security posts

Filed under: Security, Utilities, Windows, Commercial

Sandboxie on sale for half price until midnight ET

by Lee Mathews Oct 20th 2009

Sanboxie is a great little program. It provides an extra layer of security by forcing applications to write to an isolated "sandbox" instead of directly to your hard drive's filesystem. It's long been a favorite with Download Squad readers.

One other great feature of Sandboxie is its licensing. You only have to pay once. Ever - your registration is good for a lifetime (yours, of course).

On top of that, you're also allowed to install the app on every system you personally own and use.

Even better, there's a sweet 50% off discount available until the end of today. Just head over to Bits Du Jour and you can score Sandboxie for $19. That's an excellent deal for an app that can provide a major security upgrade for your Windows system.

Tags: sanboxing, sandboxie, security

Filed under: Security, Utilities, Windows, Commercial, Freeware, Windows x64

Winpatrol 2010 is out, and the little black scottie is leaner and meaner than ever

by Lee Mathews Oct 12th 2009

It's become a common practice to defend your PC with a handful of security apps rather than relying on a single program. One lesser-known app worth investigating is WinPatrol.

Just released, WinPatrol 2010 builds on the strengths of previous versions. It's now even lighter on memory use, weighing in at about 5Mb on my Windows 7 x64 system. Scotty's also learned to play nice by tweaking internal behaviors to reduce conflicts with antivirus applications.

The new version's cookies tab now handles Firefox and Google Chrome in addition to Internet Explorer. Users of the WinPatrol Pro will also enjoy improved realtime scanning speed - 30% quicker than the free version.

Winpatrol also scores serious points for its Pro licensing plan. Not only do you pay once for the software and receive a lifetime of upgrades, but developer Bill Pytlovany believes that your license should follow you - not your computer. That means you're free to enjoy your paid WinPatrol on any and all PCs that you personally own and use. Nice!

Both the free and pro versions of WinPatrol 2010 are available for download now, as is WinPatrol To Go -- the portable version, which is also free.

Tags: privacy, security, utilities, winpatrol

Filed under: Security, Beta, Browsers

Web of Trust (WOT) extension now available for Google Chrome

by Lee Mathews Oct 8th 2009

It's starting, people. Big name browser addon developers are starting to show Google Chrome some love. So far, we've seen AdSweep, RoboForm, LastPass (a personal favorite), and a few others.

Web of Trust is now onboard as well, announcing the release of their extension today. I've written about WOT before -- it's a great addition for anyone wanting a bit of added security and safety when they browse. It's listed in my 6 Windows tools to prevent PC problems on your own and 14 useful Firefox addons.

For those of you who are unfamiliar with WOT, it's a kind of community-powered rating service. Users submit trust, privacy, reliability, and child safety scores for sites they visit. When you browse a site that's in the WOT database, you'll see the result of those ratings in easy-to-understand color coding. Green is good, red is bad, yellow means exercise caution.

If you happen on a particularly bad site, WOT will block it completely and display an alert page instead and give you the choice to bail out or disregard the warning and continue.

The WOT .crx extension for Chrome can be downloaded from the Wiki, though it's a bit hidden in all the text. Here's a direct download link to make things easier for you. Like other recent extensions, you'll need to be running Chrome's developer channel build to use WOT.

Tags: crx, extensions, google-chrome, privacy, ratings, security, trust, web-of-trust, web-safety, wot

Filed under: Security, Mozilla, Beta, Browsers

Turn your head and cough, Firefox! Mozilla's plugin check is live

by Lee Mathews Oct 5th 2009

Whichever browser you happen to be using, there's more to keeping it up to date than running automatic updates for the browser itself. There are all those nasty plugins -- like Flash, Java, and Quicktime. Each one presents new opportunities for malware pushers, so an outdated plugin can put an unsuspecting web user at great risk.

Mozilla announced a while back that they were tweaking the "What's new?" landing page to alert users to possible danger. After a Firefox update installs the page is displayed in a new tab when your browser re-opens, hopefully urging you to update an unpatched Flash player.

Taking things a step further is the new Plugin Check, which looks at all the popular plugins. If things are up to date, you'll see only green "Learn More" buttons. If you fall behind and aren't running the latest version but there's no major risk, you'll get a yellow "Update" button.

If there's a known exploit fixed by a newer version of a plugin, you'll get an un-subtle red "Update NOW." And in the event that some horrible exploit is floating around with no known patch, the button will offer to disable the offending plugin for you.

Am I the only one daydreaming about a 1950's style public service announcement warning Johnny about this sort of thing?

"Not so fast, Johnny! You shouldn't be browsing with that old Flash Player plugin. Haven't your parents talked to you about unsafe browsing?"

Tags: firefox, flash, java, mozilla, online-safety, plugins, quicktime, security

Filed under: Security, Google, Yahoo!

