The most popular stories on BetaNews this past week: May 4 -- May 10
What's that? It's the end of the week already? How did that happen?! Things got off to a slightly slow start, but it ended up being another jam-packed seven days. Microsoft was criticized for continuing to patch Windows XP after support was supposed to have ended, but it does seem as though usage is starting to decline. Interestingly, it is Windows 7 that suffered from a higher malware infection rate according to Microsoft's Security Intelligence Report. Windows 8.x is still struggling to gain a large audience and Wayne looked at why this is the case -- maybe a smartwatch would be a smart move.
The effects of Heartbleed are still being felt, and ExtraHop Networks had some advice during a Q&A session. Symantec unveiled its security roadmap for Advanced Threat Protection, and Dropbox discovered a vulnerability that led to the company pulling access to hyperlinked files. Many big names came together to try to make passwords more exciting -- give it up for World Password Day!
Windows XP use declines steadily but security concerns mount
It's now a month since support for Windows XP came to an end, and we've already had our first exciting little post-XP incident. When a security flaw was discovered in Internet Explorer, an out-of-band patch was released for XP users despite Microsoft's previous claims that no more such updates would be issued. A month on seems like a good time to assess the lay of the land for the operating system, and that's precisely what security firm Secunia has done.
Looking at the install base for Windows XP, Secunia found that there has been an extremely steady decline in usage from the beginning of the year. According to Secunia's numbers, XP could be found on 22 percent of US PCs between January and December of 2013, but this dropped to 18 percent in the period January to February this year. It is possible that this marked drop could be attributed to people finally coming to terms with the idea that XP was no longer being supported and deciding to move on. But things start to slide further as we move into April.
Windows 7 shows higher infection rates than XP in last quarter of 2013
The latest Security Intelligence Report from Microsoft reveals that malware infection rates soared in the final quarter of last year thanks mainly to three threats.
Infection rates measured in computers cleaned per thousand (CCM -- yes M, it uses the Latin for thousand) rose from 5.6 in Q3 to 17.8 in Q4 of last year on the back of the Win32/Senfit click fraud bot, along with two new distribution methods. Win32/Rotbrow, a program claiming to protect from browser add-ons, and Win32/Brantall which acts as an installer for legitimate applications but also bundles less welcome things.
Twitter bolsters security with password reset and suspicious login improvements
Security is always important, but now that we find ourselves in a post-Heartbleed world, it seems that there is more importance than ever being placed on passwords and the safety of online accounts. The constant advice, that we should be using unique passwords of ever-increasing complexity for each service we use, means that there is a greater chance of forgetting our login details. This is something that Twitter recognizes with a couple of account safety changes that are being introduced today.
A new password reset procedure lets you choose whether reset details should be sent to your registered email address or phone number. Having a choice is helpful in case you no longer use the email address you registered with, or if you have switched phone numbers. Choice is good! Mobile users will also find that the reset process has been improved, and Twitter helpfully provides some tips to aid with selecting a strong new password.
Mimecast adds spear phishing protection
Spear phishing attacks are becoming more commonplace and with each major data leak, like that of earlier this year at Target, the number of people at risk of falling victim to one increases.
By their very nature spear phishing attacks are highly targeted and seek to trick users into visiting malicious URLs by appearing to come from a trusted source.
Add a pattern password to your PC with Eusing Maze Lock
PC access is usually restricted with a plain text password, but this isn’t the only option. Windows 8 users can already create a picture password, where they log in by drawing custom gestures (with a fingertip, or the mouse) over their chosen image.
If you’re not using Windows 8, then installing Eusing Maze Lock similarly protects your lock screen with a smartphone-like pattern password, this time using custom swipes over a 3×3 grid of dots.
6 tips to increase company security post-Heartbleed from LastPass CEO, Joe Siegrist
Heartbleed was a security nightmare that caught the technology world unaware and unprepared. There was a good deal of panicking in the immediate aftermath, but looking back a month down the line there is a lot to learn from what happened. But perhaps the most important thing is what happens moving forward.
Post-Heartbleed, Joe Siegrist, CEO for LastPass has a series of tips for companies to help protect data and improve privacy.
Is it time to 'Reset the Net'?
A new campaign called "Reset the Net" has been gaining ground in recent days, with major privacy pressure groups coming out in full support of its mission.
More than 30 of the groups, including Fight for the Future, Demand Progress, Reddit, Free Press and the Libertarian Party, have set June 5 as the day to "Reset the Net" by deploying new privacy tools and enhanced security solutions.
