:- -- Was this reply relevant? 0 CClip 30 11th Sep, 2011 12:18 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft promises fast boot times for Windows 8 Initial demos are impressive By Dean Wilson SOFTWARE OUTFIT Microsoft is talking up fast boot times for its next PC operating system, Windows 8, and the first demos are impressive.

Microsoft tested Windows 8 startup times in comparison to Windows 7 on 30 computers. The results showed that Windows 8 won every time, with at least a quarter of boot time saved, if not as much as three quarters. In fact, the boot time was so fast in a video demonstration that it took only about seven seconds from the push of the power button until Windows 8 was fully booted. Of course, this will depend on the specifications of a computer, but it seems that the next version of Windows could give the fast booting Linux operating systems a run for their money. Read more at:- -- Was this reply relevant? 0 CClip 31 11th Sep, 2011 12:25 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK How to Protect Yourself From Certificate Bandits By John P.

Mello Jr., PCWorld There have been two major Certificate Authority (CA) attacks this year. In March, a hacker successfully penetrated one of the largest CA's on the Web--Comodo--and managed to issue bogus certificates to himself (including one for Yahoo). The second incident took place this week when a Dutch CA, Diginotar, was compromised and a number of fake certificates were issued.

So how does a Certificate Authority attack work? Certificate bandits break into companies--such as Comodo and Diginotar--that issue digital credentials that your browser uses to verify a website's identity. This credential tells your browser that the site can be 'trusted,' i.e. That it's not dangerous.

Certificate bandits, however, can undermine this entire process by issuing fake certificates to themselves that allow them to masquerade as 'safe' sites, such as Google, Mozilla, Skype, and AOL. Here are four ways you can protect yourself from hackers wielding fraudulent certificates. Read more at:- -- Was this reply relevant? 0 CClip 33 12th Sep, 2011 10:33 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Google Web History Vulnerable to Firesheep Hack By John E Dunn, Techworld.com Two researchers have shown how a modded version of the Firesheep Wi-Fi sniffing tool can be used to access most of a victim's Google Web History, a record of everything an individual has searched for.

The core weakness discovered by the proof-of-concept attack devised by Vincent Toubiana and Vincent Verdot lies with what is called a Session ID (SID) cookie, used to identify a user to each service they access while logged in to one of Google's services. Every time the user accesses an application, the same SID cookie is sent in the clear, which the Firesheep captures from the data sent to and from a PC connected to a non-encrypted public Wi-Fi hotspot. (See also 'Secure Your PC and Website From Firesheep Session Hijacking.'

) Read more at:- -- Was this reply relevant? 0 CClip 37 12th Sep, 2011 21:54 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Certificate hacker probably paid by Iran, say victimized firms Comodo's CEO sees even stronger links between hacker and Iran in recent attack By Gregg Keizer September 12, 2011 Computerworld - The CEO of a certificate-issuing company that was hacked in March is even more certain now that a wave of attacks against similar firms is backed by the Iranian government. 'I think even more so now than before,' said Melih Abdulhayoglu, the CEO and founder of Comodo, a Jersey City, N.J.-based security company that is also one of hundreds of certificate authorities, or CAs, allowed to issue SSL (secure socket layer) certificates. The certificates authenticate the identity of websites, to show, say, that Google is really Google. Last March, after Comodo confirmed that its network had been breached and nine certificates stolen -- including ones for Google, Microsoft and Yahoo -- Abdulhayoglu said he believed the attacks came were backed by the Iranian government. 'We believe these are politically motivated, state driven/funded attacks,' Abdulhayoglu said at the time. More at:- -- Was this reply relevant?

0 CClip 39 12th Sep, 2011 22:08 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Watch Out for Rogues By Lincoln Spector, PCWorld Sep 12, 2011 7:08 AM MikeWik's PC got infected with rogue malware. He asked the Antivirus & Security Software forum for help. A rogue program tricks you into downloading, and buying, something you don't need. In general, rogues pretend to be demo versions of security or maintenance programs, and scare users with reports of dying hard drives or horrible infections. Their goal is to make you panic, so you will give them money.

The good news is that your hard drive really isn't dying. The bad news is that your PC really is infected. But what they're selling isn't the cure; it's the problem. The screen grab below is of Windows Restore, the actual rogue that hit HikeWik's computer. It looks like a real maintenance utility. My thanks to BleepingComputer.com for allowing me to use this image. So if a program you've never seen before suddenly pops up with a warning of horrible disaster, consider the possibility--no, the likelihood--that you're being had.

Search the Internet for the exact words of the error message, in quotes, plus the word rogue, outside the quotes. For instance: 'Exception Processing Message 0x0000013' rogue You're bound to find instructions for removing the problem. More at:- -- Was this reply relevant? 0 CClip 40 13th Sep, 2011 07:57 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Beta Channel Update Monday, September 12, 2011 16:53 Labels: Beta updates The Beta channel has been updated to 14.0.835.162 for Windows, Mac, Linux, and Chrome Frame. This release re-enables chrome:flags and disables some of the enhanced completion functionality, that we introduced in 13.0, for the omnibox.

To see what other changes went into this release check out our change log. If you find a new issue, please let us know by filing a bug. Anthony Laforge Google Chrome -- Was this reply relevant? 0 CClip 43 13th Sep, 2011 10:44 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Certificate Intelligence Center Launched by Symantec The new Symantec Certificate Intelligence Center is an add-on option for VeriSign MPKI for SSL and it's designed to aid companies in discovering and managing SSL Certificates across their entire network, regardless of the certificate authority that issued them. The cloud-based service was created by Symantec after the recent events involving rogue certificates and certain CAs.

Customers began to fear that some of the fake certificates might affect their businesses because they couldn't keep track of the ones used inside their offices. As we've recently witnessed with GlobalSign, an SSL certificate issue can disrupt business continuity and efficiency, costing the company a whole lot of time and with it large amounts of money. The Certificate Intelligence Center was built by Symantec's Business Authentication Group in close collaboration with their most important clients and it will enable administrators to easily observe and manage anything that has to do with online certification, including the quick detection of illegal authentication documents. Other features include the ability to configure user roles and privileges, which means that not only administrators can have access to the application, but also others who might need it. Read more at:- -- Was this reply relevant?

0 CClip 44 13th Sep, 2011 11:38 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft's latest OS will be found on 42 per cent of PCs by year end. By Maggie Holland, 13 Sep 2011 at 10:20 Windows 7 will feature on almost half of the PCs used around the world by the end of the year, according to the latest research from Gartner. Some 42 per cent of machines will be running Microsoft's latest operating system in the near future, as budget improvements free up money for business upgrades. The analyst firm has predicted that 94 per cent of new PCs in 2011 will ship with Windows 7 pre-installed. 'Steady improvements in IT budgets in 2010 and 2011 are helping to accelerate the deployment of Windows 7 in enterprise markets in the US and Asia/Pacific, where Windows 7 migrations started in large volume from 4Q10,' said Annette Jump, Gartner's research director. 'However, the economic uncertainties in Western Europe, political instability in selected Middle East and Africa (MEA) countries and the economic slowdown in Japan after the earthquake and tsunami in March 2011 will likely lead to slightly late and slow deployment for Windows 7 across those regions.'

