Peaches

Windows 7 vs Windows Vista Microsoft desktop operating systems compared Frank J Ohlhorst Microsoft recently announced the dates it intends to release the RTM version of Windows 7. We take an in-depth look at what is new and different about the new OS. This week, Microsoft announced that it would be making the Release to Manufacture (RTM) version of Windows 7 available from August. The company is obviously hoping that Windows 7's new and enhanced features will be enough to entice users back into the Microsoft fold and finally put Windows XP to rest. But the real question is: will Windows 7 com

3 tools to help you manage Twitter & Facebook These websites make it easier to update multiple networks David Strom While social networks such as Facebook and Twitter can be fun and certainly benefit businesses immensely, but there's no doubt that updating each individual profile is time consuming. However, there are a number of multiple posting services that can help you send a variety of information to a collection of sites, including blog posts, photos, videos and status updates. For this roundup, I looked at three: Ping.fm, Pixelpipe and the unpronounceable Quub. All are free, all are

Emergency Microsoft security patches on the way 'Out-of-band' fixes for Internet Explorer & Visual Studio Robert McMillan Microsoft is taking the unusual step of rushing out two emergency security patches ahead of its regularly scheduled updates on August 11. The patches will include a critical fix for Internet Explorer as well as a related Visual Studio patch rated 'moderate' urgency by Microsoft. "The Internet Explorer bulletin will provide defence-in-depth changes to Internet Explorer to help provide additional protections for the issues addressed by the Visual Studio bulletin," Micros

Adobe users susceptible to 'highly critical' attacks Acrobat, Reader and Flash Player exposed John E Dunn For at least the next week users of Adobe's Acrobat Reader and Flash Player will be vulnerable to a zero-day exploit now rated as ‘highly critical', security companies are warning. Adobe owned up last week to the issue, which affects all platforms running Flash Player v9.0.159.0 and v10.0.22.87, and Reader and Acrobat 9.x, describing known exploits as 'targeted attacks' on the Reader app. "We are in the process of developing a fix for the issue, and expect to provide an update for Flash P

Chinese Android phones to launch in Europe Three handsets to hit Europe this year By Owen Fletcher Mobile phones from Chinese manufacturers that feature Google's Android operating system look set to hit Europe later this year. The company has four partners that will brand and sell the Android phone, the engineer said, declining to give their names. The partner launching the phone in Europe is a global brand, he said. Chinese companies Huawei Technologies and Haier have also revealed plans to sell Android handsets in Europe. Huawei has said T-Mobile will launch its Android phone during the th

July 25, 2009 3:58 PM PDT HP researchers develop browser-based darknet by Tom Espiner Two researchers for Hewlett-Packard have created a browser-based darknet, an idea that could make it easier for businesses to keep eavesdroppers from uncovering confidential information. Darknets are encrypted peer-to-peer networks normally used to communicate files between closed groups of people. Most darknets require a certain level of technological literacy to set up and maintain, including taking care of the necessary servers. However, HP researchers Billy Hoffman and Matt Wood plan next week to demon

Biggest, Baddest Botnets: Wanted Dead or Alive Ellen Messmer, Network World Botnet attacks are increasing, as cybercrime gangs use compromised computers to send spam, steal personal data, perpetrate click fraud and clobber Web sites in denial-of-service attacks. Here's a list of America's 10 most wanted botnets, based on an estimate by security firm Damballa of botnet size and activity in the United States. No. 1: Zeus Compromised U.S. computers: 3.6 million Main crime use: The Zeus Trojan uses key-logging techniques to steal sensitive data such as user names, passwords, account numbers and c

Jul24 Another Day, a New Zero-Day Exploit for Adobe It has been a busy week for Adobe as only a few days after the software company announced that it would put up a vulnerable PDF Reader on its download site, a more serious one bubbled up. Trend Micro researchers recently came across samples that exploited a new zero-day vulnerability in Adobe Reader 9.1.2 and Adobe Flash Player 9 and 10. The exploit arrives as a PDF file embedded with Flash objects and malicious binary files. The Flash object contains a shellcode that allocates heaps of blocks in a system’s memory. The exploits uses a techniq

