Less than three weeks ago, security firm Symantec publicly downplayed the theft of a portion of its source code and said the stolen bits were from a 2006 enterprise version of its software. The message at the time was that the theft didn't affect Symantec's Norton products for consumer customers, nor were enterprise users as risk. In other words, chillax. Now Symantec is making the unusual recommendation of telling people not to use its pcAnywhere software.
Before you go around scanning QR codes with your mobile device willy-nilly, you should read through AVG's threat report for Q4 2011. In it AVG provides insight and analysis on trending security threats, and highlights in this latest installment include risks of QR codes, stolen digital certificates bypassing security on mobile phones, and the persistence of rootkits.
Google earlier this week updated the Chrome Stable channel to 16.0.912.77 for Windows, Mac, Linux and Chrome Frame, patching four privately reported vulnerabilities in its browser. How come only four, you ask, when the headline clearly mentions five? Actually the fifth was patched a couple of weeks back, but Google mistakenly failed to include it in the release notes. Hit the jump for more.
Two security issues have been identified in McAfee's SaaS Total Protection anti-malware software suite, one of which could allow an attacker to misuse an ActiveX control to execute code and turn affected PCs into spam servers. The other vulnerability involves a misuse of McAfee's "rumor" technology to allow an attacker to use an affected machine as an "open relay," which could also be used to send spam. Fixes for both are coming.
An Indian hacking group known as "The Lords of Dharmaraja" celebrated swiping the Norton antivirus source code from Symantec earlier this month and promptly began releasing fragments to the public before promising to upload the full Monty on January 17, 2012. That's today, but rather than release the source code in its entirety, the hacking group decided now is not the time.
The thing about being a criminal is there's always the risk of being caught or otherwise exposed. This applies to the life of a cyber criminal as well. To wit, Facebook has identified five men it believes are behind the Koobface worm designed to burrow into various social networks like Facebook and Twitter in search of login information to help spread its related botnet far and wide.
Enterprise hardware and software firm Oracle has a pretty big 'Patch Tuesday' of its own lined up for tomorrow. A so-called "Critical Patch Update" scheduled to roll out on January 17, 2012 is the first of the year for Oracle and will include 78 new security vulnerability fixes across hundreds of Oracle products, some of them affecting multiple products, the company stated in a pre-release announcement.
Zappos, the online apparel shop acquired by Amazon in July 2009 for $928 million in stock and cash, began alerting millions of customers over the weekend that it was hit hard by a data breach that may have granted cyber crooks access to sensitive account information, including the last four digits of any credit cards on file. The database that stores full credit card information and other payment data was not affected or accessed, the company said.
Google Chrome is rapidly winning the hearts and minds of tech enthusiasts everywhere not just for its blistering speed, but for its unrelenting commitment to security. Saying a browser is secure is easy, but making it so is something completely different. To help keep their developers on track the team has come up with a set of seven core security principles, and the complete list makes for a rather interesting read, and we’ll highlight a few of our favorites after the jump.
AVG is well regarded in tech savvy circles for serving up generally capable free antivirus software, as well as a line of paid security products with more advanced features. It's a freemium model that's worked well for the company, and because AVG's antivirus software has remained fairly solid throughout the years, it's built a positive reputation for itself, one that might be worth a whole lot of money.