Maximum PC Security RSS Feed

Pentagon Bans Flash Drives and DVDs in Response to Cyber Attack

Paul Lilly — Fri, 21 Nov 2008 07:36:31 -0600

Cyber attacks on the Pentagon are nothing new, but the latest infiltration has the Defense Department taking unprecedented steps to prevent further damage. In doing so, the Pentagon has banned the use of DVDs, flash drives, and all external hardware, according to Fox News.

"We have detected a global virus for which there has been alerts, and we have seen some of this on our networks," a Pentagon official told FOX News. "We are now taking steps to mitigate the virus."

The official stopped short of saying where the virus originated from, and as long as the information remains classified, we may never know. But Fox News did learn that the Pentagon has been aware of an impending attack from a memo that was sent out a week ago.

Proof that Email Scams Still Work: Woman Loses $400K

Paul Lilly — Wed, 19 Nov 2008 11:14:37 -0600

The internet has become a breeding ground for scams of all shapes and sizes, but perhaps none more popular (and thus more easily recognizable) than the email rouse of a long lost relative, government official, or bank employee holed up in Nigeria and needing your help in securing a large sum of money. There's really no need to go on because you've undoubtedly received variations of this scam in your inbox countless times and, well, it never works. Or does it?

Not only does the old Nigerian bit still lure victims, the scam claimedits biggest known payday to date thanks to Janella Spears who forked over a mind boggling $400,000. Despite the big payout, Spears still contends she isn't easily duped. After all, she works as a registered nurse, teaches CPR, is a reverend who has married many couples, and also learned sign language to communicate with her hearing impaired husband. So what possible spin could this common scam have come with that got a seemingly intelligent woman to take the bait?

Hit the jump to find out what it was that convinced Spears the scam might be legit.

Microsoft to Offer Free Antivirus Software

Paul Lilly — Wed, 19 Nov 2008 10:04:23 -0600

Because hackers target Microsoft's Windows operating systems more than any other OSes, one could argue that it would be only fitting for the software maker to offer its users a free security suite, and that's exactly what Microsoft intends to do. Noting the rapid increase in the prominence of malware, Microsoft says it will discontinue retails sales of it's fee-based Live OneCare subscription service by June 30, 2009 and replace it with a free security suite currently code-named "Morrow."

"Customers around the world have told us that they need comprehensive, ongoing protection from new and existing threats, and we take that concern seriously,” said Amy Barzdukas, senior director of product management for the Online Services and Windows Division at Microsoft. “This new, no-cost offering will give us the ability to protect an even greater number of consumers, especially in markets where the growth of new PC purchases is outpaced only by the growth of malware."

Morrow, which will offer protection against viruses, spyware, rootkis, Trojans, and other malware, will be built to use fewer resources, which Microsoft claims will make it well suited for both low bandwidth situations and low-power PCs. According to Microsoft, Morrow's protection will be on the same level as the company's enterprise solutions.

While that sounds like good news for Windows users, McAfee sees it as an even better opportunity for themselves and doesn't appear worried that it might lose paying customers to Morrow.

"Consumers have voted; OneCare, in its two years on the market, has achieved less than 2 percent market share," he said in an interview. "Microsoft is giving up and has defaulted to a dressed-down freeware model that does not meet consumer security needs. This is good news for McAfee."

Is McAfee underestimating Morrow? Hit the jump and give us your thoughts.

Identity Thieves Look to Feast on Black Friday

Paul Lilly — Mon, 17 Nov 2008 14:05:44 -0600

It's that time of year again when scorching hot deals start to scatter the web in anticipation of Black Friday, one of the biggest online shopping days of the year. Despite still being almost two weeks away, several retailers have already posted Black Friday ads, giving bargain hunters a head start. But lest the hunter becomes the hunted, buyers should take caution not to fall prey to identity thieves.

According to the FTC, consumers were stung for more than $1.2 billion in losses last year as a result of identity theft and fraud. Consumers, who are already stretched thin amid a struggling economy, should be extra cautious this shopping season.

"While the holiday season is surely a time for cheer and celebration, it is also a time when identity thieves are waiting for the perfect opportunity to pounce on unsuspecting consumers," said LifeLock CEO Todd Davis. "Whether it takes place at shopping malls or online, identity theft can increase over the holidays."

Most, if not all of LifeLock's recommended safety precautions will rank as obvious to seasoned shoppers and the tech savvy alike, but they're worth brushing up on before going on that holiday spending spree.