24 July 2009, 21:21 Microsoft builds a sandbox for Office 2010 Microsoft's developers have realised that, it's impossible to find and fix all of the errors and vulnerabilities in the Office suite because of its complexity due to the number of old formats that it has to support. On the other hand, Microsoft Office applications are a prime target for trojan and malware writers that seek out security vulnerabilities to exploit for targeted attacks. According to a post on the Microsoft Office product development group blog by Brad Albrecht, future Office programs are going to open all documents th

25 July 2009, 19:12 Unscheduled patches for Microsoft IE and Visual Studio In a "Security Bulletin Advance Notification" on TechNet, Microsoft announces that two unscheduled security patches for Internet Explorer and Visual Studio will be published on Tuesday, 28 July. This is unusual and indicates a particularly serious security vulnerability, since Microsoft normally provides software updates in batches on the second Tuesday of the month, known as “patch Tuesday”. Versions 5, 6, 7 and 8 of Internet Explorer, Visual Studio .NET 2003, 2005 and 2008, and Visual C++ 2005 and 2008 running under

HAPPY BIRTHDAY Rich .. enjoy your day and may the rest of the year be just as enjoyable. cheers,

July 22, 2009 3:42 PM PDT Gmail offers auto-unsubscribe feature for newsletters by Elinor Mills Ever sign up for a newsletter and then regret it later and feel too lazy to go back to the source and unsubscribe? Well, instead of just marking the messages as spam and hoping the problem goes away you, can use a new Gmail feature to solve the problem. Google has added an auto-unsubscribe feature to Gmail that will unsubscribe you from mailing lists that you may have signed up for but then decide you don't want after all. The feature was being tested on Wednesday for certain Gmail users and was

SonicWALL Rolls Out Anti-Spam Service On Its Firewalls Comprehensive Anti-Spam Service integrates with SonicWALL TZ, NSA, and E-Class NSA Series security appliances Jul 23, 2009 | 10:52 AM SUNNYVALE, Calif., July 16 /PRNewswire-FirstCall/ --SonicWALL, Inc. (Nasdaq: SNWL), a leading secure network infrastructure company, today announced the SonicWALL Comprehensive Anti-Spam Service (CASS), a solution delivering advanced spam protection fully integrated with SonicWALL's Unified Threat Management Firewalls. The new service is designed to be easily enabled on SonicWALL TZ, NSA and E-Class NSA Se

23 July 2009, 12:49 Zero-day vulnerability in Adobe Flash Player, Reader and Acrobat Adobe is warning of a critical security vulnerability in its current Flash Player for Windows, Macintosh and Linux. Adobe Reader and Acrobat 9.x for all platforms are also affected. The vulnerability is already being actively exploited two ways, via crafted PDF documents and manipulated web sites (drive-by downloads). It's reported that the exploit used in drive-by downloads can infect the PCs of users of both Internet Explorer and Firefox. Adobe is working on a solution to the problem and believes that it wi

Twitter: A Growing Security Minefield As Twitter becomes more mainstream, the microblogging service is also becoming a bigger target for malware and scams. Robert Vamosi, PC World In June, the world watched as tweets from the streets of Tehran flooded Twitter. Frequent Twitter users--and people who hadn't even heard of the microblogging service--were suddenly and simultaneously witnessing its potential. At the same time, antivirus vendors were warning of new phishing attacks that spread via Twitter. Using Twitter accounts, phishers would follow users and then infect them via a link to a fake p

Keep XP in Tip Top Shape Long After Vista is Dead Get a closer look at some of the programs you can use to get Vista's features in XP -- and to keep XP operating smoothly for a long, long time. Preston Gralla and Dave Methvin, Computerworld Windows Defender Editor's note: This image gallery accompanies our story "How to make Windows XP last for the next seven years." Click through to that story for the full set of tips and tools. Microsoft's free Windows Defender antispyware tool is exactly the same on Windows XP as on Windows Vista. Be sure to use at least one other antispyware program as a b

Launches Panda Cloud Antivirus Beta2 Free thin-client antivirus protection includes a number of new features Jul 22, 2009 | 05:30 PM London, July 20, 2009: Panda Security, The Cloud Security Company, today announced the general availability of the Beta2 version of Panda Cloud Antivirus, the industry's first and only free, thin-client, cloud-based antivirus which halves the impact on computer performance compared with traditional antivirus products. Users can download this new version for free from http://www.cloudantivirus.com (available in English, Spanish and German). Since its launch, Pa

