Latest security bulletin addresses three vulnerabilities
February is proving to be a very busy month for those tasked with the unenviable task of plugging Flash Player holes at Adobe. The Adobe Product Security Incident Response Team (PSIRT) on Tuesday announced the availability of new security updates for the Flash Player. This is the third time this month that the company has had to release security updates for the ubiquitous plugin.
Hackers changed Burger King's Twitter account to look like McDonalds.
Perhaps, as one Twitter user commented, "Whopper123" isn't a secure password. Whatever password Burger King was using to lock down its Twitter account, hackers figured it out and promptly got to work with a McDonalds themed makeover. The cyber pranksters changed Burger King's Twitter handle and avatar, and posted a series of fake tweets, one of which claimed the fast food joint had been sold to McDonalds.
It's not just adults who write and distribute Trojans, pre-teen kids are doing it too, AVG says.
I'd like to think that most 11-year-old kids are into video games, comics, collecting baseball cards, watching Cartoon Network, and things of that nature. Hell, I still do most of those as an adult, but what I find hard to fathom is a handful of pre-teen kids are spending their free time writing malicious code. It's true, according to a report by security firm AVG, which notes that the code is usually written using the .NET framework.
Security firm discovers a pair of malicious apps in Google Play that try to exploit Windows' AutoRun feature.
Do you talk to your PC? If so, be careful what secrets you share with your system, you never know who might be listening. We're not being paranoid here, Security firm Kaspersky has discovered a pair of malicious programs in Google Play that are designed to infect PCs, where it then gets busy tapping into the audio system so that it can record the victim. The sound files are then sent to the malware's author. What's the point?
Popular networking standard places as many as 50 million IPs at risk of one of three attacks, researchers say.
Researchers at Rapid7, a provider of vulnerability management, compliance, and penetration testing solutions for web applications, network, and database security, warns that the popular Universal Plug and Play (UPnP) protocol is flawed, exposing tens of millions of network devices to at least one of three different types of attacks. More than 23 million Internet-connected devices are vulnerable to remote code execution through a single UDP packet, along with tens of millions more via remote discovery on the web.
Hacking group takes credit for attack on U.S. Department of Justice's website.
The hactivist organization known as Anonymous is claiming it's the one responsible for infiltrating the U.S. Department of Justice's Sentencing Commission website (www.ussc.gov) over the weekend. This latest attack was in retaliation to the government's attempt to prosecute Aaron Swartz for illegally downloading millions of academic journals from JSTOR, an online archive and journal distribution service.
Tell us which AV programs you want to see included in this year's roundup!
Straight and to the point, we need your help. You see, we're getting ready to conduct our annual roundup of Internet security suites, and we thought we'd try something a little different this year. Rather than pick which programs we think you'd be most interested in reading about, we're letting YOU tell US which ones to include. That's right, you wield the power -- how will you use it?
ESET upgrades its flagship consumer security products.
ESET, the well-regarded security firm headquartered in Bratislava, Slovakia, dropped us a note to let us know it launched its Smart Security 6 Internet suite and NOD32 Antivirus 6 security software. Both products received enhancements in threat detection, more thorough cleaning of infected systems, and an improved user experience, ESET said.