More at:- -- Was this reply relevant? 0 CClip 45 13th Sep, 2011 17:00 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK LinuxFoundation.org and Linux.com taken down By Anh Nguyen September 13, 2011 04:16 AM ET1 Comment Computerworld UK - A number of Linux websites, including LinuxFoundation.org and Linux.com, have been pulled offline after a security breach. The breach is believed to be related to the hack of the Kernel.org website that is home to the Linux Project, nearly two weeks ago. In a holding message on its website, the Linux Foundation said that it had discovered a security breach on Sept. 8, which led to its taking down the Linux websites and their subdomains for maintenance.

The Linux Foundation infrastructure also supports services such as Open Printing and Linux Mark. However, it does not house the Linux kernel or its code repositories. 'The Linux Foundation made this decision in the interest of extreme caution and security best practices. 'We believe this breach was connected to the intrusion on kernel.org,' the statement on Linux Foundation said. While the Linux Foundation is restoring services, it warned users that their passwords may be compromised, and advised them to change them urgently: 'As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately.'

The foundation added that it is auditing all its systems, and will provide an updated statement when it has more information. Users who want to find out more about the issue can contact the foundation on info@linuxfoundation.org. -- Was this reply relevant?

0 CClip 47 13th Sep, 2011 17:13 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK A BIOS trojan is found in the wild Hook used for rootkit redundancy By Lucian Constantin Tue Sep 13 2011, 14:32 SECURITY RESEARCHERS at Chinese antivirus firm 360 have identified a piece of malware that installs rogue code into the BIOS of targeted computers. Dubbed BMW by 360 and Mebromi by other security vendors, the threat has separate components for the operating system, the master boot record (MBR) and the system BIOS. A computer's BIOS holds a set of low-level instructions that execute before the boot loader to detect and initialise the computer's hardware components.

There are various types of BIOS, depending on motherboard and manufacturer, but according to 360, BMW only infects Award BIOS versions produced by Phoenix Technologies. The malware adds a BIOS module called HOOK.ROM, which determines if malicious code has been erased from the MBR and restores it if necessary. The MBR instructions serve a similar purpose. They check to see if certain Windows files are still infected before the operating system starts and reinfects them if they're not. Thus, the BIOS hook and MBR code restore the rootkit at every reboot.

Ultimately malicious code is added to winlogon.exe on Windows XP and Windows Server 2003, and to wininit.exe on Windows Vista and Windows 7. More at:- BIOS malware is very rare, which makes BMW an interesting find, however hooking BIOS for malicious purposes is not a new concept.

One of the first attempts to put it into practice was in 1999 with the CIH virus that ended up damaging infected systems. -- Was this reply relevant? 0 CClip 49 14th Sep, 2011 11:39 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Last edited on 14th Sep, 2011 11:41 Malware Hidden in Windows Help Files Viruses and other malicious software contained in simple help files are not news to internet security specialists, but the fact that these pieces of malware are sent using email messages is part of a more recent scheme deployed by cybercriminals to fool unsuspecting victims. Symantec's blog informs us about these new targeted attacks that come as emails and infect our computers with all sorts of ill-intended applications that are used by those who control them to take over our virtual lives.

Targeted attacks are not uncommon, in many cases hiding under 'innocent' formats such as jpg, avi, doc and pdf. Other such methods imply the forgery of executable icons to make them look like harmless file formats. As most people know,.hlp extensions are normally handled by Windows Help and they contain information on how to work with certain applications and facilities.

This new technique used by hackers is very efficient because typically, a vulnerability needs to be exploited in order for an attack code to be executed and in case the target computer's security is up to date, the hit will probably fail. Help files on the other hand call Windows API to be executed and this way the planted code is ran along with it. While the victim only sees a blank Windows Help window, his system is being infected with all sorts of bad things. More at:- -- Was this reply relevant? 0 CClip 52 14th Sep, 2011 15:41 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Norton Puts a Stop to the Worries Caused by Multiple Licenses Norton is preparing to launch a completely personalized service that will allow customers to choose a combination of the services they want to use to protect their different devices. Norton One will be available in the first half of 2012 and it will work on a wide range of appliances and platforms, from mobile phones to PCs and even Apple products.

The marketing strategy used by Symantec for this product is driven by the hassle people go through to secure the large variety of devices that need real-time protection against ever present threats mainly coming from the internet. Market studies have apparently revealed that regular consumers in the United States own, on average, more than 4 devices. The company realized that each of these needs a different security application and because they commercialize most types of these solutions they decided to unite all of them into a single interface.

The membership-based offering will present advantages like a single membership to cover all the apparatus in a household. Furthermore, each technology and each support option will be hand picked by the client based on his necessities. More at:- -- Was this reply relevant? 0 CClip 53 14th Sep, 2011 15:46 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Intel, McAfee link security to chips DeepSafe offers a glimpse at future Intel-McAfee security products By Robert McMillan IDG News Service Nearly seven months after Intel shelled out $7.68 billion for antivirus vendor McAfee, the two companies are offering a glimpse of their future. At the Intel Developer Forum in San Francisco Tuesday, McAfee will provide an early look of its new effort to build security protections outside of the OS, using Intel's chip-level hooks that allow McAfee's Endpoint Protection Software to get a better look at malicious software such as rootkits.

[ Master your security with InfoWorld's interactive Security iGuide. Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ] Called DeepSafe, the software is something new for the antivirus industry, said Candace Worley, senior vice president and general manager of McAfee Endpoint Security. 'This level of technology has never existed before,' she said.

'It's brand new; it's been jointly developed between the two companies.' DeepSafe is McAfee's answer to advanced hacking technologies, such as rootkits, that seem to be getting better and better at slipping malicious software onto PCs unnoticed. Read more at:- -- Was this reply relevant? 0 CClip 55 15th Sep, 2011 22:39 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Apache Security Update Released Version 2.2.21 patches two denial of service vulnerabilities. By eSecurityPlanet Staff The Apache Software Foundation recently announced the availability of Apache HTTP Server 2.2.21.

'Apache 2.2.21 has a patch for the CVE-2011-3192 vulnerability that the group previously fixed in late August with the release of version 2.2.20,' writes Threatpost's Dennis Fisher. 'The vulnerability is an old one that recently resurfaced after a researcher published an advisory on a modified version of the bug and also released a tool capable of exploiting the vulnerability.'

