Articles about Security

Symantec announces a change of direction

Symantec might have reported quarterly earnings that beat expectations, but the firm accepts it needs to do something if it is going to continue to thrive in a changing marketplace. So new CEO Steve Bennett has announced a change of direction for the anti-virus firm.

No, the company’s not suddenly going to start making Angry Birds knock-offs, but what it does intend to do is shift its focus on to 10 key areas that will result in the combining of existing products and services and the creation of a range of new, more comprehensive alternatives. The ten areas it intends to work on are:

Continue reading

Mega’s security not so mega? New tool reveals passwords stored in confirmation emails

Kim Dotcom’s new cloud storage and file-sharing site Mega is unquestionably a huge hit, racking up registrations like crazy. After an hour the site had received over 100,000 sign-ups, and was up to half a million registered users in the first 14 hours. According to a new tweet from Dotcom, it’s currently seeing 60 uploads a second.

Mega has made a big deal about security and privacy, with the site offering what it calls User Controlled Encryption, or UCE. All files stored on Mega are automatically encrypted, as are data transfers to and from the site. Users hold the keys to their own files so Mega’s staff don’t know what’s being uploading or shared, a move designed to protect the site from the authorities. However, despite all this promising security, it turns out the site may not be quite as safe as billed.

Continue reading

Best Windows 8 apps this week

Twelfth in a series. It's slow week for new application releases for Windows 8. The number of new apps in the US Windows Store is 635, down from 961 the week before. While I would not - yet - say that this is a sign of things slowing down, it is definitely something that I'll pay attention on in the coming weeks.

The total number of apps in the US store this week is 25,384 of which 20,373 are free to install and 5,011 paid; that is a ratio of 4:1 in favor of free apps.

Continue reading

The latest Facebook privacy flaw is a doozy

Over the past couple of years there has been no shortage of talk about privacy, particularly when it comes to social networks, and especially Facebook. In fact, the service recently made news when the site's privacy settings famously bit founder Mark Zuckerburg's own sister.

Facebook has worked to make its privacy settings easier to understand for everyday users, and to a certain extent has succeeded, but fatal flaws still seem to rear their ugly heads.

Continue reading

Patch in the hole! Security fix for Exynos exploit slowly surfaces

In mid-December, a developer uncovered an exploit at kernel level which affects a number of popular Exynos-based devices, such as the Samsung Galaxy S III and Galaxy Note II, among others. The creator of SuperSU promptly delivered a temporary fix, but it is not particularly suited for mainstream use as it may break the camera app. An official patch is, therefore, in order.

Since the issue is known to mostly affect Samsung devices the ball is actually in the South Korean manufacturer's court which, judging by a number of US carrier announcements, is taking the necessary steps to eliminate the security threat. Both Sprint and T-Mobile revealed software upgrades, touting security fixes related to the Exynos security exploit for two Samsung-branded smartphones.

Continue reading

Security Essentials fails 'AV-Test Certified' stamp of approval and Microsoft says it does not matter

Three days ago, the AV-TEST Institute published its latest results for consumer security product testing, which was conducted on Windows 7 during a two month period, through November and December 2012. From the 25 security solutions analyzed in the roundup, only three products failed to receive the recognized AV-TEST certificate, one of which was Microsoft's own Security Essentials.

The software giant was prompt to respond to the latest test results, by emphasizing that "a rigorous review" is conducted in-house "whenever test results warrant it". Obviously, Microsoft does not shoot itself in the foot, as you may assume, and provides a number of internal test results in order to reassure users that Security Essentials is not as bad as the AV-TEST Institute may suggest. Question is: Why put itself on the spot in the first place?

Continue reading

Phrozen Safe USB protects your stick

There’s no doubt that USB keys are compact, portable and a very convenient way to transfer files and documents. Unfortunately, they’re almost as good as transferring malware, and allowing snoopers to steal information, which is why you might want to control them with a copy of Phrozen Safe USB.

After a simple installation and a reboot, launching the program will add an icon to your system tray. By default this will leave USB devices working just as they did, but right-click the icon and you can choose a couple of alternative settings: “USB Mode Read Only” (drives show up in Explorer, but you can’t write to them), and “USB Mode Disabled” (USB storage devices no longer appear in Explorer at all).