22 New KOOBFACE Upgrade Makes It Takedown-Proof by Jonell Baltazar (Advanced Threats Researcher) Early this week, the KOOBFACE Command and Control (C&C) servers issued a new command to its downloader component. This new command identifies a list of IP addresses to be used by the downloader component as Web or relay proxies to retrieve subsequent commands and components. In the old KOOBFACE architecture (see Figure 1), the downloader directly connects to an available C&C to receive commands. However, the new command seen early this week actually changes the KOOBFACE botnet architectur

SMobile Systems Releases Solution To Remove Spyware Pushed To BlackBerry Users The BlackBerry Spyware, which intercepts email and drains battery life quickly, was pushed as an update to BlackBerrys on the Etisalat network Jul 22, 2009 | 05:22 PM COLUMBUS, Ohio, July 15, 2009 " SMobile Systems, the leading provider of security solutions for mobile phones and maker of the only Antivirus and AntiSpyware applications in the world for BlackBerry devices, has released a solution for the recent spyware-laden update sent out to BlackBerry users on the Etisalat network in the United Arab Emirates. T

22 July 2009, 10:32 Firefox 3.0.12 patches critical vulnerabilities For users that haven't already updated to the latest Firefox 3.5 release, Mozilla has released Firefox 3.0.12, patching one high risk and five critical security vulnerabilities in their popular open source web browser. The security update addresses a critical vulnerability in the Firefox browser engine that could lead to it crashing, resulting in memory corruption and the possible execution of arbitrary code. A second critical vulnerability has been patched that could potentially be used by an attacker to execute arbitrary co

22 July 2009, 17:43 Root vulnerability in DD-WRT free router firmware The management interface of the current stable version of DD-WRT, the free router firmware, suffers a vulnerability that lets attackers run programs with root rights on the router. The vulnerability, described at milw0rm and in the DD-WRT forum, is caused by inadequate handling of meta-characters in the query string in DD-WRT's httpd web server. The server will then run programs even when no session is running. Furthermore, the management interface runs with maximum rights. That means attackers can input a URL such as "http

War-Drive' For Insecure WiFi In Homes, Businesses Queensland authorities reportedly launch awareness program to find and warn users with vulnerable wireless networks Jul 21, 2009 | 03:07 PM By Kelly Jackson Higgins DarkReading Police in Australia are trying to get one step ahead of cybercriminals by war-driving around neighborhoods to sniff out insecure WiFi networks in homes and businesses. According to published reports, the Queensland Police plans to dispatch officers in squad cars to sniff out insecure and open WLANs. More specifically, the department will select specific geographic ar

July 21 More Zero-Day Exploits for Firefox and IE Flaws by Jovi Umawing (Technical Communications) Earlier today, Senior Threat Researcher Joseph Reyes spotted several malicious script files that exploited Mozilla Firefox and Microsoft Internet Explorer vulnerabilities: JS_DIREKTSHO.B exploits a vulnerability in Microsoft Video Streaming ActiveX control to download other possibly malicious files. JS_FOXFIR.A accesses a website to download JS_SHELLCODE.BV. In turn JS_SHELLCODE.BV exploits a vulnerability in Firefox 3.5 to download WORM_KILLAV.AKN. JS_SHELLCODE.BU exploits a vulnerability in M

PGP Portable for Windows and Mac OS X The PGP Corporation has announced the launch of a new mobile data protection and security product called PGP Portable. With PGP Portable, users can protect any device or any media, such as a USB flash drive or DVD, using software-based FIPS 140-2-validated encryption. PGP Portable is cross-platform and will work with Windows and Mac OS X using Explorer or Finder to open the protected media. Additional software or special machine privileges are not required to decrypt the media and automation and provisioning are also supported. Heise security - http://www

Marshal8e6: Spam Hits All-Time Record High Since the beginning of July, spam volumes, as measured by TRACElabs Spam Volume Index, have continued to climb steadily Jul 21, 2009 | 01:45 PM ORANGE, Calif. & BASINGSTOKE, United Kingdom--(BUSINESS WIRE)--Spam volumes have reached a new all-time high say experts from the Marshal8e6 TRACElabs. TRACElabs reported in their mid-year security report last week that spam volumes were up 60% from the start of 2009 until the end of June. Since the beginning of July, spam volumes, as measured by TRACElabs Spam Volume Index, have continued to climb stead