'Apache 2.2.21 also includes a fix for a second vulnerability, CVE-2011-3348, which is a separate denial-of-service flaw,' Fisher writes. Go to 'Apache Releases Version 2.2.21 With New Fix For Range Header Flaw' to read the details. -- Was this reply relevant? 0 CClip 56 15th Sep, 2011 22:43 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft will include antivirus software in Windows 8 File under Build rumours By Lucian Constantin Thu Sep 15 2011, 13:58 REPORTS COMING IN from Microsoft's BUILD conference showcasing Windows 8 to software developers this week claim that the upcoming operating system will bundle in an antivirus feature.

According to ZDNet, the Redmond software giant plans to implement anti-malware functions of its Microsoft Security Essential (MSE) product into Windows Defender, the anti-spyware component that has been enabled by default in Windows ever since Vista. Microsoft has not yet confirmed this rumour, but if it's true the decision will cause a lot of controversy and probably lead to fresh antitrust allegations against Microsoft, as happened with Internet Explorer and Windows Media Player. From a consumer's perspective, the move could have both good and bad consequences. Security experts agree that any antivirus protection is better than none. 'Anything which encourages Joe User to run up-to-date anti-virus software has to be a positive thing.

There are too many poorly protected home computers out there, which have been commandeered into botnets,' said Graham Cluley, a senior technology consultant at antivirus vendor Sophos. Read more at:- -- Was this reply relevant?

0 CClip 57 15th Sep, 2011 22:46 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK World's most dangerous botnet mines Bitcoins TDSS rootkit gets a Bitcoin update By Lucian Constantin Thu Sep 15 2011, 15:46 SECURITY RESEARCHERS at Russian antivirus vendor Kaspersky Lab warn that TDSS, one of the most dangerous and widespread family of rootkits, recently received an update that forces infected computers to mine Bitcoins. TDSS rootkits have consistently grown in sophistication since first appearing in 2008.

The latest version known as TDL4 installs itself in the master boot record (MBR) and is capable of infecting all Windows versions, including 64-bit Windows Vista and Windows 7, which require signed device drivers. TDL4 is notoriously hard to remove or even detect, which led security researchers at Kaspersky to describe its botnet as indestructible in the past. The vendor's malware experts have recently analyzed a TDSS sample collected from a computer that was constantly exhibiting 100 per cent CPU utilisation. It turns out that the variant had been configured to execute a component called conhost.exe with special parameters. Further investigation revealed that conhost.exe was a copy of the Ufasoft GPU Bitcoin miner application. Bitcoin is a popular peer-to-peer virtual currency that can be exchanged by users over the Internet without the need of an intermediary bank or payment processing service.

This Bitcoin mining scheme exhibits the same sophistication one would expect from the TDSS gang. It uses a mining pool proxy and encrypted credentials, making it impossible for security researchers to determine how many Bitcoins were mined by the botnet and what accounts received them. More at:- -- Was this reply relevant?

0 CClip 59 15th Sep, 2011 22:57 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK ICO raps Child Exploitation and Online Protection Centre for unsecured web site The Child Exploitation and Online Protection Centre (CEOP) has agreed to make changes to its web site to ensure that data sent to the organisation is always encrypted, the Information Commissioner's Office (ICO) has revealed. Problems with the web site of CEOP, a division of the Serious Organised Crime Agency (Soca), first came to light in April when the ICO received a complaint that information sent via an online form could be intercepted during transmission.

CEOP chief executive Peter Davies and Soca director general Trevor Pearce have now signed an undertaking to ensure that the CEOP site is regularly tested for weaknesses relating to the processing of personal data. Read more at:- -- Was this reply relevant? 0 CClip 60 15th Sep, 2011 23:08 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft nixes plug-ins, including Flash, from IE10 Metro One skin of Internet Explorer to be bundled with Windows 8 will support plug-ins like Flash, another will not By Gregg Keizer Computerworld Microsoft will not support browser plug-ins, including Adobe's Flash, in one of the two versions of IE (Internet Explorer) to be bundled with Windows 8, a company executive said today. As he explained Microsoft's reasoning, Dean Hachamovitch, the executive who leads the IE team, used some deja vu, echoing motives cited by Apple's then-CEO Steve Jobs more than a year ago. IE10, the edition included with the Windows 8 developer preview that Microsoft launched earlier this week, will come in two flavors.

One will run in the Metro interface, the tile-based look borrowed from Windows Phone 7, while the other will run on the more traditional desktop, also available to Windows 8 users. Microsoft called the former 'Metro style IE.' That's the one that will be 'plug-in free,' Hachamovitch said in a Thursday blog. 'The Metro style browser in Windows 8 is as HTML5-only as possible, and plug-in free,' said Hachamovitch. 'The experience that plug-ins provide today is not a good match with Metro style browsing and the modern HTML5 Web.'

Both versions of IE10 on Windows 8 will use the same rendering engine, added Hachamovitch in a separate blog entry published Wednesday. More at:- -- Was this reply relevant? 0 CClip 61 16th Sep, 2011 08:27 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Dev Channel Update Thursday, September 15, 2011 16:32 Labels: Dev updates The Dev channel has been updated to 15.0.874.15 for Windows, Mac, Linux, and Chrome Frame.

Updated V8 3.5.10.9 JavaScript fullscreen API now enabled by default. Bug fixes and visual improvements for the New Tab Page.

Fixed many known stability issues. Known Issue: Linux-only: Chrome crashes with Ctrl+P. [Issue: 96734] Full details about what changes are in this build are available in the SVN revision log.

Interested in switching to the Beta or Stable channels? Find out how. If you find a new issue, please let us know by filing a bug. Dharani Govindan Google Chrome -- Was this reply relevant? 0 CClip 64 16th Sep, 2011 21:50 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK By Chris Kanaracus IDG News Service Oracle has issued an emergency patch to fix a vulnerability it says could bring down HTTP application servers it sells that are based on Apache 2.0 or 2.2.

Attackers can exploit the weakness remotely without a username or password, Oracle said in a security alert issued Thursday. Products impacted by the bug include Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0 and 11.1.1.5.0; Oracle Application Server 10g Release 3, version 10.1.3.5.0; and Oracle Application Server 10g Release 2, version 10.1.2.3.0.

Government's National Vulnerability Database has assigned a CVSS (Common Vulnerability Scoring System) rating of 7.8, 'indicating a complete Operating System denial of service,' Oracle said. But Oracle took issue with that assessment in its security alert.

'A complete Operating System denial of service is not possible on any platform supported by Oracle, and as a result, Oracle has given the vulnerability a CVSS Base Score of 5.0 indicating a complete denial of service of the Oracle HTTP Server but not the Operating System,' it stated. In any event, the bug is serious enough for Oracle to issue the patch outside of its usual large quarterly updates, the next of which is scheduled for Oct. More at:- -- Was this reply relevant? 0 CClip 65 16th Sep, 2011 21:53 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK SpyEye Trojan stole $3.2 million from U.S. Victims The amounts stolen and the number of large organizations potentially impacted is cause for serious concern, says Trend Micro By John E Dunn Techworld A Russian cybergang headed by a mysterious ringleader called 'Soldier' were able to steal $3.2 million from U.S. Citizens earlier this year using the SpyEye-Zeus data-stealing Trojan, security company Trend Micro has reported.

