The Internet was ablaze with Apple talk yesterday. Several news sources picked up on ZDNet's news that Apple was telling its support techs to avoid helping helpless Mac users plagued by the Mac Defender malware. Apparently, the topic struck a sore spot – our blurb on the issue drew almost 60 comments. Awash in a flood of bad publicity, last night Apple officially published a support page on its Web site to help Mac Defender victims take back control of their computer.
Mac users like to flaunt their supposed security in the face of PC enthusiasts all the time. "Spyware? Viruses?" they ask, usually while gently sipping tea with one pinky raised. "Oh, no. Macs don't get those." Given the snootiness, we can help but smile when we imagine them sputtering and spitting out said tea in the wake of the Mac Defender malware that began making the rounds earlier this month. Today, ZDNet claimed that Apple explicitly told its support techs not to help users remove the infection. Where's your Steve Jobs worship now?
Sony just can't catch a break. Just as the Japanese company was pulling itself out of the hole following the PSN and SOE hacks, a phishing site has been found living on Sony's servers. The site is hosted on a sub-domain of Sony's official Thailand site. Who's running this company's servers anyway?
Hopping around the web downloading programs willy-nilly is a surefire way of putting your PC's security software to the test. Think you're in the clear if you download judiciously? If only! According to Microsoft, 1 out of every 14 programs downloaded by Windows users contains malware. What's worse, even though Internet Explorer 9 has multiple layers of security designed to protect surfers from socially engineered malware attacks, 5 percent of IE9 users blatantly ignore the warnings.
Today's browsers are all moving towards hardware accelerated graphics, bringing with them rich online content and a new era of web surfing. That's the upshot, anyway, The tradeoff, according to a British security consultancy, is that your graphics card driver could make you susceptible to denial of service (DoS) attacks and cross-domain image theft. At the heart of the perceived problem is WebGL, which allows browsers to use the OpenGL graphics API.
The entire source code for the Zeus trojan is now floating around the web within easy reach of any would-be miscreant who aspires to modify the code for their own evil deeds. Security firm CSIS discovered the source code being sold on at least two black market forums back in late March, and now says the crime kit is being leaked to the public on several underground forums and through other channels.
Have you ever seen a Panda gloat, one that wasn't played by Jack Black? You have now. Panda Security today announced to the world that its Panda Internet Security 2011 software has been certified by AV-Test.org in its Q1 2011 Product Review and Certification Report. This kung-fu Panda of a different sort put the hurt on malware, detecting 100 percent of samples in AV-Test.org's malware batch, as well as those from its 'in the Wild' list, Panda Security says.
So the big news over the weekend is that U.S. forces tracked down and killed Osama bin Laden in a gunfight, who was later buried at sea. To be clear, the 'PC' in 'Maximum PC' doesn't stand for 'Politically Correct' or else we'd be all over this. Rather than open that can of worms, as topics on politics, religion, and capital punishment tend to do, we'll instead point out that scammers are using bin Laden's death to spread malware. Color us not the least bit surprised.
Over the course of the next four weeks, the U.S. Department of Justice will put into effect an initiative to remotely uninstall the Coreflood botnet Trojan from infected Windows PCs. The way it will go down is the DOJ will identify owners of infected rigs and then submit an authorization form to the FBI. It's the latest step in an effort to stomp out the botnet that's managed to seize control of some 2 million PCs.
How many times have you been called to fix a PC that was invested with malware, only to discover that the user fell for one of the oldest tricks in the malware Bible, fake AV and utility programs? It's a common occurrence because, well, it simply works. Fake AV programs disguised as legitimate security software is getting tougher to discern from the real deal, and that's bad news for less savvy computer users. Security vendor McAfee put together a "Dirty Dozen" list of the most common fake AV software and utilities, and some of the entries might just surprise you.