Security http://www.maximumpc.com/taxonomy/term/206/ en Buggy Microsoft Security Essentials Update Kicks XP Machines While Down http://www.maximumpc.com/buggy_microsoft_security_essentials_update_kicks_xp_machines_while_down_2014 <!--paging_filter--><h3><img src="/files/u69/mse_devil.jpg" alt="MSE Devil" title="MSE Devil" width="228" height="138" style="float: right;" />Here come the conspiracy theories</h3> <p>After more than 12 years of service, Microsoft finally pulled the plug on Windows XP by ceasing to support the operating system last week. However, Microsoft did promise to keep doling out updates for its Microsoft Security Essentials (MSE) software, including the version that runs on XP, but in doing so, the Redmond outfit only made things worse. That's because <strong>the latest MSE update is causing some XP machines to freeze up and run slow</strong>.</p> <p>Anyone with a tinfoil hat will tell you this is entirely intentional on Microsoft's part and nothing more than a thinly veiled attempt to get users to upgrade. The real explanation is likely far less insidious, though equally annoying for XP users who had hopes of holding onto the legacy OS for at least a little while longer.</p> <p>"I am a professional computer engineer and maintain many desktops and laptops for my customers on a daily basis: as of today (April 16th) I have seen about 12 computers on which Windows XP - after every boot up - throws up an error message referring to MSE, stating: 'MsMpEng.exe application error. The instruction at 0x5a4d684d referenced memory at 0x00000000 The memory could not be read', leaving the computer in an unusable state," <a href="http://answers.microsoft.com/en-us/windows/forum/windows_xp-winapps/bug-in-microsoft-security-essentials-lames-windows/7e105845-e4e7-4b0d-b7f8-485ba538e3b2" target="_blank">a user wrote</a> on Microsoft's Windows forum.</p> <p>He goes on to say that "the only solution is to disable MSE or uninstall it completely." Doing so will restore performance, but it comes at the expense of security protection, which is now more important than ever for XP users.</p> <p>Microsoft has yet to acknowledge the situation or issue a fix. One is likely coming, but in the meantime, there are third-party AV vendors that still support XP.</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/buggy_microsoft_security_essentials_update_kicks_xp_machines_while_down_2014#comments microsoft Microsoft Security Essentials mse operating system OS Security Software Windows XP News Thu, 17 Apr 2014 18:20:08 +0000 Paul Lilly 27655 at http://www.maximumpc.com Google Beefs Up Android Security, Watches for Misbehaving Apps http://www.maximumpc.com/google_beefs_android_security_watches_misbehaving_apps_2014 <!--paging_filter--><h3><img src="/files/u69/nexus_verify.jpg" alt="Android Verify" title="Android Verify" width="228" height="161" style="float: right;" />New security measures keeps your installed Android apps in check</h3> <p>It's not unusual for a malicious Android app to sneak into Google Play, though they're obviously much more prevalent from third-party sources, especially from sketchy areas of the web. To help protect users from falling prey to an app's malicious intentions, <strong>Google is rolling out a new enhancement to its security scheme that will examine an app's behavior after it's been installed</strong>.</p> <p>The security scheme will continually check devices to make sure installed apps aren't misbehaving. It's part of Google's "Verify apps" security system, which also scans apps prior to installation.</p> <p>"Because potentially harmful applications are very rare, most people will never see a warning or any other indication that they have this additional layer of protection. But we do expect a small number of people to see warnings (which look similar to the existing Verify apps warnings) as a result of this new capability," Google stated in a <a href="http://officialandroid.blogspot.co.uk/2014/04/expanding-googles-security-services-for.html" target="_blank">blog post</a>. "The good news is that very few people have ever encountered this; in fact, we’ve found that fewer than 0.18 percent of installs in the last year occurred after someone received a warning that the app was potentially harmful."</p> <p>This new measure will also protect against potentially malicious apps that might have been installed prior to Google's verification system going live in 2012. Either way, it's nice to have the extra layer of protection, especially as malware writers begin to pay more attention to Android.</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/google_beefs_android_security_watches_misbehaving_apps_2014#comments android apps Google Security Software News Thu, 10 Apr 2014 18:21:00 +0000 Paul Lilly 27605 at http://www.maximumpc.com Symantec: Cybercriminals Shift Behavior to Mega Breaches in Hopes of Bigger Payouts http://www.maximumpc.com/symantec_cybercriminals_shift_behavior_mega_breaches_hopes_bigger_payouts_2014 <!