Ten years ago a group of four Microsoft engineers took to the stage at a security conference in Washington, DC, and presented a paper titled “The Darknet and the Future of Content Distribution”. In this paper, the authors made a compelling argument describing how the rise of information technology would make it easier and faster for people to share files, and how DRM would do little to slow the process down. At the time this premise was a bit controversial, and as the authors openly admit, it almost cost them their jobs.
Microsoft Security Essentials has done it again. For the second time since its inception, the free antivirus software from Microsoft finds itself without German security and antivirus research outfit AV-TEST’s seal of approval, having failed in the latest of the firm’s bimonthly certification tests.
Russian security firm Group-IB claims to have uncovered a critical Adobe Reader vulnerability that is currently being exploited in the wild by attackers in order to circumvent the ubiquitous PDF viewer’s sandbox, a security feature Adobe first introduced as part of Reader X nearly two years ago. Even though this zero-day vulnerability is said to have a few “limitations”, they don’t seem to be crippling enough to stop it from being sold on the black market for anywhere between $30,000 and $50,000.
Microsoft has suffered through more than a few security embarrassments over the years, but at least according to Kaspersky Labs, the Redmond based software giant is back in control. The security researchers have named the top 10 offending companies/products, and for once, Microsoft has been knocked off the list thanks to improvements in Windows 7 & 8. Automatic update mechanisms are citied as the top reason for the high profile exclusion, and have indeed done an amazing job of keeping hackers at bay.
Want to see the top 10 worst offenders? Hit the jump to see the list.
In a bid of mutual respect for one another, and for the greater good against growing cyber security issues, AMD and Intel have come together to help form theCyber Security Research Alliance (CSRA), a non-profit research consortium formed to "address complex problems in cyber security." Industry heavyweights Honeywell, Lockheed Martin, and RSA/EMC are also listed as founding members of the CSRI.
Look, we're not trying to spark a religious debate here, and if Jesus is your co-pilot, that's wonderful. But turning to 'Jesus' to secure your logins is about as ineffective as protecting your accounts with 'Ninja', which also appears on SplashData's "Worst Passwords of 2012." The self-explanatory list contains five new entries, two of which we just mentioned. What about the rest? Let's have a look.
Shopped at a Barnes & Noble brick-and-mortar store lately? If so, keep a close eye on your bank account. The book vendor issued a statement today warning that it's aware of tampering with PIN pad devices at 63 of its stores spanning from California to Rhode Island, and several states in between. B&N called it a "sophisticated criminal effort" in which a single PIN pad was compromised in each of the 63 locations.
Hardly a month goes by without Adobe plugging holes in its widely used Flash Player. On Monday, the San Jose-based software company ensured that October did not turn out to be one of those rare months by updating Flash Player across all the four platforms it is available on.
Throughout history, wars and plagues have wiped out entire cities and civilizations, leaving behind nothing but corpses and tears. Strangely enough, the same thing happened yesterday in World of Warcraft when hackers took advantage of an exploit that allowed them to march through various realms, destroying every character they came across, even non-player characters (NPCs).
Kristy Ross, suspected ringleader of a "scareware" scam that tricked over a million consumers into buying software to remove malware detected by fake antivirus scans, has been ordered to pay more than $163 million in damages, the Federal Trade Commission announced. The court also permanently barred Ms. Ross from selling security software of any kind, as well as any software that might interfere with a consumer's computer use or engage in any from of deceptive marketing.