Over a six month period from January 2011, Trend found that the Soldier gang had been able to compromise a cross-section of U.S. Business, including banks, airports, research institutions, and even the U.S. Military and Government, as well as ordinary citizens. A total of 25,394 systems were infected between 19 April and 29 June alone, 57 percent of which were Windows XP systems with even Windows 7 registering 4,500 victim systems. More at:- -- Was this reply relevant? 0 CClip 67 16th Sep, 2011 22:04 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Google patches 32 Chrome bugs, revs browser to v.14 Tweaks Mac Chrome for Lion, lays out more than $14K in bug bounties By Gregg Keizer September 16, Computerworld - Google today patched 32 vulnerabilities in Chrome, paying more than $14,000 in bug bounties as it also upgraded the stable edition of the browser to version 14. The company called out a pair of developer-oriented additions to Chrome 14 and noted new support for Mac OS X 10.7, aka Lion, including full-screen mode and vanishing scrollbars.

Google last upgraded Chrome's stable build in early August. Google produces an update about every six weeks, a practice that rival Mozilla also adopted with the debut of Firefox 5 last June. Fifteen of the 32 vulnerabilities were rated 'high,' the second-most-serious ranking in Google's four-step scoring system, while 10 were pegged 'medium' and the remaining seven were marked 'low.'

None of the flaws were ranked 'critical,' the category usually reserved for bugs that may allow an attacker to escape Chrome's anti-exploit sandbox. Google has patched several critical bugs this year, the last time in April. More at:- -- Was this reply relevant? 0 CClip 70 19th Sep, 2011 20:20 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK 'Wetware' Is the Weakest Link in Cyber Security A recent study made by AVG and the research agency The Future Laboratory revealed that cybercrime will soon be at an all-time high, not because of inefficient software that cannot keep systems protected, but as a result of the human element involved, codenamed wetware. The report shows that malware is getting more complex and more difficult to detect, while internet users become less active when it comes to protecting their virtual belongings and machines. More at:- -- Was this reply relevant? 0 CClip 71 19th Sep, 2011 20:25 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Beware the Assembling Bot Army By Tim Greene, NetworkWorld A mammoth army of infected computers is being assembled, but it's unclear yet what purpose they will be put to.

Wave after wave of malicious e-mail attachments has been sent out since August, and with average success rates for such mailings, millions of machines could be compromised, says Internet security firm Commtouch. BACKGROUND: Brace for email-attachment malware spree Once infected, the computers can be loaded with additional malware that can perform a range of activities, including spamming, participating in DDoS attacks, stealing bank credentials and compromising e-mail and social-network accounts, according to an upcoming Commtouch blog post. (See also 'How to Avoid Malware.' ) But what this botnet will do remains a mystery. 'The purpose of this vast computing force is still not clear,' the blog says. Read more at:- -- Was this reply relevant? 0 CClip 73 19th Sep, 2011 20:58 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Windows 8 to get important security tweaks 'Secured boot' will be the biggest new protection; most of the rest are enhancements from what appeared in Windows 7 and earlier By John E Dunn Techworld Windows 8 will ship with a number of small but important security tweaks Microsoft hopes will make it a harder target for the viruses, worms, and Trojans that were able to subvert older versions of the operating system.

Most of the security features mentioned by Windows president Steven Sinofsky at last week's Build conference extend design features that appeared in Vista and Windows 7 and have gradually been added through updates. Read more at:- -- Was this reply relevant? 0 CClip 77 20th Sep, 2011 18:22 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft fixes SSL 'kill switch' blooper Re-releases update for XP, Server 2003 after it left machines unprotected last week By Gregg Keizer Computerworld - Microsoft re-released an update today for Windows XP to correct a snafu that left users vulnerable to potential 'man-in-the-middle' attacks for most of last week. Monday's update addressed a gaffe introduced last week when Microsoft blocked six additional root certificates issued by DigiNotar that were cross-signed by a pair of other certificate authorities (CAs). More at:- -- Was this reply relevant?

0 CClip 81 21st Sep, 2011 19:34 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK EFF builds system to warn of certificate breaches With its distributed SSL Observatory, the Electronic Frontier Foundation hopes to detect compromised certificate authorities and warn users about attacks By Robert Lemos InfoWorldFollow @infoworld The detection of rogue certificates has generally relied on luck. In the case of DigiNotar, intruders had control of systems for more than two months, and Google discovered the issue only because its Chrome browser includes hard-coded copies of its certificates and a user reported an attack. The Electronic Frontier Foundation, a digital rights group, aims to change all that with a new detection system. The EEF, along with developers at the Tor Project and consulting firm iSec Partners, has updated its existing HTTPS Everywhere program with the ability to anonymously report every certificate encountered. The group will analyze the data so that it can detect any rogue certificates -- and by extension, compromised authorities -- its users encounter, says Peter Eckersley, technology projects director for the EFF. 'Even if there is an attack that, say, only happens in Syria, if someone in Syria has turned on the [feature] we'll get a copy of the certificate that has been used to attack them and we can study that,' Eckersley says.

'We will also be able to send back a warning to them, if we have been able to work out that it is an attack.' Read more at:- -- Was this reply relevant? 0 CClip 82 21st Sep, 2011 19:41 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Adobe will release Flash Player 11 and Air 3 in October Goes from video to video games By Lawrence Latif Wed Sep 21 2011, 12:00 SOFTWARE DEVELOPER Adobe has announced that it will launch Flash Player 11 and Air 3 in October, at roughly the same time as Apple's Iphone 5 is expected to tip up.

Adobe's proprietary Flash Player and Air have been viewed as systems that are on the way out thanks to HTML5. However Adobe has forged ahead using Air as a way of getting pseudo-Flash applications on Apple's IOS devices, and with Flash Player 11 it touts improved hardware accelerated graphics.

Adobe Flash Player 11's and Air 3's hardware acceleration engine, called Stage 3D, is being touted by the firm as having 1,000 times faster rendering than Flash Player 10. This has led the firm to claim that Flash programmers can now create console quality games with the ability to animate millions of on-screen objects. To show off, Adobe has some pretty impressive Flash 11 demonstrations, but of wider interest will be the fact that Flash Player 11 will natively support 64-bit browsers in Linux, Mac OS X and Windows. Until now 64-bit support was very limited, with the firm itself saying, 'Flash Player [10] does not run in most 64-bit browsers.' Read more at:- -- Was this reply relevant? 0 CClip 83 21st Sep, 2011 19:44 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft Live outage was down to a DNS issue Firm confesses to a feckless fumble By Dave Neal Wed Sep 21 2011, 15:55 SOFTWARE HOUSE Microsoft has revisited the outage that affected its Live services earlier this month and explained that it was a Domain Name Service (DNS) issue that left users locked out. The outage that happened on 8 September saw users unable to access glorious Microsoft services like Hotmail and Skydrive.