--paging_filter--><h3><img src="/files/u69/mega_breach_infographic.jpg" alt="Mega Breach Infographic" title="Mega Breach Infographic" width="228" height="173" style="float: right;" />A so-called "mega breach" can be worth as much as 50 smaller attacks</h3> <p><strong>Large scale cyber attacks are on the rise</strong>, says security firm Symantec, which dubbed 2013 "Year of the Mega Breach." According to Symantec, there's a significant shift taking place in how cybercriminals operate. Rather than go in for quick hits with small rewards, cybercriminals are seeing the financial benefit in plotting bigger attacks months in advance. A single mega breach, as Symantec calls these attacks, can yield the same reward as 50 small scale attacks.</p> <p>"While the level of sophistication continues to grow among attackers, what was surprising last year was their willingness to be a lot more patient – waiting to strike until the reward is bigger and better," said Sheldon Hand, regional manager for Rest of Africa, Symantec.</p> <p>Symantec says there were eight mega breaches in 2013, compared to just one mega breach the year prior. As far as the bigger picture goes, there was a 62 percent increase in the overall number of data breaches from the previous year, which resulted in 552 million exposed identities.</p> <p>"Nothing breeds success like success – especially if you’re a cybercriminal," said Hand. "The potential for huge paydays means large-scale attacks are here to stay. Companies of all sizes need to re-examine, re-think and possibly re-architect their security posture."</p> <p>Targeted attacks jumped 91 percent in 2013 compared to 2012 and lasted an average of three times longer. Interestingly, personal assistant and people working in public relations were the two most targeted professions, Symantec says.</p> <p>You can read more in Symantec's <a href="http://www.symantec.com/security_response/publications/threatreport.jsp" target="_blank">2014 Internet Security Threat Report, Volume 19</a>.</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/symantec_cybercriminals_shift_behavior_mega_breaches_hopes_bigger_payouts_2014#comments Internet mega breach online Security symantec News Thu, 10 Apr 2014 16:06:50 +0000 Paul Lilly 27602 at http://www.maximumpc.com Heartbleed Security Flaw Catches Internet Off Guard http://www.maximumpc.com/heartbleed_security_flaw_catches_internet_guard_2014 <!--paging_filter--><h3><img src="/files/u69/heartbleed.jpg" alt="Heartbleed" title="Heartbleed" width="228" height="211" style="float: right;" />Website owners far and wide scramble to fix a major vulnerability</h3> <p>This has been one of the busier weeks in recent history for IT workers and web admins. <strong>Earlier this week, researchers discovered a major flaw in OpenSSL</strong>, an open source encryption technology that's utilized by an estimated two-third of the world's websites. They're calling it "Heartbleed." By exploiting the bug, cybercriminals can comb through a server's memory and pluck sensitive user data, including usernames, passwords, credit card numbers, and more.</p> <p>Hackers can also exploit the vulnerability to eavesdrop on communications, steal data directly from the services and users, and impersonate services and users, according to Heartbleed.com, a special website built by Finnish security firm Codenomicon. The website is intended to answer questions about the vulnerability.</p> <p>The good news here is that an updated version of OpenSSL plugs up the security hole. However, not all websites know about the patch, nor are some of them informed about Heartbleed.</p> <p>"You are likely to be affected either directly or indirectly. OpenSSL is the most popular open source cryptographic library and TLS (transport layer security) implementation used to encrypt traffic on the Internet. Your popular social site, your company's site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL," <a href="http://heartbleed.com/" target="_blank">Heartbleed.com explains</a>.</p> <p>Changing your passwords is recommended, though not until any website you log into confirms that it's fixed the issue. While bigger sites are likely aware of the issue, smaller hobby sites that you visit might not be, so you might even want to reach out to them. It's also a good idea of keep a close eye on your financial statements in the immediate future, if you're not doing so already.</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/heartbleed_security_flaw_catches_internet_guard_2014#comments heartbleed Internet openssl Security web News Wed, 09 Apr 2014 16:16:34 +0000 Paul Lilly 27595 at http://www.maximumpc.com Facebook Paid Out $1.5 Million in Bug Bounties in 2013 http://www.maximumpc.com/facebook_paid_out_15_million_bug_bounties_2013 <!--paging_filter--><h3><img src="http://www.maximumpc.com/files/facebook_bug_0.jpg" alt="Facebook Bug Bounty" title="Facebook Bug Bounty" width="228" height="167" style="float: right;" /></h3> <h3>Highest number of valid bug reports came from India, followed by the U.S. and Brazil</h3> <p>Facebook on Friday published an update on the <a href="https://www.facebook.com/notes/facebook-bug-bounty/bug-bounty-highlights-and-updates/818902394790655" target="_blank">progress of its four-year-old bug bounty program</a>, revealing that it <strong>paid out $1.5 million in bounties last year to take the program’s lifetime payouts beyond $2 million.