Security - OrangEye.com

Chromium browser remixed as a security Dragon

CNET News.com — Fri, 12 Feb 2010 23:00:22

Windows security software vendor Comodo introduces a browser called Dragon. Based on Chromium, the same source for Google Chrome, Dragon hopes to emphasize in-browser security.

Beware strangers on IM who won't answer your questions

CNET News.com — Fri, 12 Feb 2010 01:00:24

Transcript of MSN Messenger conversation shows how dumb automated bots can be.

Adobe warns of new Reader, Flash holes

CNET News.com — Thu, 11 Feb 2010 22:30:23

Adobe Systems issues security patches for new hole in Flash Player and says it will patch a new vulnerability in Reader next week.

Windows security update causes 'blue screen of death' for some

CNET News.com — Thu, 11 Feb 2010 20:30:23

Windows XP users say one patch in particular causes problems, and that there's a fix but it requires an install CD. However, CDs aren't shipped with all computers and aren't available for Netbook users at all.

Equifax tax forms expose worker Social Security numbers

CNET News.com — Thu, 11 Feb 2010 19:30:23

Credit reporting bureau Equifax informs employees that some W-2 forms sent in the mail had SSNs partially or fully viewable through a window on the envelope.

Windows security update causes blue screen of death for some

CNET News.com — Thu, 11 Feb 2010 19:30:22

Windows XP users say one patch in particular causes problems and that there's a fix but it requires an install CD, which aren't shipped with all computers and aren't available for Netbook users at all.

How NOT to Respond to a Malware Alert

About Antivirus Software — Thu, 11 Feb 2010 19:00:10

I see these types of threads in forums all the time. It's always a bit disconcerting because the play-by-play is nearly always the same. Someone reports the forum is generating an antivirus alert, the moderator denies it, others claim their antivirus isn't detecting so it *must* be a false positive. At some point, one or more of the original reporters end up disabling their antivirus so they aren't 'bothered' by the alerts. Eventually the other scanners catch up, more people are complaining, the forum owner finally takes action, and you just know that pretty much all of those posters were infected.

Here's an abbreviated synopsis of one such forum thread:

Poster 1: Kasperksy is alerting when I visit the forum. I disabled Kaspersky so I could have access. Anyone else getting an alert?

Poster 2: Had the same problem; installed Avira and now everything is ok.

Poster 3: Must be a false positive. AVG isn't alerting.

Moderator: We keep getting the alert from Kaspersky too. It's been popping up for two weeks now. Other scanners aren't detecting anything so we're ignoring it.

Poster 1: I installed BitDefender instead. Now I don't have a problem with the alert.

Poster 4: Ditto. I went to NOD32.

Poster 5: I use Kaspersky Internet Security and I keep getting the alerts.

Poster 6: I use F-Secure Client Security and I'm getting an alert on every page of the forum. Anyone know what's going on?

Poster 3: Dunno. Using AVG and everything is fine here.

Poster 7: I use AVAST and now I'm getting alerts too.

Poster 6: Hey, Kaspersky stopped alerting.

Moderator: the owners cleaned the site; hopefully no more issues.

Of course, there are other issues - all those who were infected because they ignored or disabled the virus alerts (or switched to a scanner that just didn't have detection).

How NOT to Respond to a Malware Alert originally appeared on About.com Antivirus Software on Thursday, February 11th, 2010 at 14:56:40.

Permalink | Comment | Email this

Chip-PIN defense is 'broken,' say researchers

CNET News.com — Thu, 11 Feb 2010 18:30:25

A flaw in the protocol underlying chip-and-PIN transactions allows an attacker to push through a purchase without a valid PIN.

Equifax tax forms exposed worker social security numbers

CNET News.com — Thu, 11 Feb 2010 18:30:25

Credit reporting bureau Equifax informs employees that social security numbers on W-2 forms were exposed in the mail.

Cutting-edge crooks keen on the cloud

CNET News.com — Thu, 11 Feb 2010 14:00:25

Cloud computing has been enthusiastically taken up by criminals for a variety of activities, a security expert says. What better endorsement for the cloud could there be?

A Picture Says a Thousand Words...

About Antivirus Software — Thu, 11 Feb 2010 01:30:09

Digital cameras, including those on cellphones, can say far more about you than the picture itself reveals. EXIF tags embedded in the digital photo can reveal the exact geo-location at which the picture was snapped - and even include your name. These tags are trivial to export and read, making digital images a potential harvesting source of personal information for later social engineering attacks.

In "I Know What You Did Last Summer", the SANS Technology Institute analyzed EXIF tags from over 15,000 public images and posted the details in their SANS diary. The most egregious collector and publisher of personal data - the Apple iPhone.

A Picture Says a Thousand Words... originally appeared on About.com Antivirus Software on Wednesday, February 10th, 2010 at 21:47:36.

Permalink | Comment | Email this

Chrome gets fixed; researcher gets paid

CNET News.com — Thu, 11 Feb 2010 00:00:24

The stable version of Google Chrome for Windows has updated with three critical security fixes and an announcement that the first payouts to crowd-sourced security researchers have been delivered.

Gmail blocked in Iran ahead of protests?

CNET News.com — Wed, 10 Feb 2010 22:00:24

Gmail users in Iran report problems as The Wall Street Journal reports that Iranian government says it will shut down Gmail.

Firefox add-on accused of malware comes up clean

CNET News.com — Wed, 10 Feb 2010 20:30:24

One of two add-ons accused of containing malware by Mozilla has turned up clean, the company has announced.

Top 5 Excuses for Falling Victim to Social Engineering

About Antivirus Software — Wed, 10 Feb 2010 15:30:09

Everyone makes excuses; it's probably just human nature. But quite often, the excuses we use can cause real harm. Here are the top 5 excuses that otherwise sensible people give when they've fallen victim to a social engineering attack. >> Full Story

Top 5 Excuses for Falling Victim to Social Engineering originally appeared on About.com Antivirus Software on Wednesday, February 10th, 2010 at 10:45:13.

Permalink | Comment | Email this