Although it was doubtless annoying for users, no data was lost and the problems were in fact just down to a software update and a corrupted DNS file. 'A tool that helps balance network traffic was being updated and the update did not work correctly. As a result, configuration settings were corrupted, which caused a service disruption,' wrote Arthur de Haan, VP of Windows Live Test and Service Engineering. 'We determined the cause to be a corrupted file in Microsoft's DNS service.' More at:- -- Was this reply relevant?

0 CClip 86 21st Sep, 2011 20:03 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Microsoft Gold Partner Accused of Scam Calls Microsoft issued a statement to notify people that one of their Gold partners has been blacklisted after making scam calls to people, alerting them of fake virus infections. India-based computer support service Comantra has been supposedly making phone calls to individuals in the U.S., U.K and Australia, posing as Microsoft personnel in the attempt to dupe computer users into believing that their machines were malfunctioning. They'd then offer to fix the issue in exchange for certain amounts of money. According to PC Pro, the ill-intended calls were made since 2009 and even if the Redmond company was previously warned about the whole operation, no action was taken up until now. More at:- -- Was this reply relevant? 0 CClip 90 22nd Sep, 2011 19:31 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Security Update for Adobe Flash Player 10.3 Critical vulnerabilities identified in the 10.3.183.7 version of Flash Player and in the 10.3.186.6 of the one designed for Android made it necessary for Adobe to release new variants for each, to cover the weak links that might allow attackers to penetrate your device's protection.

The early versions were exploited by hackers and utilized to trick people into clicking on malicious links sent in email messages. The developer recommends that anyone who has one of the previous versions update to the current Flash Player 10.3.183.10, respectively 10.3.186.7 on Android machines. Adobe Flash Player 10.3.183.7 Windows, Mac, Linux and Solaris clients can upgrade to the latest release from within the product using the auto-update feature or from here, while Android fans can get the new application from Android Market. Because the fresh security modifications resolve a universal cross-site scripting problem that could be utilized to perform actions on behalf of the user on any website or webmail provider if a malicious website is visited, it is imperative that everyone makes the upgrade as soon as possible.

More at:- -- Was this reply relevant? 0 CClip 91 22nd Sep, 2011 19:34 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Kaspersky's Multi-Device Solution Planned for October After Symantec recently prepared the release of a single-license security solution for multiple devices, now it's Kaspersky's turn to come up with something similar. Because the competition is tight, the latter planned the launch for October. Cloud-based and multi-device services seem to be the new craze among security solutions providers who are in a permanent battle to bring innovation to the market.

And because originality has gone down the drain, the Kaspersky product will also be called One, just like Norton's. Kaspersky ONE is a universal solution that should offer comprehensive protection to all the apparatus owned by an individual, taking away the concerns and difficulties created by multiple licenses. ONE will be available in the United States, United Kingdom and Ireland starting with October 17, 2011 and it can be purchased in combinations for three, five or ten computing machines. More at:- -- Was this reply relevant?

0 CClip 92 22nd Sep, 2011 19:42 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Fears over the security credentials of SSL rise after researchers claim to have found a way to exploit a long-known vulnerability. By Tom Brewster, 22 Sep 2011 at 16:18 Researchers have found a way to exploit a long-known flaw in TLS (Transport Layer Security) that could undermine the security credentials of the SSL cryptographic protocol and affect millions of sites. The attack methodology, due to be presented by Juliano Rizzo and Thai Duong at the Ekoparty conference this week, targets TLS version 1.0 and SSL 3.0. As millions use those protocols to protect certain web transactions, millions of sites could be affected. Major companies, including PayPal and Google, use TLS version 1.0. Fixing the vulnerability that BEAST exploits may require a major change to the protocol itself.

Rizzo and Duong have created a tool called BEAST (Browser Exploit Against SSL/TLS) to attack the AES encryption algorithm used in TLS and SSL. More at:- -- Was this reply relevant? 0 CClip 94 22nd Sep, 2011 22:13 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Chrome Beta Release Thursday, September 22, 2011 12:17 Labels: Beta updates The Chrome team is happy to announce the arrival of Chrome 15.0.874.24 to the Beta channel for Windows, Mac, and Chrome Frame and 15.0.874.21 for Linux.

Chrome 15 contains some really great improvements including: A brand new New Tab Page Javascript Fullscreen API is now enabled by default Chrome Web Store items can now be installed inline by their verified site (more information for developers can be found here.) Omnibox History is now an additional sync data type More on what's new at the Official Chrome Blog. You can find full details about the changes that are in Chrome 15 in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how. Karen Grunberg Google Chrome -- Was this reply relevant? 0 CClip 95 23rd Sep, 2011 20:55 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK IPv6 Will Cause Some Security Headaches But it doesn't really matter because IPv6 is coming anyway so you might as well get prepared.

By Elizabeth Harrin September 22, 2011 Share IPv6 is the next-generational internet protocol, designed to give us more IP addresses. Back in the day when no one dreamed that toasters would one day be connected to the Internet, the idea that the number of IP addresses in the world would run out was silly.

Today, the growing number of connected devices means we need more IP addresses, and IPv6 is the way to achieve that. Unfortunately for network administrators, it's a new technology stack that hasn't yet been fully scrutinized by security experts. More at:- -- Was this reply relevant? 0 CClip 97 23rd Sep, 2011 21:03 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Dev Channel Update Thursday, September 22, 2011 17:02 Labels: Dev updates The Dev channel has been updated to 16.0.889.0 for Windows, Mac and Chrome Frame.

Due to known bug, Linux isn't updated. Updated V8 - 3.6.4.0 FTP: fixed compatibility with servers which send 451 response for CWD command.

(Issue 96401) Windows and Mac: Enabled multi-users (multi-profiles) by default. Fixed many known stability issues. Full details about what changes are in this build are available in the SVN revision log. Interested in switching to the Beta or Stable channels? Find out how. If you find a new issue, please let us know by filing a bug. Dharani Govindan Google Chrome 30 comments Links to this post Email Post Chrome Beta Release 12:17 Labels: Beta updates The Chrome team is happy to announce the arrival of Chrome 15.0.874.24 to the Beta channel for Windows, Mac, and Chrome Frame and 15.0.874.21 for Linux.

Chrome 15 contains some really great improvements including: A brand new New Tab Page Javascript Fullscreen API is now enabled by default Chrome Web Store items can now be installed inline by their verified site (more information for developers can be found here.) Omnibox History is now an additional sync data type More on what's new at the Official Chrome Blog. You can find full details about the changes that are in Chrome 15 in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Karen Grunberg Google Chrome -- Was this reply relevant? 0 CClip 98 23rd Sep, 2011 21:13 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Browser Vendors Prepare for SSL Attacks In a very short time the SSL BEAST research will be revealed and web browser vendors will have to come up with ingenious ways of protecting their products not to lose the admiration of their fans. The easiest way to fix the problem would be to upgrade to the newer versions of the security protocols implemented so far. For instance, TLS 1.1 and 1.2 are insusceptible to the attack but the problem is that most websites don't support these types of encryption protocols. As mentioned in a previous article, Opera has already successfully incorporated the improved protocols and they're activated by default. However, if internauts are experiencing problems, they can disable the advanced encryption, leaving the browser vulnerable in front of attacks.