Google and Yahoo banner ads delivering trojans

by Jay Hathaway Sep 28th 2009

Users who clicked on booby-trapped banner ads served by Google's DoubleClick and a Yahoo-owned service called Right Media ended up having their machines infected by a trojan, according to a report from The Register. The sneaky ads showed up on the Drudge Report, Lyrics.com, slacker.com and horoscope.com. Google says that publishers who use DoubleClick have to approve the banner ads that show up on their sites, implying that these four sites are at fault for the attack on their users.

The trojan itself was installed via an infected PDF file that opened and closed when a user clicked an ad. It's called Win32/Alureon, and it opens backdoor access to infected machines. This is serious business, and it's hardly the first time we've seen "malvertising," but who's to blame when it happens? Should site owners who buy ads have to scan them first, or should the big ad networks be responsible?

Tags: advertising, doubleclick, google, malware, security, trojan, yahoo

Filed under: Security, News, Blogging

Wordpress under attack, upgrade your blog now

by Jay Hathaway Sep 6th 2009

Several sites are reporting that a major attack on Wordpress blogs started yesterday. The latest version of Wordpress, 2.8.4, is not vulnerable to this particular worm, so upgrading now could save you a lot of headaches. The worm creates a new, hidden administrator account on your blog, allowing whoever's behind this thing to access the guts of your blog, databases and all.

How do you know if your site has been affected? Lorelle on Wordpress offers two possible ways to find out:

There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are "eval" and "base64_decode."

The second clue is that a "back door" was created by a "hidden" Administrator. Check your site users for "Administrator (2)" or a name you do not recognize.

Wordpress has acknowledged the attacks and encouraged users to upgrade their sites. Wordpress.com users aren't affected, as the whole system has already been updated to 2.8.4. If you've already been afflicted by the attack, start on the steps in Wordpress' FAQ.

[via Mashable]

Tags: exploit, security, upgrade, wordpress, worm

Filed under: Security, Adobe, Mozilla, Browsers

Mozilla tweaks Firefox "What's new?" page to check for outdated Flash plugin

by Lee Mathews Sep 4th 2009

Keeping your system is about more than running automatic updates to your OS. It also means keeping applications current - and they plugins they use since those have become a favorite target for exploits.

Plugins like Adobe's Flash Player. To that end, the crew at Mozilla have come up with a thoughtful tweak to the Firefox 'What's New?' landing page that will help keep future users running the latest (and hopefully most secure) version of the Flash plugin.

Any time you upgrade or install Firefox from now a few lines of Javascript code on the first run page check your current Flash version. A notice like the one above will recommend a prompt update if you're running behind, so it's quite likely that recent upgraders to Snow Leopard are going to see it.

Yes, Flash Player is supposed to keep itself updated automatically. However, plenty of users disable the update feature and it never hurts to offer another reminder just in case.

[via H Online]

Tags: adobe-flash-player, firefox, security

Filed under: Security, News, Windows, Beta

Trend Micro provides better web-based virus cleanup with Housecall v7

by Lee Mathews Aug 20th 2009

It's already been a big week for Windows antivirus, with the rollout of Immunet's new cloud based product and the first beta release of Avast! 5.0. Trend Micro also has an update for us -- a new version of their popular web-based scanner, Housecall.

Housecall v7 adds several new features and enhancements, including improved scanning speed and scanning history and restore functionality. On my test system, the full scan took just under three minutes. Not bad at all for a web-based tool.

Perhaps the most important change is that Housecall is now browser-independent, a change that is sure to be welcomed by non-IE users.

Remember, Housecall does not provide realtime detection. It's designed to complement your existing security software or to give you a fast, easy way to scan and clean infected machines that didn't have antivirus software installed.

It's also totally free to use, which is (almost always) a good thing when it comes to virus detection and removal.

Tags: antivirus, housecall, malware, security, trend-micro, trojan, virus, web-based

Filed under: Security, News, Windows, Freeware, Beta

Immunet releases free cloud-powered antivirus for Windows

by Lee Mathews Aug 19th 2009

They're not the first company to push out a cloud-based Windows antivirus product, but Immunet is hoping to make a splash with their newly-released beta of Immunet Protect.

"People are still getting viruses at alarming rates and traditional Anti-Virus software catches less than 50% of todays new threats," said Oliver Friedrichs (Immunet's Founder and CEO) in a press release. While I'm not sure I've seen numbers that support that statement I'm still always on the lookout for better free antivirus protection for my customers.

The key advantages of Immunet? They're pretty well the same as those touted by Panda: less bloat, no massive, frequent pattern updates to download, and an added splash of community collaboration to thwart malicious software. It's also light on system resources, barely impacting CPU usage and sitting just under 32Mb of memory during a system scan.

It's worth noting that only application installs are monitored in realtime by default. To activate application launch protection, open the program's main window and head to the settings screen.

