Cyber scoundrels have begun taking grammar seriously
Security researchers and cyber criminals are locked in a ceaseless game of cat and mouse, with the latter constantly trying to come up with new ways of delivering malware. However, this does not mean there is no room for an old workhorse like the notorious Zeus malware, a trojan virus that has been in circulation for over seven years now.
Microsoft's latest browser, Internet Explorer 8, has gotten mixed reviews from MaximumPC.com readers (see comments here and here), but one question that's hard for any individual user to answer about any browser is "how secure is it?"
To find out, Microsoft asked NSS Labs to pit IE8 RC1 against its predecessor, IE7, as well as the following third-party browsers: Firefox 3.0.7, Safari 3.2, Chrome 1.0.154, and Opera 9.64. The objective: find out which browser did the best job at handling so-called social-engineering malware sites - the ones that try to con you into downloading malware disguised as something else ("Adobe Flash update," anyone?).
ComputerWorldreports that IE8 did the best job of fending off attacks from 492 malware-distributing websites, blocking 69% of attacks (details here [PDF link]). If you're not using IE8, join us after the jump to learn how your favorite browser fared.
I know it, you know it, almost everybody that reads Maximum PC knows it - but that doesn't mean that your family, your co-workers, or your bosses know it. What's it? Simply this: Microsoft never - repeat never - sends out security updates via email.
The email, ironically enough, claims that "Since public distribution of this Update through the official website http://www.microsoft.com would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users." And, it's signed "Steve Lipner, Directory of Security Assurance, Microsoft Corp."
Well, at least the bad guys got Steve's name right. However, he's actually senior director of security engineering strategy in Microsoft’s Trustworthy Computing Group, according to a recent interview.
The message (minus the Trojan, of course), is available at the Microsoft Malware Protection Center blog, where you can see for yourself the classic hallmarks of a fake message: a shaky command of the English language, sentence construction that's so stiff it belongs on a Victorian-era calling card, and off-the-wall sentiments that show it was adapted from a different con job document: "We apologize for any inconvenience this back order may be causing you." Back order? Whaat? I didn't order any malware!
Already getting calls from frantic family, friends, or co-workers wondering why their PCs have slowed to a crawl or become infested by popups? Join us after the jump for solutions.
Both her campaign manager and the FBI confirmed the news of her account being hacked, which began circulating after the appearance of the leaked screenshots on WikiLeaks. You will not be able to have a look at the screenshots yourself, in case your peeping faculties have been roused by the news, as they have been taken down.
The hackers are said to have only counted on their social engineering skills – by collecting or guessing personal information required for password recovery – and Yahoo’s flimsy, lax password-recovery process for breaking into her account. All said, the hack has exposed Palin’s inexpedient habit of conducting state business using a personal e-mail account.