</strong></p> <p>Total submissions in 2013, according to the social networking giant, rose 246 percent from the year prior to reach 14,763, the vast majority of which were found to be invalid. The $1.5 million it paid out in 2013 were distributed among 330 researchers around the globe, with the average reward being $2,204. Further, most of the bugs brought to light under the program were “in non-core properties, such as websites operated by companies we've acquired.”</p> <p>“We're grateful to all the researchers around the world who have taken the time to evaluate our services and report bugs. Researchers in Russia earned the highest amount per report in 2013, receiving an average of $3,961 for 38 bugs,” the company said in a note. “India contributed the largest number of valid bugs at 136, with an average reward of $1,353. The USA reported 92 issues and averaged $2,272 in rewards. Brazil and the UK were third and fourth by volume, with 53 bugs and 40 bugs, respectively, and average rewards of $3,792 and $2,950.”</p> <p>The company is particularly pleased with its handling of high-severity bugs, having managed to bring down “the median fix time for high-severity issues down to just 6 hours.”</p> <p><em style="margin: 0px; padding: 0px; border: 0px; outline: 0px; font-size: 14px; vertical-align: baseline; background-color: #ffffff; color: #000000; font-family: Arial, sans-serif; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 21px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-position: initial initial; background-repeat: initial initial;">Follow Pulkit on&nbsp;<a style="margin: 0px; padding: 0px; border: 0px; outline: 0px; font-size: 14px; vertical-align: baseline; background-color: transparent; color: #cc0000; text-decoration: none; background-position: initial initial; background-repeat: initial initial;" href="https://plus.google.com/107395408525066230351?rel=author">Google+</a></em></p> http://www.maximumpc.com/facebook_paid_out_15_million_bug_bounties_2013#comments bug bounty facebook Internet Security vulnerabilities web News Sun, 06 Apr 2014 23:38:20 +0000 Pulkit Chandna 27573 at http://www.maximumpc.com Five-year-old Exposes Xbox Live Vulnerability http://www.maximumpc.com/five-year-old_exposes_xbox_live_vulnerability <!--paging_filter--><h3><img src="http://www.maximumpc.com/files/u46168/d4a30bc0-cf34-42b6-9c58-ef52922d613d.png" alt="Xbox Live Password Vulnerability" title="Xbox Live Password Vulnerability" width="228" height="128" style="float: right;" /></h3> <h3>Managed to log in to dad’s account with simple trick</h3> <p>Each month, the Microsoft Security Response Center publishes a list of security researchers to whom it is thankful for privately disclosing bugs in its online services and, often, working with it to fix them. On the surface, the <a href="http://technet.microsoft.com/en-us/security/cc308589.aspx" target="_blank">latest list</a> may not seem too different from the previous ones, but that’s only until you realize that <strong>one of the over three dozen security researchers on it is actually a five-year-old kid.</strong></p> <p>Late last year, Kristoffer Von Hassel, a San Diego-based five-year-old, stumbled on a vulnerability in the Xbox Live service, which he promptly exploited to log in to his dad’s account and access Xbox One games he wasn’t supposed to. This went on until his father, Robert Davies, found out about his exploits and asked him how he was doing it.</p> <p>When confronted, Kristoffer, who had until then been “nervous” about his father finding out, was more than happy to spill the beans. He informed his dad that entering the wrong password brought up a <a href="http://www.10news.com/news/5-year-old-ocean-beach-exposes-microsoft-xbox-vulnerability" target="_blank">password verification screen that could be bypassed by simply entering in a series of spaces. </a></p> <p>"How awesome is that!" Davies told a local news station. “Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool.”</p> <p>A proud Davies, who works in computer security, promptly notified Microsoft about his son’s discovery. The tech giant has not only formally acknowledged Kristoffer’s valuable contribution in keeping Xbox Live secure, but also showered him with a few gifts —&nbsp; four games, $50 and a one-year Xbox Live.</p> <p>“We take security seriously at Xbox and fixed the issue as soon as we learned about it,” the company said in a statement.</p> <p><em>Image Credit: Microsoft</em><br /><em style="margin: 0px; padding: 0px; border: 0px; outline: 0px; font-size: 8px; vertical-align: baseline; background-color: #ffffff; color: #000000; font-family: Arial, sans-serif; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 21px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-position: initial initial; background-repeat: initial initial;">Follow Pulkit on;<a style="margin: 0px; padding: 0px; border: 0px; outline: 0px; font-size: 12px; vertical-align: baseline; background-color: transparent; color: #cc0000; text-decoration: none; background-position: initial initial; background-repeat: initial initial;" href="https://plus.google.com/107395408525066230351?rel=author"> Google+</a></em></p> http://www.maximumpc.com/five-year-old_exposes_xbox_live_vulnerability#comments hack microsoft Password Security vulnerability xbox live youngest security researcher News Sun, 06 Apr 2014 23:10:50 +0000 Pulkit Chandna 27571 at http://www.maximumpc.com F-Secure Offers Tips to Windows XP Users Who Don't Plan to Upgrade http://www.maximumpc.com/f-secure_offers_tips_windows_xp_users_who_dont_plan_upgrade_2014 <!