Check Point to Celebrate 15th Anniversary by Giving Away ZoneAlarm Pro Software

Paul Lilly — Mon, 17 Nov 2008 08:18:19 -0600

Given the widespread availability of free solutions, we know how power users hate to pay for security software. If you fall into this category, your options will become slightly more robust this Tuesday, November 18.

According to a spattering of reports, a company spokeswoman for Check Point said the company plans to celebrate its 15th anniversary by giving away a 1-year subscription to its ZoneAlarm Pro software security suite. For those not familiar with the program, ZoneAlarm Pro expands on the company's popular firewall solution by throwing in a spyware remover, protection against rootkits, ID theft protection, and other security odds and ends. The full program typically sells for $40/year.

If the reports hold true, you can download your copy from this link beginning at 6:00 AM PDT Tuesday morning. Procrastinators be warned, the link will only stay active for 24 hours.

AVG Update Inadvertently Cripples Windows XP

Paul Lilly — Wed, 12 Nov 2008 09:06:05 -0600

Thanks to a borked update, some PC users running AVG's free antivirus were in for a long and frustrating weekend. The virus definition update, which was released on Saturday, erroneously detected the "user32.dll" file for the Trojan Horse PSW.Banker4.APSA instead of recognizing it as a critical Windows component. Once the scanner went active, users found their AVG software recommending that they delete the quarantined file. Doing so caused systems to either stop booting or enter into a continuous reboot loop. Whoops!

The misinformed update affected both AVG 7.5 and AVG 8.0 installations on Windows XP. Vista users appear to be in the clear, though a spattering of user comments around the web have indicated otherwise. In any event, another update has corrected the error. For those who already deleted the critical system file, AVG is providing step-by-step instructions on how to restore your system back to a working state. Whether or not it restores your faith back in the program is another question altogether.

Hit the jump and let us know what security software you're using.

A Quiet Patch Tuesday for November 2008

Mark Edward Soper — Tue, 11 Nov 2008 13:17:52 -0600

This month's Patch Tuesday, unlike October's, is a quiet one, with just two security bulletins:

MS08-069 solves a remote code execution vulnerability in Microsoft's XML Core Service that is rated as Critical for version 3.0 and Important for later versions. All 32-bit and 64-bit desktop versions of Windows from Windows 2000 SP4 through Windows Vista SP1 are affected, as well as Microsoft Office 2003 and 2007. The Exploitability Index is 1 (Consistent Exploit Code Likely - the most serious ranking) or 2 (Inconsistent Exploit Code Likely), depending upon the version of XML Core Services installed. Windows Server 2003 and some installations of Windows Server 2008 are also affected.
MS08-068 patches a remote code execution vulnerability in the SMB protocol. MS08-068 is rated as Important for Windows 2000 SP4 and Windows XP, and Moderate for Windows Vista. Windows Server 2003 and all Windows Server 2008 installations are also affected. Despite Microsoft's rating this vulnerability as only Important rather than Critical, MS08-068's Exploitability Index is 1 because exploit code targeting Windows XP is already public.

That's it for Patch Tuesday security bulletins, both of which will be arriving soon via Windows Update (or can be downloaded manually if you prefer). What else has Microsoft served up?

The only non-security content this time is the usual monthly update for the Malicious Software Removal Tool (KB890830; ~~not yet updated as this article was posted~~ now updated) and the usual monthly update for the Windows Mail junk mail filter (KB905866), available in 32-bit and 64-bit versions.

Hackers Target Third Party Apps to Squirm Their Way Through Windows Security

Paul Lilly — Mon, 10 Nov 2008 10:33:13 -0600

Microsoft last week released the fifth volume of its Security Intelligence Report (SIR) covering the period between January through June of 2008. The report, which purports to offer an "in-depth perspective on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software," uses data derived from what Microsoft claims are hundreds of millions of Windows users, all of which is analyzed and laid out in a tidy 13MB PDF download.

According to the 150-page report, hackers are increasingly honing in on third party applications rather than attempting to attack Microsoft directly. Vulnerabilities in programs like RealPlayer, QuickTime, WinZip, and other non-operating system software provide hackers with a greater number of exploits requiring a low degree of complexity, the report claims.

"It is alarming to see that more than 90 percent of vulnerabilities disclosed in 1H08 affected applications, and nearly half of all industry vulnerabilities are rated as High Severity," Microsoft says in its report. "Additionally, 1H08 showed how threats are increasingly affecting a variety of vendors beyond Microsoft."

The report also notes several geographical trends in security threats. Among them, password stealers such are Win32/Bancos are most prominent in Brazil where the overall infection rate has risen an alarming 81.8 percent from 2H07 to 1H08. In the U.S., trojan downloaders, like Win32/Zlob, account for the largest single category of threat.