As is also the case with Panda Cloud AV, Immunet doesn't want you to install it on Windows 7. It's only XP and Vista compatible for now. It does, however, install and perform just fine on Windows 7 if you run the installer in compatibility mode for Vista. It won't, however, be recognized by the Action Center's security monitoring.

To test the software, head on over to the Immunet website and download the beta. Don't mind the Facebook connect form - it's not required to get the download.

We've also added Immunet to our popular list of free antivirus software for Windows.

[via VentureBeat]

Tags: cloud-antivirus, immunet, malware, panda, security, trojan, virus

First beta download of Avast 5.0 free antivirus released [gallery]

by Lee Mathews Aug 19th 2009

It's a little bit behind schedule (it was slated for the end of July/early August), but the first Avast 5.0 beta has been released for testing.

The most noticeable change for most users will be the restyled interface - gone is the overstylized media player look. There are, of course, a number of other improvements and new features which I mentioned back in July.

Bear in mind that this is a full-on beta. The forum post lists numerous features that are not yet implemented including rootkit detection. Definitions are also not fully up to date and the behavior shield is not fully active either. On top of that, Windows 7's action center doesn't recognize Avast 5 as an antivirus program yet.

Casual users looking for protection should steer clear for now. Experienced users who understand the risks and want to see what Avast.next will look like? Go nuts. Download it from the post and try it out!

Otherwise, check the gallery after the break! The final product is due in October, and we'll keep you up to date on its progress.

Tags: antivirus, avast, malware, security, spyware

Filed under: Internet, Security, News

It's official, there's a crapload of malware on the Internet

by Lee Mathews Aug 14th 2009

Man, I wish this chart illustrated my salary over the past five years. Sadly, however, it's AV-Test.org's look at malware in the wild.

The actual number of unique samples doesn't necessarily mean all that much. So many of the nasties floating around the Internet are just mutations of other infections. Just look at the vast array of crud SmitFraudFix cleans up - it's a whole lot more than the original SmitFraud infection.

What's much more alarming is the number of infected PCs. Trend Micro points out the following in their blog post: "in the first six months of 2008, [Trend Micro] recorded that 253.4 million systems were infected with malware. The comparable volume for 2009 is almost double at 491.2 million."

That's a whole lotta infections. Trend's opinion on how to tackle the growing threat? Look to The Cloud, of course. They offer four possible benefits:

Each client is a part of a real-time global protection network.
When the network detects an Internet security threat on behalf of any one participant in the network, all participants are automatically and immediately protected.
All devices that connect to the Internet are protected. This protection complements your existing antivirus security solution.
There's correlation among the global protection network.

With so many threats, a global defense network makes a lot of sense to me. It would be even better if security providers joined forces to create a stronger, more responsive system than any one provider could on their own. I don't think I'll hold my breath waiting for that to happen.

What do you think? Sound off in the comments!

Tags: av-test, charts, graphs, malware, reports, security, spyware, statistics, trojan, virus

Filed under: Security, Apple, iPhone

iPhone software update fixes SMS vulnerability

by Jay Hathaway Aug 1st 2009

If you've got an iPhone, take the time this weekend to update your software to the latest version, 3.0.1. It doesn't have any flashy new features - sorry, no MMS just yet - but it closes a major security loophole that was made public at the Black Hat conference on Thursday. The exploit allows remote code execution on any iPhone, just by sending an SMS message.

In theory, this vulnerability could have been used to take control of large numbers of iPhones and access a huge amount of personal info, but Apple says no iPhones have been compromised by the SMS vulnerability. There was apparently a similar exploit for Android phones, but Google issued a patch before the Black Hat presentation. The iPhone 3.0.1 update is free, and available through iTunes.

Tags: apple, iphone, iphone-3.0.1, iphone-os, security, SMS

Filed under: Security, Windows, Microsoft

Windows 7 UAC flaw-by-design now classified as malware by Microsoft?

by Adam Maras Aug 1st 2009

Since we last brought you news about a UAC vulnerability in Windows 7, Microsoft opened their ears to the beta testers at the time and quickly released a patch that plugged the security hole.

However, another UAC flaw has been discovered in Windows 7. In fact, it's been quietly lurking around in the dark corners of the internet since February. What's different about this one is that not only does Microsoft not intend to fix the exploit, they're saying the functionality is by design, because UAC's primary purpose isn't security, or something like that.

I think.

After all, this whole situation would make a little more sense if Microsoft didn't just mark the popular proof-of-concept for this vulnerability as malware in the beta version of their new Microsoft Security Essentials software, as pictured above. Just to add a little more confusion to the situation, Windows Defender (another Microsoft security tool, which happens to be bundled with Windows 7) doesn't detect the exploit.

The verdict? It looks like the jury is hung on this one.