--paging_filter--><h3><img src="/files/u69/xp_desolate.png" alt="Windows XP" title="Windows XP" width="228" height="143" style="float: right;" />Support for XP might be ending, but the world is not</h3> <p>Security outfit <strong>F-Secure has published its Threat Report for the second half of 2013</strong>, which provides a detailed look at the threat landscape as well as trends in malware. It also contains some advice for Windows XP users who aren't planning to upgrade to a newer OS once support ends on April 8, 2014. Whether the decision to stick with XP is based on contractual obligations or other reasons, F-Secure says "all is not lost" for businesses and users who ride it out.</p> <p>"Patching XP is not the first line of defense. Or it really shouldn't be," F-Secure notes in its <a href="http://www.f-secure.com/static/doc/labs_global/Research/Threat_Report_H2_2013.pdf" target="_blank">report (PDF)</a>. "Folks that continue to use XP at home can do so with some reasonable amount of safety, for a while still, but they absolutely need to review their Internet (particularly web browsing) and computing habits."</p> <p>F-Secure lists out a series of steps XP users should take, starting with the installation of Microsoft's final security update for XP. After that, the security firm recommends ditching Internet Explorer as the default browser. Some other recommendations include keeping Microsoft Office fully patched, reviewing third-party software and uninstalling anything that isn't needed, uninstalling browser plug-ins for software that's kept, have an up-to-date antivirus and firewall installed, stay connected to a NAT router, and of course consider upgrading at some point.</p> <p>On the mobile front, F-Secure says malware writers almost exclusively target Android, which was the target of 97 percent of new mobile threats in 2013. Trojans account for three-quarters of malware on Android -- these usually come bundled with repackaged apps that look and sound similar to their legitimate counterparts.</p> <p>Image Credit: Flickr (Manuel Cernuda)</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/f-secure_offers_tips_windows_xp_users_who_dont_plan_upgrade_2014#comments F-Secure Security Software windows xp News Mon, 24 Mar 2014 15:27:25 +0000 Paul Lilly 27494 at http://www.maximumpc.com Symantec in Search of a New Chief After Firing CEO Steve Bennett http://www.maximumpc.com/symantec_search_new_chief_after_firing_ceo_steve_bennett_2014 <!--paging_filter--><h3><img src="/files/u69/symantec_sign.jpg" alt="Symantec Sign" title="Symantec Sign" width="228" height="152" style="float: right;" />Shares of Symantec tumble after security outfit shows its CEO the door</h3> <p><strong>Security firm Symantec announced that it has terminated Steve Bennett as the company's president and chief executive officer</strong>, as well as his resignation from Symantec's board of directors. A special committee has begun the search for a permanent replacement, during which time board member Michael Brown will serve as interim CEO. The decision to let Bennett go didn't sit well with investors, who were caught off guard by his surprise dismissal yesterday.</p> <p>Symantec's share price fell more than 9 percent in pre-market trading and is now down almost 13 percent. Though the move came as a surprise to most, Symantec said the decision wasn't precipitated by any event or impropriety. It seems Symantec simply felt Bennett wasn't the right person to drive the company's growth and to hit the goals it set out for itself.</p> <p>"We recognize Steve's contributions to Symantec, including developing and leading a series of successful initiatives focused on organizational realignment, cost reduction and process effectiveness. These changes have helped establish a solid foundation for Symantec's future, and we remain committed to our previously announced greater-than 5 percent organic revenue growth and better-than 30 percent non-GAAP operating margin targets by FY17," Symantec chairman Daniel Schulman said in a <a href="http://www.symantec.com/about/news/release/article.jsp?prid=20140320_01" target="_blank">statement</a>. "Our priority is now to identify a leader who can leverage our company's assets and leadership team to drive the next stage of Symantec's product innovation and growth."</p> <p>Symantec develops security software, including its popular Norton line of products. For a long time, Norton had a negative reputation among power users for its slow performance, bloat, and in some cases, ineffectiveness. However, Symantec completely rewrote the program in 2009 with a focus on speed and performance. Since then, Norton Internet Security has consistently scored high marks in Maximum PC's annual antivirus roundups.