Symantec: Antivirus software is 'dead' and only catches 45% of cyberattacks
Symantec has declared antivirus software "dead" as it finally gets ready to take the fight to the new breed of cyber security threats that are plaguing companies across the globe.
Brian Dye, Symantec senior VP for information security, told the Wall Street Journal that antivirus is no longer a "moneymaker in any way" for Symantec or any other firm and that technology is being developed that will limit the effect future cyber attacks have.
Microsoft, McAfee and more join forces to promote security with World Password Day
Security is fun! Security is sexy! In fact, passwords get so many hearts pounding that World Password Day had to be dreamed up just to create an outlet for the outpouring of emotion associated with them. This may be stretching things a little, but today really is World Password Day, a global movement involving McAfee, Microsoft, Dell, Acer, Lenovo and numerous other big names to educate the world about... passwords! I jest a little, but this is a day with a serious message -- we are all incredibly reliant on passwords, but too many of them are just not strong enough.
Head on over to the website and you'll find all manner of tools designed to stress the importance of strong passwords, and to promote good practices. Things get off to a fairly gentle start with a typing game in which you're invited to type common passwords and blast them out of the sky. There are also tools and tips from each of the companies involved in the project. Microsoft has a password checker that will test the strength of your password, McAfee (now nothing to do with John McAfee!) has a Heartbleed vulnerability checker, while Dell has the handy tip that one shouldn’t type one's password into the username field.
iOS 7 security flaw leaves email attachments vulnerable
A glaring bug in Apple’s iOS 7 mobile operating system has resulted in every email attachment on iPhones and iPads being left completely unencrypted, according to new disclosures.
According to the official support documentation provided by Apple, iOS provides data protection on all devices that offer hardware encryption -- specifically the iPhone 3GS and later, all iPads, and the third-generation iPod touch and later.
Emails suggest that Google was a willing partner with the NSA
Dear old Google. Dear, dear old Google. In the fallout from the NSA revelations, the company has been falling over itself to try to appear open and transparent about the relationship it had with the security agency during its surveillance program. But a series of emails dating back to 2012, obtained by Al Jazeera America, show that things were rather different than the picture that has been painted thus far. Google -- and other web companies who have, for whatever reason, cooperated with the NSA -- has made it seem as though they were unwillingly forced into taking part in NSA activities, but things may not be quite what they seemed.
Recently, a NSA lawyer made it clear that Microsoft, Google, Yahoo and others were fully aware of the levels of data collection that were being performed. This flies in the face of the earlier claims that these firms were completely ignorant of what was happening. You might have thought that such mass surveillance would be illegal, but no, this was absolutely fine according to a federal judge.
Emsisoft releases Anti-Malware 9, Internet Security 9 betas
Emsisoft has released the first public betas for Emsisoft Anti-Malware 9, and a new product, Emsisoft Internet Security 9.
Anti-Malware has essentially the same browsing and antivirus protection as before, but Internet Security 9 takes the package further with a completely new firewall core. Think Emsisoft Online Armor, but with full IPv6 support, more packet filtering rules and better overall performance.
Dropbox pulls access to hyperlinked files after vulnerability discovered
Dropbox, one of the most popular cloud storage services, has largely avoided the spate of recent security woes suffered by other companies. But no system is perfect, and a warning has now been issued after a flaw in hyperlinked files was discovered.
"Whenever you click on a link in any browser, the site you’re going to learns where you came from by something called a referer header. The referer header was designed to enable websites to better understand traffic sources. This is standard practice implemented across all browsers", says Aditya Agarwal.
Paranoid? Enough to place your privacy in the hands of John McAfee?
Remember McAfee? You know, the company whose AV software you couldn't remove from your computer fast enough after picking up an off-the-shelf model? The firm was founded by the now infamous John McAfee, although he has not actually been associated with it in anything other than name for quite some time now. In fact he has become better known for a series of bizarre incidents that saw him accused of manufacturing drugs, mentioned in association with a murder and becoming a fugitive who was concerned that the police were going to kill him.
Sounds like the sort of person you'd like to make an app for your phone? Well, the man is back and this time he, or at least his company Future Tense, has come up with Chadder -- yet another messaging app. But this is a messaging app with a difference. The focus is, allegedly, on privacy, security and encryption. The company's motto is "Say what you want! ⋇⊮ ≩⋉⊱∪≀ ⋘≫≯⋌∹∦ ≎⋡⋔∪≙∼≉{] (We can’t see it anyway!)". My, those symbols really do trip off the tongue.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.