As Opera researchers discovered, this upgrade process is a double-bladed sword. Even though TLS 1.1 and TLS 1.2 are relatively old, they have not been enforced by website builders. On the other hand, website builders have not implemented the new encryption because they fear that if their customer's web application is incompatible, they'll lose a large part of their business. Internet Explorer 9 has the ability to protect users against SSL attacks but only if they activate the later versions manually.

The downside is that if the accessed webpages don't support these variants, the site's visitors will not be able to properly access the content. According to the Threat Post, Google officials are patching up Chrome as we speak, their only fear being that they might have to make a forced release of the product that might be caused by hacking activities. Mozilla's Firefox is by far the last. Their products only support SSL 3.0 and TLS 1.0 which are highly vulnerable to the BEAST's attack. -- Was this reply relevant?

0 CClip 99 23rd Sep, 2011 21:17 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Internet Explorer Malware Plugin Also Infects Firefox Malware that sticks to a web browser is no news to anyone, but now, a new threat has been discovered that after infecting Internet Explorer, it drops a piece of spyware onto your Firefox. With the aid of Bitdefender, MalwareCity identified the virus as being Trojan.Tracur.C. When Internet Explorer users decide to update their Flash Player, the rogue plug-in that compromises the browser also infects Mozilla Firefox by snapping a malicious add-on to it. Trojan.JS.Redirector.KY monitors all the webpages loaded in Mozilla's browser. Once the unsuspecting internaut types the URL address of a search engine, such as Yahoo, Bing or Google, a piece of Java Script code gets injected into the resulting pages, making sure that the first link points to a malware containing location. More at:- -- Was this reply relevant? 0 CClip 102 24th Sep, 2011 21:31 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK U.S.

ISPs Might Alert End-Users of Botnet and Malware Infections The Homeland Security Department and the National Institute of Standards and Technology have filed a note in which they propose the implementation of a voluntary corporate notification system that would alert consumers whenever a botnet or other malware infection is discovered. Currently, both companies and individuals suffer a great deal because of malware plagues that take over their devices and use them to launch attacks on others.

Legal authorities in the United States have come up with a plan in which ISPs and other organizations that could pitch in, would share information about threats, alerting consumers when they notice their devices are taken over by malevolent forces. More at:- -- Was this reply relevant?

0 CClip 103 24th Sep, 2011 21:42 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Mozilla proposes 5X slower Firefox release tempo for enterprises ESR channel would ship a new version every 30 weeks, support with interim security updates By Gregg Keizer Computerworld - Mozilla has proposed a significantly slower Firefox release pace for enterprises, the result of a corporate backlash earlier this year against an accelerated scheme that ships a new edition of the browser every six weeks. If the proposal is adopted, Mozilla will deliver a new version of Firefox to enterprises every 30 weeks, five times slower than to consumers. During each 30-week stretch, Mozilla would issue only security updates for the browser.

In addition, each enterprise edition would be supported for an additional 12 weeks after the release of its successor, assuring companies 42 weeks of support for each version. Mozilla now discontinues security support for a specific version of Firefox as soon as the next in line appears. Read more at:- -- Was this reply relevant? 0 CClip 104 26th Sep, 2011 10:16 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Alureon Trojan Uses Steganography Techniques A version of the Alureon Trojan was discovered hiding command and control backup locations in regular jpeg files.

The images were posted on random domains so in case the virus couldn't contact the primary servers, it would make use of these encrypted addresses. Microsoft researchers came across this form of the malware after a period of monitoring in which they've determined exactly the way the new Alureon does its job. Win32/Alureon is part of the data-stealing family of trojans. Its multiple functionality allows its master to intercept private data, send distructive commands to the infected device, leaving behind a trail of damaged DNS settings.

Keyboard and other drivers might malfunction after an attack from this specific malware. A closer investigation revealed that that the new variant downloads an extra component file called com32 and after it was decrypted, its true purpose was discovered. The new element actually tries to communicate with a number of image files hosted on a few blogs.

The images contain a string of data that is interpreted by com32, allowing Alureon to obtain a list of C&C servers which he would seek to retrieve in the event that the primary hosts might become unavailable. This technique of embedding a hidden code inside a message is called steganography and it seems as hackers are using it more often to strengthen their malicious programs. According to the TechNet blog, the configuration files are masqueraded as pictures representing an old woman, a young man and a bowl of Chinese herbs and they're posted on Livejournal and Wordpress sites.

The threat is detected by most anti-virus applications so in order to protect your device and your data, make sure you have an up-to-date virus definition database and a properly configured firewall. Also beware of suspicious email messages as in many cases they're the ones responsible for spreading these infections.

-- Was this reply relevant? 0 CClip 105 26th Sep, 2011 20:50 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK SEPTEMBER 26, 2011 Red alert: HTTPS has been hacked Last week a tool was revealed that exploits a flaw in SSL and TLS. Will the industry respond fast enough? Grimes InfoWorld Only a handful of exploits per decade reveal a vulnerability that is truly significant.

Thai Duong and Juliano Rizzo's BEAST (Browser Exploit Against SSL/TLS) attack will rank among them because it compromises the SSL (Secure Socket Layer) and TLS (Transport Layer Security) browser connections hundreds of millions of people rely on every day. BEAST cannot break the latest version of TLS -- the current standard based on SSL -- but most browsers and nearly all websites that support secure connections rely on earlier versions of the SSL and TLS protocols, which are vulnerable to BEAST attack. Browser vendors and websites that host secure connections are already scrambling to upgrade to TLS 1.1 or 1.2.

How quickly that occurs depends on how many attacks occur in the wild. The BEAST tool, presented last Friday at the 2011 Ekoparty Security Conference in Argentina, made real a theoretical SSL/TLS vulnerability first documented 10 years ago. It allows an attacker with previous MitM (man-the-middle) access to compromise a user's SSL/TLS-protected HTTPS cookie.

This would allow an attacker to hijack the victim's active HTTPS-protected session or listen in on the previously cryptographically protected network stream. MitM attacks are fairly easy to do when the attacker and victim are located on the same local network (such as wireless networks, VPNs, or corporate LANs). Some hacking tools, such as Cain & Abel, make MitM attacks and network packet sniffing truly a click of a button. Read more at:- -- Was this reply relevant? 0 CClip 107 26th Sep, 2011 21:50 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Massive Mortal Kombat Patch Released on PS3 and Xbox 360 Mortal Kombat, the recent reboot of the classic fighting franchise, has just received a pretty big update, solving a variety of issues and addressing balancing problems for almost all of the characters included in the title's roster.