</p> <p>The turnaround effort makes Bennett's firing even more surprising and casts a shadow of uncertainty over future versions of Norton. However, interim CEO Michael Brown feels confident the company can continue on without skipping a beat.</p> <p>"With recent key hires, we have a leadership team in place that is capable of accelerating our growth and I look forward to working closely with them to help execute the next phase of the company's transformation plan," Brown said. "The need for protecting and managing your information has never been stronger, and we must act aggressively to capture a growing share of this market. By concentrating on product innovation and growth initiatives, we aim to leverage Symantec's tremendous assets across both consumer and enterprise applications to enhance our position as a market leader."</p> <p>Brown has been with Symantec ever since the company's merger with VERITAS Software in July 2005. Prior to that, he was the CEO of Quantum Corporation, where he grew revenues from $3 billion to $6 billion.</p> <p>Image Credit: Flickr (Kazuhisa OTSUBO)</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/symantec_search_new_chief_after_firing_ceo_steve_bennett_2014#comments antivirus michael brown Security Software steve bennett symantec News Fri, 21 Mar 2014 17:05:38 +0000 Paul Lilly 27485 at http://www.maximumpc.com ESET: Hackers Hijack 25,000 UNIX Servers to Build a Malware Army http://www.maximumpc.com/eset_hackers_hijack_25000_unix_servers_build_malware_army <!--paging_filter--><h3><img src="/files/u69/servers.jpg" alt="Servers" title="Servers" width="228" height="153" style="float: right;" />Compromised servers attack over 500,000 PCs daily</h3> <p>Perhaps it should be called the world <em>wild</em> web to more accurately reflect a landscape fraught with danger, at least if you're taking an alarmist point of view. Sometimes it's hard not to. To wit, security outfit ESET said its research team, in collaboration with CERT-Bund, the Swedish National Infrastructure for Computing and other leading agencies, <strong>uncovered a massive cybercriminal campaign in which a backdoor Trojan was able to hijack more than 25,000 UNIX servers</strong> around the world.</p> <p>The infected systems are being used for all kinds of nefarious purposes. They're sending up to 35 million spam messages per day, stealing users login credentials, and redirecting web traffic to back alleys and other places innocent users typically try to steer clear from.</p> <p>Security experts have given the attack a name: Operation Windigo. At present, Windigo is responsible for redirecting half a million visitors to malicious content each day. The relentless assault is coming from servers located in the U.S. Germany, France, and the U.K., <a href="http://www.eset.com/us/presscenter/press-releases/article/malware-used-to-attack-more-than-500000-computers-daily-after-25000-unix-servers-hijacked-by-backdoor-trojan/" target="_blank">ESET says</a>.</p> <p>Over 60 percent of the world's websites run on Linux, and with that being the case, ESET is urging system administrators to actively check their systems for malware. To help do that, ESET published a <a href="http://www.welivesecurity.com/2014/03/18/operation-windigo-the-vivisection-of-a-large-linux-server-side-credential-stealing-malware-campaign/" target="_blank">detailed technical report</a> with guidance on how to determine if a system is infected, as well as instructions on how to remove the malicious code.</p> <p>Image Credit: Flickr (Beraldo Leal)</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/eset_hackers_hijack_25000_unix_servers_build_malware_army#comments eset malware Security Servers Trojan unix windigo News Wed, 19 Mar 2014 16:24:07 +0000 Paul Lilly 27468 at http://www.maximumpc.com Avast Warns of Widespread Security Issues Once Microsoft Abandons XP http://www.maximumpc.com/avast_warns_widespread_security_issues_once_microsoft_abandons_xp_2014 <!--paging_filter--><h3><img src="/files/u69/avast_xp.jpg" alt="Avast XP" title="Avast XP" width="228" height="150" style="float: right;" />Microsoft is making a mistake to hang XP out to dry, Avast says</h3> <p>Avast COO Ondrej Vlcek doesn't think Microsoft is doing Windows users a solid by discontinuing support for Windows XP next month. Vlcek digitally inked a cautionary blog post <strong>warning Microsoft that turning its back on XP is a "big mistake"</strong> that will have negative repercussions not only for XP users, but for the "whole ecosystem." As it stands, Microsoft is planning to end support for XP on April 8, 2014.</p> <p>"Tens of millions of PCs running XP connected to the Internet, unpatched and without security updates, are just waiting to be exploited," <a href="https://blog.avast.com/2014/03/17/another-data-breach-crisis-looms-as-microsofts-d-day-for-xp-forces-security-scramble/" target="_blank">Vlcek warns</a>. "The vulnerable OS will be an easy target for hackers and be seen as a gateway to infect other non-XP operating systems. Our telemetry data shows that XP users are 6 times more likely to get attacked than Windows 7 users and once Microsoft stops issuing patches, this can worsen."