This vulnerability could be exploited to essentially circumvent UAC on some Windows 7 machines, and that's bad news. We'll keep you up-to-date with any developments on this security flaw.

Tags: exploit, microsoft, Microsoft Security Essentials, MicrosoftSecurityEssentials, security, UAC, windows 7, Windows7

Filed under: Internet, Security, E-mail, Microsoft

Using Hotmail as a secondary address? Be very careful

by Adam Maras Jul 29th 2009

If you're like me, you have at least two email addresses. One of these email addresses is for important business; you hand it out to co-workers, friends, and family, whose emails you actually want to pay regular attention to. The second email address is for other stuff, like signing up for newsletters, shopping online, or creating accounts for services on the web. Also, if you're like me, you might tend to forget to pay attention to that second email address for days, weeks, or months at a time. As it turns out, forgetting to check a free Windows Live Hotmail account might have some dire consequences.

According to the Windows Live help files:

Free Windows Live Hotmail accounts become inactive if you don't sign in for more than 270 days or within the first 10 days after signing up for an account. After an account becomes inactive, all messages, folders, and contacts are deleted. Incoming messages will be sent back to the sender as undeliverable. Your account name is still reserved. However, if the account stays inactive for an additional 90 days, the account name may be permanently deleted. If you don't use your Windows Live ID for 365 days, your Windows Live ID may be permanently deleted.

What does this mean to someone who is using a Hotmail address to sign up for things on the web? It means that, once your year of inactivity has passed, anyone can sign up for a Windows Live account with your expired username. The unintentional side effect of this is that if your Windows Live account expires, one could potentially create an account with the same name and use the password reset function on almost any online service attached to that email address, receive the email with the password (or further instructions) and take over your account entirely without your knowledge. This very technique is how the personal accounts of Twitter employees were taken over by malicious users.

Tags: hacking, hotmail, security, windows live hotmail, WindowsLiveHotmail

Filed under: Internet, Kids, Security

Students encouraged to put their hacker skills to good use

by Adam Maras Jul 29th 2009

Three major federal organizations are looking to include 10,000 high school and college students in what's being dubbed by the Center for Strategic and International Studies the "US Cyber Challenge." CSIS is making three challenges available to young Americans looking to both better themselves in the field of cyber-security and potentially earn themselves a position as a security specialist in one of the high-profile federal organizations (like the NSA or FBI) that deal with security of the utmost importance on a daily basis.

The Air Force Association is putting on the Cyber Patriot Defense Competition; the gist of the competition is to demonstrate the most effective techniques in preventing an attack on a corporate network from malicious intruders. The SANS institute is taking the opposite approach with its Netwars competition, by challenging participants to successfully break into simulated (but realistic) systems in a "capture-the-flag" format game. The Department of Defense Cyber Crime Center provides a less hacking-oriented Digital Forensics Challenge, where teams will use their skills to examine and investigate forensic data manufactured by the Department of Defense to try to gain access to hidden or encrypted data.

According to the AFA, the United States is the single most likely country to experience a crippling cyber-attack from terrorists. Because of this, the CSIS is looking for young students and IT workers who have or are interested in having expertise in the area of computer security. The participants in these challenges will be on the path to a career in security keeping any network safe, from a small corporate intranet to those super-secret documents tucked away by the high-profile federal organizations.

[via Switched]

Tags: defense, education, hacking, security, youth

Graveyard Shift - zombie-busting Time Waster

With Halloween fast approaching, it's a great time to get in some practice defending your territory against zombies. In Graveyard Shift, you take aim at zombies and other creepy-crawlies, blasting them into splatters of cartoony green guts. It's a casual first-person shooter, and it's very easy to get the hang of - use the mouse to aim, click to fire. Graveyard Shift has at least 15 levels, and it might even have some secret stages I haven't unlocked yet. They key to getting good at Graveyard Shift is learning to use ...

View more Time Wasters

Featured Galleries

Defective by Design, London: Protest Pictures

Download Squad at the Crunchies After-Party

Android First-look: Amazon.com MP3 Store

Flickr Pool

www.flickr.com

Download Squad bloggers (30 days)

#	Blogger	Posts	Cmts
1	Jay Hathaway	112	5
2	Lee Mathews	78	34
3	Sebastian Anthony	43	145
4	Brad Linder	39	8
5	Jason Clarke	32	0
6	Grant Robertson	9	12
7	Dolores Parker	7	2
8	Victor Agreda, Jr.	7	1
9	Nik Fletcher	4	0
10	Matt Heerema	3	3
11	Paul O'Brien	2	0
12	John Burke	1	0
13	Download Squad Staff	1	0

More Tech Coverage

Control Shift It's all about the experience
Somewhat Frank Perspectives on tech as it fuses in everyday life
Switched Gadgets, web news and commentary
Urlesque Exposing bits of the web

Download Squad