Security

Computer users aren't the only ones who need to worry about their privacy and security. A new report from San Francisco-based Lookout Inc., a mobile phone security firm, reveals that smart phone applications may be closely monitoring users and ... relaying that information to others. (Source: yahoo.com ) Personal Data Secretly Transmitted to Third Parties Nearly 300,000 free applications for Apple's iPhone and phones built around Google's Android software were scanned by Lookout, Inc. Results of those scans found that many of those apps were secretly pulling sensitive data off user phones and ... (view more)

The ' Koobface ' virus is once again making its rounds, freshly updated and even tougher to combat. It's responsible for delivering spyware payloads and also sniffing out passwords and credit card numbers of unsuspecting users. "Several weeks ago ... Koobface added ... hijacking functionality that blocks access to security sites, tipping users off to the fact that something might be wrong with their systems. Since then the authors have taken a giant leap toward invasiveness with the installation of a fake anti-virus Trojan," said Mcafee researchers. (Source: avertlabs.com ) Koobface Now ... (view more)

Microsoft has faced the first major test of its policy to phase out support for some versions of Windows XP. A major security patch last week was only available to users who had upgraded to the third and final Service Pack (SP3). As previously ... reported, Microsoft issued an out-of-cycle update (known more casually as an emergency pack) to patch a Windows shortcut flaw. The issue was particularly serious because it meant machines could be hacked if a user opened a folder containing the infected shortcut file, even if they didn't click on the shortcut itself. The shortcut flaw was such a clear ... (view more)

A recently discovered botnet packing approximately 60 gigabytes (GB) of passwords and other stolen data has been opened up by security researchers. The crack was made in spite of the botnet's difficult-to-detect, self-cloaking ability. Known as ... Mumba, the botnet intercepted and amassed data from 55,000 PCs when it was first investigated, says security firm AVG. It's believed well-known data thieves "Avalanche Group" were responsible for the botnet. According to a report earlier in 2010, Avalanche was responsible for about two in every three phishing attacks during the last six ... (view more)

Microsoft has changed the its guidelines for reporting security flaws. It's a move that could bring Adobe into an industry-wide collaboration to share information about security risks. From now on, Microsoft will no longer urge security researchers ... to follow a "responsible disclosure" policy, in which it asked those who discovered flaws to keep them completely under wraps until a full fix had been found, tested and readied for distribution. Many security experts have claimed such a policy delayed Microsoft's response to security threats. They also felt not being able to talk about bugs made ... (view more)

Hackers have now started using what is being referred to as "indestructible" cloud computing -based phishing attacks . In short, a phishing attack is a "criminally fraudulent process of attempting to acquire user names, passwords, and credit card ... details by masquerading as a trustworthy website." (Source: wikipedia.org ) For example, you may have received a dubious email asking you to "update" your banking information or to "change your online banking password." These are typical phishing scams whereby the information you input is stolen by fake ... (view more)

A white hat hacker has demonstrated an ingenious way of intercepting cellphone calls. The homemade do-it-yourself (DIY) kit uses $1,500 worth of equipment to help impersonate a cellphone relay tower. Chris Paget demonstrated the technique on phones ... belonging to audience members at the DEF CON security conference in Las Vegas. He said it involved a flaw in the GSM cellphone technology used by AT ... (view more)

Dell has agreed to replace computer equipment that shipped with a data-stealing virus. The company is hoping to deal with the issue before any users suffer at the hand of criminals. Unlike most hacking attempts, which rely on accessing a victim's ... machine through an Internet connection, this incident brought up the possibility of whether or not malicious software was in fact being physically installed on machines at the factory. The issue only involves replacement parts for servers, however. These replacement parts are for computers that are primarily used to host websites and, in business ... (view more)

Microsoft has unveiled an updated edition of its free security software, dubbed Microsoft Security Essentials. The new edition of Security Essentials is currently in beta edition and offers several new features. Debuting in September 2009, Microsoft ... Security Essentials replaces Windows Live OneCare which was based on a paid subscription model. At the time, OneCare was seen as a potential threat to the commercial cyber security market. (Source: pcworld.com ) Although there's no evidence yet of a significant effect on sales of premium security products, most reviews of Microsoft Security ... (view more)

Dell has now taken a new approach to combating online malware, focusing not on its prevention but on effective measures needed to trap it when infection occurs. The Dell KACE Secure Browser provides a virtualized version of Mozilla's Firefox onto a ... machine and has the ability to keep malware locked into a browser, rather than having it spill over and infect the entire PC, including the operating system. In techy speak, this is referred as a virtualized sandbox, or " sandboxing " for short. As one Dell spokesperson said, "Any changes resulting from [unwanted] browser activity ... (view more)