</p> <p>In addition, Avast says its own database reveals that 23.6 percent of its 200 million users are still running Windows XP, which indicates that Microsoft hasn't been successful in transitioning legacy users to newer systems. This in itself is going to leave a lot of Windows users as sitting ducks.</p> <p>It's not just home users who are at risk, either. According to Vlcek, more than 9 out of 10 ATMs still run XP, as do many medical offices that store confidential patient information and stores that retain customer details, such as credit card numbers.</p> <p>To help deal with the upcoming threats, Avast says it's committed to supporting XP for at least the next three years. Avast will also create protection modules and detections specifically designed for XP.</p> <p>"We have already taken additional steps in our latest product release, Avast! 2014, by making the product lighter, both in terms of speed and resource consumption, tailoring it for older machines still running Windows XP. In addition to the security value, avast! 2014 is offered for free, which is especially important for XP users," Vlcek added.</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/avast_warns_widespread_security_issues_once_microsoft_abandons_xp_2014#comments avast microsoft Security Software windows xp News Mon, 17 Mar 2014 19:08:25 +0000 Paul Lilly 27458 at http://www.maximumpc.com McAfee Identified an Astounding 200 New Malware Samples Per Minute in 2013 http://www.maximumpc.com/mcafee_identified_astounding_200_new_malware_samples_minute_2013 <!--paging_filter--><h3><img src="/files/u69/virus.jpg" alt="Virus" title="Virus" width="228" height="174" style="float: right;" />McAfee publishes its Q4 Threat Report</h3> <p>Malware writers didn't take a vacation in 2013. Just the opposite, <strong>McAfee noted a sharp rise in ransomware, Android malware, suspicious URLs, and other malicious attempts to steal users' data</strong>, which the security firm published in its Threat Report for the fourth quarter of 2013. When combining all of its findings across mobile and desktop, security firm McAfee said it detected 200 new threats every minute, or more than three for every second that passed in 2013.</p> <p>One of the growing threats is that of malicious signed binaries, which are applications that have obtained a certificate from a certificate authority (CA) or its proxy verifying the service provider owns the application. According to McAfee, the threat of digitally signed malware is expanding faster than ever before -- McAfee noted more than 2.3 million new and unique signed binaries in Q4 2013, representing a 52 percent sequential increase.</p> <p>In terms of mobile, it's no surprise tha Android continues to be a top target, considering it's the most popular mobile platform out there. McAfee said it collected 2.47 million new mobile malware samples in 2013, including 744,000 in Q4 alone. As for those specific to Android, McAfee said its Android malware zoo of unique samples grew 197 percent year-over-year.</p> <p>On a positive note, the number of new rootkit malware seems to be declining over time, though this is partially offset by the total number of rootkits showing steady growth over the last several years.</p> <p>There's plenty more to digest in the <a href="http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q4-2013.pdf" target="_blank">full report (PDF)</a>.</p> <p>Image Credit: OpenClipart</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/mcafee_identified_astounding_200_new_malware_samples_minute_2013#comments malware Mcafee Security Software threat report News Mon, 10 Mar 2014 18:00:06 +0000 Paul Lilly 27413 at http://www.maximumpc.com Holdouts Take Note: Microsoft Readies Penultimate Patch for Windows XP http://www.maximumpc.com/holdouts_take_note_microsoft_readies_penultimate_patch_windows_xp <!--paging_filter--><h3><img src="http://www.maximumpc.com/files/u46168/shutdown.jpg" alt="Windows XP Support to End Next Month" title="Windows XP " width="228" height="139" style="float: right;" /></h3> <h3>Support for Windows XP to end next month</h3> <p>Windows XP support is entering its final stages. This coming <strong>Tuesday will see the release of some of the last security patches for the operating system</strong> which, despite its advanced age, still commands a sizable share of the PC market and simply refuses to die.</p> <p>Microsoft will be delivering <a href="https://technet.microsoft.com/en-us/security/bulletin/ms14-mar" target="_blank">five security bulletins on this month’s Patch Tuesday</a>. If you’re a Windows XP holdout, what you should really be concerned about is the fact that all five security bulletins affect Windows XP. With Windows XP support scheduled to end on April 8, now is a good time to <a href="http://www.maximumpc.com/microsoft_offers_tips_tear_your_family_and_friends_away_windows_xp2014" target="_blank">abandon the 13-year-old operating system</a> if you haven’t done so already. </p> <p>Of the five security bulletins, two are rated “critical” and three “important”. One of the critical bulletins will address a zero-day bug in Internet Explorer that last month prompted the Redmond-based company to issue a “Fix it” tool to help temporarily block ongoing attacks until such time as a more permanent fix was available. </p> <p>“Windows XP is affected by all five updates, and there is really no reason to expect this picture to change; Windows XP will continue to be impacted by the majority of vulnerabilities found in the Windows ecosystem, but you will not be able to address the issues anymore,” wrote Qualys CTO Wolfgang Kandek in a <a href="https://community.qualys.com/blogs/laws-of-vulnerabilities/2014/03/06/march-2014-patch-tuesday-preview" target="_blank">recent blog post</a>.