Continue reading

Bitdefender tops AV-TEST, Microsoft Security Essentials bottom feeds

Virus web

Who offers the best antivirus protection? It’s not an easy question to answer, but independent testing labs AV-TEST and AV-Comparatives have just released their latest results and reports, and they make very interesting reading.

AV-TEST places Bitdefender Internet Security 2013 in first place, for instance, with 5/6 for usability, 5.5/6 for repair and an excellent 6/6 for protection. But F-Secure Internet Security 2013 and Trend Micro Titanium Maximum Security 2013 also rate 6/6 for protection, while Kaspersky Internet Security 2013 and Norton Internet Security 2013 rating well all round.

Continue reading

Chrome 25 makes extensions get your permission

Google has released Chrome 25 to the beta channel for Windows, Mac, and Linux, and while the previous release wasn’t too surprising this one has some particularly important changes.

Perhaps the most significant will see external extension deployment disabled by default, which means if you install an application on your Windows system, for instance, the author will no longer be able to silently add a Chrome extension as well just by manipulating the Registry. They’ll normally have to ask your permission to install any add-ons within Chrome itself.

Continue reading

Microsoft releases out-of-cycle patch for Internet Explorer

Patch Tuesday came and went last week without Microsoft addressing a glaring error -- a zero-day flaw in Internet Explorer versions 6 through 8 that attackers use to gain control of a computer. The defect did not affect IE versions 9 and 10, which have been called more secure by some experts.

Now the company is rolling out an uncharacteristic out-of-cycle patch to fix the bug. This follows a manual fix the company released earlier to help users of these legacy browsers protect themselves from attack.

Continue reading

Java 7 update 11 security patch fixes nothing

Oracle has issued an emergency fix for its cross-platform Java software. Java 7 update 11 for Windows, Mac and Linux, and Java 7 Update 11 64-bit for 64-bit versions of Windows and Linux, aims to plug a number of alarming security holes that were being used for phishing attacks and other crimeware.

While update 11 should be considered an essential update for all Java users, researchers have warned that the new build is little more than a sticking plaster for the problem, and recommend users actually disable Java from running inside web browsers.

Continue reading

To say Windows will be at the center of U.S. military action is wishful thinking

The U.S. government, which usually is very slow to adopt new technologies, signed an agreement to move much of the Department of Defense to Windows 8. The three-year, $617 million deal for up to two million seats is a good proxy for where American business users are headed. Or is it? Microsoft of course hopes it is, but I think that’s far from a sure thing.

This isn’t just trading Windows XP for Windows 8. The U.S. Navy, which isn’t (yet) included in this deal, only recently signed its own agreement with Microsoft to take the fleet to Windows 7. But Windows 8, being touch-enabled and running all the way from smartphones to super-clusters, is something more. It represents the U.S. government’s best guess as to how it will embrace mobile.

Continue reading

Malwarebytes Chameleon can remove malware from an already-infected PC

If malware somehow manages to penetrate your PCs defenses then it’s easy to assume you’ll simply download some other antivirus tool to remove it. But life may not be so straightforward. Once installed, some malware will try to prevent you from reaching big antivirus sites, and downloading or running their tools, making the problem much more difficult to tackle.

Unless, that is, you have a copy of Malwarebytes Chameleon to hand.

Continue reading

Switchblade 0.70 troubleshooting toolkit revamps programs, adds Process Hacker

It’s a week since we covered Switchblade, an interesting portable troubleshooting toolkit which was a little flawed by its selection of programs. While there were some excellent choices, the package was distinctly short on system monitoring tools. And we weren’t entirely sure that most people would want to install a copy of Apache on a PC they were investigating, either.

With further questions soon emerging over licensing issues for some of the programs, it wasn’t long before the author removed the SourceForge download. It’s just reappeared in a new Switchblade 0.70 build, though, which appears to address at least some of the previous issues and concerns.

Continue reading

Warning: That Cisco phone on your desk may be spying on you

If your office, like many others in businesses around the world, uses Cisco-branded telephones then you may have a big problem. The networking company issued a security advisory with the catchy name "cisco-sa-20130109-uipphone".

"Cisco Unified IP Phones 7900 Series versions 9.3(1)SR1 and prior contain an arbitrary code execution vulnerability that could allow a local attacker to execute code or modify arbitrary memory with elevated privileges", the notice warns.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.