The new Mortal Kombat has been a huge success, reaching impressive sales and finally delivering a successor to the gory and iconic arcade games that made the fighting series a part of gaming's most iconic franchises. The game wasn't perfect, however, and things became increasingly problematic after the release of a variety of downloadable content for it, as the new costumes resulted in frequent 'desync' issues which prevented many players from engaging in online matches with others. Thankfully, the development team at NetherRealm have published a massive patch over the weekend for the fighting game, addressing many issues and fixing balancing problems for almost every character included in the fighting game. Check out the General fixes and tweaks included in the update below. See more details at:- -- Was this reply relevant?

0 CClip 109 27th Sep, 2011 10:09 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Dev Channel Update Monday, September 26, 2011 17:00 Labels: Dev updates The Dev channel has been updated to 16.0.891.0 for Windows, Mac, Linux, and Chrome Frame. Linux: Enabled Native Client for 32-bit Linux and also addresses a performance issue for Native Client on Intel Atom CPUs. [Issue: 92964], [nativeclient: 480] Linux: Fixed fetching proxy settings on Gnome 3 systems when glib2-dev package is not installed. [Issue: 91744] All: Fixed many known stability issues. Full details about what changes are in this build are available in the SVN revision log.

Interested in switching to the Beta or Stable channels? Find out how. If you find a new issue, please let us know by filing a bug.

Dharani Govindan Google Chrome Chrome Beta Release 12:17 Labels: Beta updates The Chrome team is happy to announce the arrival of Chrome 15.0.874.24 to the Beta channel for Windows, Mac, and Chrome Frame and 15.0.874.21 for Linux. Chrome 15 contains some really great improvements including: A brand new New Tab Page Javascript Fullscreen API is now enabled by default Chrome Web Store items can now be installed inline by their verified site (more information for developers can be found here.) Omnibox History is now an additional sync data type More on what's new at the Official Chrome Blog.

You can find full details about the changes that are in Chrome 15 in the SVN revision log. If you find new issues, please let us know by filing a bug.

Want to change to another Chrome release channel? Find out how. Karen Grunberg Google Chrome -- Was this reply relevant?

0 CClip 111 27th Sep, 2011 11:27 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Dutch government sets DigiNotar certificate kill date By David Meyer, The Dutch government will on Wednesday revoke both of its certificates that had been issued by the hacked DigiNotar certificate authority. The government said on Friday that there was no evidence the two certificates had been abused, but they were certainly compromised. DigiNotar suffered a break-in sometime before the end of August, which led to fraudulent certificates being issued. The Dutch government 'denounced' its trust in DigiNotar's certificated shortly afterwards.

In some cases bogus DigiNotar certificates, which are intended to prove the authenticity of web services, have been used to launch man-in-the-middle attacks that intercept information. Microsoft, Google, Mozilla and Apple have all moved to protect their customers from the DigiNotar certificates. Although the Dutch government does not appear to have been a victim, false certificates have been found for the intelligence services of the UK, US and Israel, as well as for online organisations such as Skype, Twitter, Facebook and the Tor project. More at:- -- Was this reply relevant? 0 CClip 113 27th Sep, 2011 12:46 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK A useful extra with a Yahoo Mail account is the option to create up to 500 disposable email addresses if you want to sign up to a website without getting spam emails. Sign in to your account and click on the Options tab.

Click on Disposable Email Addresses in the left-hand column and then Add Address. Enter a name used by all the disposable accounts; it will suggest others if the name has been taken. Click Next and then enter a word for a disposable address.

Select where messages should go, and the name that should appear. Arthur Davies Read more: -- Was this reply relevant?

0 CClip 114 27th Sep, 2011 15:04 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Consumers can opt for fewer Firefox releases But Mozilla won't market slower tempo schedule to users By Gregg Keizer Computerworld - Although Mozilla will urge users to stick with Firefox's rapid release schedule, there's nothing in a current proposal to prevent them from adopting the much slower tempo meant for enterprises. Last week, the open-source developer unveiled a plan that, if approved, will deliver a new edition of Firefox for corporations every seven-and-a-half months, five times slower than the six-week pace the company kicked off earlier this year. Interim updates issued between the every-30-weeks release of a new edition will patch the most serious security updates, according to the plan Mozilla has labeled 'Extended Support Release,' or ESR. Mozilla has not yet named the new edition, but several labels have been floated, including 'Firefox ESR' and 'Firefox Enterprise Edition.'

The ESR proposal was Mozilla's reaction to criticism last June from enterprise IT managers, who said that the rapid release schedule forced companies to choose between running an untested browser or one with known vulnerabilities. Users and developers cited a number of reasons why consumers might want to use the less-frequent ESR builds, including problems with add-ons unable to keep up with the six-week cadence, and a desire for fewer updates on machines they 'support' for family and friends. The every-30-weeks Firefox may also be just 'good enough' for many users, one Mozilla developer argued. 'The reason I expect a lot of users to switch to these ESR builds is not because they want extensions to work or because of any one issue that we can fix in the future,' said Cheng Wang on the mozilla.planning.dev discussion group last week. 'It's simply because Firefox works 'good enough' right now and they don't want to have to deal with change.' There was nothing in Mozilla's proposal that indicated a technical barrier to non-business users climbing on the ESR train.

But Mozilla will, at the least, discourage others from adopting the slower release schedule. 'We want to ensure it will be an explicit choice to select the ESR and we won't recommend it for individual use,' said Kev Needham, Mozilla's channel manager, in an email reply to questions. 'The ESR is targeted specifically at organizations who face the challenges it addresses, not individual users.'

Needham, however, said that the details of the plan were 'to be determined,' perhaps leaving open an option that would make it difficult, if not impossible, for individuals to grab the ESR editions. -- Was this reply relevant? 0 CClip 116 27th Sep, 2011 18:20 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Scammers pretend to be friendly office printers A new ruse for infecting computers wtih malware has been spotted by researchers at Symantec By Jeremy Kirk IDG News Service - Hackers have found a new hook to trick people into opening malicious attachments: send emails that purport to come from office printers, many of which now have the ability to email scanned documents. 'This is a new tactic we haven't really seen before,' said Paul Wood, senior intelligence analyst for Symantec.cloud, the company's Web-based security and email branch. The emails invariably contain some kind of Trojan downloader, which can be used to download other malware or steal documents from the computer.

Symantec published examples of the emails collected recently in its latest monthly Symantec Intelligence Report, released on Tuesday. The emails at first glance look quite convincing, with a subject line 'Fwd: Scan from a HP Officejet.' The email reads 'Attached document was scanned and sent to you using a Hewlett-Packard HP Officejet 05701J' and then 'Sent by Morton.' Wood said it is common for the scammmers to spoof the sender's name and make it appear the email came from the same domain as the one that belongs to the recipient. Some of the messages captured by Symantec appear to be at a cursory glance internal company email, which makes it more likely that the person who receives the message will open the attachment. More at:- -- Was this reply relevant?