</p> <p>“So you need a strategy for the XP machines remaining in your infrastructure. We are still seeing a significant number of XP machines in our scans, ranging from around 25% in our consumer oriented service BrowserCheck to under 20% in our enterprise oriented data from QualysGuard.”</p> <p>“Of the remaining issues, one is an important privilege issue, probably going to be a kernel or kernel driver patch; never something to ignore but less important than a critical/remote issue,” wrote Ross Barrett, senior manager of security engineering at Rapid 7, in a post on <a href="http://www.net-security.org/secworld.php?id=16487" target="_blank">security news site Help Net Security</a>. “The other two are the seldom seen ‘security mechanism bypasses’, probably the same issue being patched in Windows and in Silverlight.&nbsp; We will have to wait and see how exploitable this turns out to be.&nbsp; If it turns out that some of these issues are in the wild and under exploitation, then that will be change the circumstances of what to prioritize.”</p> <p><em style="margin: 0px; padding: 0px; border: 0px; outline: 0px; font-size: 14px; vertical-align: baseline; background-color: #ffffff; color: #000000; font-family: Arial, sans-serif; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 21px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-position: initial initial; background-repeat: initial initial;">Follow Pulkit on&nbsp;<a style="margin: 0px; padding: 0px; border: 0px; outline: 0px; font-size: 14px; vertical-align: baseline; background-color: transparent; color: #cc0000; text-decoration: none; background-position: initial initial; background-repeat: initial initial;" href="https://plus.google.com/107395408525066230351?rel=author">Google+</a></em></p> http://www.maximumpc.com/holdouts_take_note_microsoft_readies_penultimate_patch_windows_xp#comments end of life Internet Explorer march patch tuesday microsoft patches Security vulnerability windows xp zero-day News Sun, 09 Mar 2014 22:56:06 +0000 Pulkit Chandna 27406 at http://www.maximumpc.com Survey Finds Over Half of Antivirus Users Pay for Security Software http://www.maximumpc.com/survey_finds_over_half_antivirus_users_pay_security_software_2014 <!--paging_filter--><h3><img src="/files/u69/av_keyboard.jpg" alt="AV Keyboard" title="AV Keyboard" width="228" height="153" style="float: right;" />AV-Comparatives releases its antivirus survey for 2014</h3> <p><strong>Not only do the vast majority of PC users run some type of antivirus software, but most of them pay for security</strong>, according to a new survey by AV-Comparatives, an independent testing lab. There's not a wide gap between those who pay for security software and those who opt for freebie programs -- 51 percent to 47 percent, respectively -- but it is interesting when you consider that Internet security suites have a stigma of being bloated and slow.</p> <p>We know that's not always true, as evidenced by our annual AV roundups in which some suites barely have an impact on performance. Regardless, the survey also revealed that the performance impact is the most important aspect of AV software, followed by a good detection rate being the second most important and good malware removal and cleaning capabilities ranking third.</p> <p>According to the survey, Avast is the most popular anti-malware vendor in North America on the desktop, followed by ESET, Microsoft, Symantec, Kaspersky Lab, Malwarebytes, Bitdefender, Avira, AVG, Webroot, Panda, and F-Secure. In terms of mobile, the top 10 list includes (in order) Avast, Lookout, AVG, Bitdefender, Kaspersky Lab, TrustGo, ESET, Webroot, Malwarebytes, and Symantec.</p> <p>You can view the full survey <a href="http://www.av-comparatives.org/wp-content/uploads/2014/03/security_survey2014_en.pdf" target="_blank">here (PDF)</a>.</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/survey_finds_over_half_antivirus_users_pay_security_software_2014#comments antivirus av-comparatives Security Software survey News Wed, 05 Mar 2014 17:15:21 +0000 Paul Lilly 27386 at http://www.maximumpc.com Asus Finally Rolls Out a Firmware Fix for Major Router Vulnerability http://www.maximumpc.com/asus_finally_rolls_out_firmware_fix_major_router_vulnerability_2014 <!--paging_filter--><h3><img src="/files/u69/rt-n66u.jpg" alt="Asus RT-N66U" title="Asus RT-N66U" width="228" height="185" style="float: right;" />It took Asus eight months to address a security flaw in some of its routers</h3> <p>If you own an Asus-brand router, do yourself a favor and check to see if there's a firmware update available. Depending on which model you own, <strong>you could be susceptible to an eight-month security flaw</strong> that could potentially allow a remote hacker to access your hard drives. A recent firmware release is supposed to plug up the security hole, it's just a shame it took Asus so long to address the issue. So, what happened?</p> <p>Back in June of last year, security researcher John Lovett <a href="http://www.securityfocus.com/archive/1/526942" target="_blank">posted details</a> of the vulnerability on his <em>SecurityFocus</em> website. What he found was that hackers were able to "traverse to any external storage plugged in through the USB ports on the back of" select routers. He was specifically referring to the popular RT-N66U, but the vulnerability is present on other models as well. Lovett only went public with the info after contacting Asus two weeks prior and receiving a response that "it was not an issue."</p> <p>An <em>Ars Technica</em> reader recently <a href="http://arstechnica.com/security/2014/02/dear-asus-router-user-youve-been-pwned-thanks-to-easily-exploited-flaw/" target="_blank">found out the hard way</a> that the vulnerability <em>is</em> an issue. As he was browsing the contents of his external hard drive, he came upon a text file with a warning message.</p> <p>"This is an automated message being sent out to everyone affected. Your Asus router (and your documents) can be accessed by anyone in the world with an Internet connection. You need to protect yourself and learn more by reading the following news article: http://nullfluid.com/asusgate.txt," the message read.</p> <p>In July of last year, Lovett posted additional details about the security flaw.</p> <p>"The vulnerability is that on many, if not on almost all N66U units that have enabled https Web service access via the AiCloud feature, [they] are vulnerable to un-authenticated directory traversal and full sensitive file disclosure," Lovett explained. "Any of the AiCloud options 'Cloud Disk,' 'Smart Access,' and 'Smart Sync' (need another verification on this one) appear to enable this vulnerability."</p> <p>According to Lovett, affected models include the RT-AC66R, RT-AC66U, RT-N66R, RT-AC56U, RT-N56R, RT-N14U, RT-N15, and RT-N16R. That's a lot of router models, though a <a href="http://news.softpedia.com/news/ASUS-Fixes-Vulnerabilities-in-RT-N66U-RT-N66R-and-RT-N66W-Routers-426689.shtml" target="_blank">recent firmware update</a> is supposed to have fixed the issue. Better late than never, right?</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/asus_finally_rolls_out_firmware_fix_major_router_vulnerability_2014#comments asus firmware hacking Router Security News Tue, 18 Feb 2014 20:43:14 +0000 Paul Lilly 27287 at http://www.maximumpc.com Forbes Falls Prey to Hacker Attack, 1 Million Email Addresses Compromised http://www.maximumpc.com/forbes_falls_prey_hacker_attack_1_million_email_addresses_compromised_2014 <!--paging_filter--><h3><img src="/files/u69/forbes.jpg" alt="Forbes Building" title="Forbes Building" width="228" height="207" style="float: right;" />Watch out for a spike in phishing attempts</h3> <p>There must not be anything to watch on cable, hence anyone can think of another reason why hackers are finding themselves so restless these days. In addition to <a href="http://www.maximumpc.com/kickstarter_apologizes_security_breach_advises_changing_your_password2014">Kickstarter suffering a security breach</a> in recent days, <strong>Forbes acknowledged on Facebook that it was targeted in a digital attack</strong> in which its publishing platform was compromised, along with the email address of every single registered user.</p> <p>User passwords were also stolen, though they were encrypted. Even still, <em>Forbes</em> is "strongly" encouraging its readers to change their passwords once the sign-on option is made available again. <em>Forbes</em> is also warning readers to be on the lookout for emails that purport to come from the site, as hackers may try to use the list of email addresses in phishing attempts.</p> <p>"We have notified law enforcement. We take this matter very seriously and apologize to the members of our community for this breach," <a href="https://www.facebook.com/forbes/posts/10152199924227509?stream_ref=10&amp;utm_campaign=forbestwittersf&amp;utm_source=twitter&amp;utm_medium=social" target="_blank"><em>Forbes</em> stated</a> on its Facebook page.</p> <p>The Syrian Electronic Army (SEA) is claiming credit for the security breach, saying on Twitter that Forbes "<a href="https://twitter.com/Official_SEA16/status/434926265217191936" target="_blank">deserved to be embarrassed</a>" because it "<a href="https://twitter.com/Official_SEA16/status/434927229894524928" target="_blank">has been so unethical</a>." SEA initially tried to sell the stolen data before claiming to have posted the information for free.</p> <p><em>Follow Paul on <a href="https://plus.google.com/+PaulLilly?rel=author" target="_blank">Google+</a>, <a href="https://twitter.com/#!/paul_b_lilly" target="_blank">Twitter</a>, and <a href="http://www.facebook.com/Paul.B.Lilly" target="_blank">Facebook</a></em></p> http://www.maximumpc.com/forbes_falls_prey_hacker_attack_1_million_email_addresses_compromised_2014#comments email Forbes hacking Privacy Security News Mon, 17 Feb 2014 19:41:08 +0000 Paul Lilly 27278 at http://www.maximumpc.com