0 CClip 119 28th Sep, 2011 21:50 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Hot and bothered over browser patches Online Trust Alliance and a host of companies are pushing websites to notify people when they're using an outdated browser, but businesses need to do more By Robert Lemos InfoWorldFollow @infoworld The browser has become the unlatched door through which attackers break in and compromise computers. The starting point for securing that portal is to ensure the browser is up-to-date, yet more than 40 percent of browsers used to visit major websites have not been updated to eliminate the latest security flaws. In the business world, there's a complication: Often legacy browsers are required to run or connect to critical applications. How else to explain the unyielding market share of the easy-to-compromise Internet Explorer 6? Nearly 10 percent of users are browsing external websites using IE6, another 6 percent running IE 7, and 7 percent running the out-of-date Firefox 3.6, according to Web metrics site NetMarketShare. More at:- -- Was this reply relevant? 0 CClip 121 29th Sep, 2011 21:45 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Windows 8 security: Stronger but gentler Microsoft's next operating system incorporates more security than Windows Vista, with fewer annoying upfront notifications By Robert Lemos InfoWorldFollow @infoworld The Metro GUI is the most visible representation of Microsoft's coming operating system.

While the release of the tentatively named Windows 8 is still a year away, the company has not been shy about putting the multicolor tiled interface front and center. Windows 8's security improvements will be much less visible, and that's just the way Microsoft wants it. The company has added a number of protection features to Windows 8 to better protect the system, all the while making the security less intrusive by limiting the number of notifications a user may receive. For example, the company's SmartScreen technology for detecting potentially malicious sites -- introduced with Internet Explorer 8 -- will be built right into the OS to allow any file downloaded to a Windows 8 computer to be checked out by the system, yet the protection should not alert the average user more than twice a year, Microsoft says. Read more at:- -- Was this reply relevant? 0 CClip 128 30th Sep, 2011 07:39 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Chrome poised to take No. 2 browser spot from Firefox StatCounter's data points to a December 2011 take-over by Google's browser as the second-most-popular behind Internet Explorer By Gregg Keizer Computerworld Google's Chrome is on the brink of replacing Firefox as the second-most-popular browser, according to one Web statistics firm.

Data provided by StatCounter, an Irish company that tracks browser usage using the free analytics tools it offers websites, shows that Chrome will pass Firefox to take the No. 2 spot behind Microsoft's Internet Explorer (IE) no later than December. As of Wednesday, Chrome's global average user share for September was 23.6 percent, while Firefox's stood at 26.8 percent. IE, meanwhile, was at 41.7 percent.

The climb of Chrome during 2011 has been astonishing: It has gained eight percentage point since January 2011, representing a 50 percent increase. More at:- -- Was this reply relevant? 0 CClip 130 1st Oct, 2011 11:08 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Must I Give Up XP? By Lincoln Spector, PCWorld Sep 28, 2011 7:02 AM Spiderowych asked the Windows forum if he will be 'doomed' if he doesn't upgrade from XP to Windows 7.

In general, I recommend moving up to Windows 7, but I don't consider it an absolute must. Refusing to upgrade your operating system will not doom you to a life of drudgery or turn you into an anachronism. I know people still using Windows 98 who lead happy and meaningful lives. Microsoft still supports Windows XP, and will continue to do so until April 2014. By then, the operating system will be more than 12 years old.

Windows 98 was just over eight years old when Microsoft stopped support. What does it mean when Microsoft stops supporting an OS? Updates, mainly.

At that point, the folks in Redmond will no longer patch security holes and fix problems. (Oddly, they will continue to support Windows 7's XP Mode. You'd assume that patching one means you can easily patch the other.) This may not prove to be a serious security risk. After 12 years, there may be little left in XP to patch. Besides, malware written in 2014 probably won't be designed to exploit an old and outdated OS.

More at:- -- Was this reply relevant? 0 CClip 131 1st Oct, 2011 11:12 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Mozilla Firefox 7 Seekers Warned To Beware of Bogus Website By John P. Mello, Jr., PCWorld If you're using a search engine today to find a download of Firefox 7, be careful about the results you click on. That's because a dubious website called Firefox7.org appears high up in those results. The site was discovered Wednesday by Sophos security expert Graham Cluely when doing a routine search on 'Firefox 7.' Firefox7.org has no relationship with the browser's maker, the Mozilla Foundation, Cluely wrote in the Naked Security blog.

The site is registered to someone in China named Xiaojuan Zhang, who lives in Shenzhen in Guandong province. A software piracy ring located in Shenzhen was broken up by the FBI and Chinese authorities in 2007. Another resident of that city was arrested by the FBI and sentenced to 30 months in prison last year for exporting counterfeit Cisco products into the United States from a company he set up in Shenzhen.

Clueley could not find anything overtly malicious about the site, other than it appeared to be a way to scrape money from visitors through Google AdSense ads. The site does beg a few questions, however. For instance, if the site's author is a Firefox fan, why isn't there a link to a real download page for Firefox7 instead of a bunch of Blogspot links? More at:- -- Was this reply relevant? 0 CClip 132 1st Oct, 2011 11:21 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Cities could soon be looking after their citizens all by themselves thanks to an operating system designed for the metropolis. Small Bitcoin BTC Mining Pool. The Urban OS works just like a PC operating system but keeps buildings, traffic and services running smoothly.

The software takes in data from sensors dotted around the city to keep an eye on what is happening. In the event of a fire the Urban OS might manage traffic lights so fire trucks can reach the blaze swiftly. The idea is for the Urban OS to gather data from sensors buried in buildings and many other places to keep an eye on what is happening in an urban area. The sensors monitor everything from large scale events such as traffic flows across the entire city down to more local phenomena such as temperature sensors inside individual rooms. The OS completely bypasses humans to manage communication between sensors and devices such as traffic lights, air conditioning or water pumps that influence the quality of city life.

More at:- -- Was this reply relevant? 0 CClip 133 1st Oct, 2011 22:45 Score: Posts: 6,279 User Since: 22nd Apr 2009 System Score: N/A Location: UK Stable and Beta Channel Updates Saturday, October 1, 2011 10:00 Labels: Beta updates, Stable updates The Chrome Stable channel has been updated to 14.0.835.187, and the Beta channel has been updated to 15.0.874.58.

These updates should help repair Chrome installs that were broken due to the issue with Microsoft Security Essentials, discussed on the Chrome Blog. If you find any new issues, please let us know by filing a bug. Jason Kersey Google Chrome -- Was this reply relevant?

About Experience Points (XP) are a completely independent, platform agnostic incentive rewards token and digital currency combined enabling you to earn XP through video games, activities, sports, education and conservation and then spend at participating vendors either online, in game, or on the high street. The concept of real value rewards merged with the blockchain technology of Bitcoin provides an innovative approach to in game currencies moving towards a unified platform, similar to the standards applied to mobile phone charges for example.