Smartphone security to be delivered over-the-air

Symantec has announced that South African smartphone users will soon be able to install a mobile security product over the air. The service will be delivered through XON Systems, a Symantec ExSP partner, and will be a first for consumers in the region. It will be made available through all the major cellular service providers in South Africa that support the Symbian and Windows Mobile operating systems. The service will be delivered through a seamless ‘over-the-air’ install process, allowing users to activate Symantec Endpoint Protection Mobile Edition (SEP ME) on their smartphone by sending an activation code via SMS to … Continue reading Smartphone security to be delivered over-the-air

Searching for free stuff online can be costly

It’s common knowledge that you can catch computer viruses on porn Web sites. But did you know it’s also risky to surf the Web searching for free movies or music? A study from McAfee to be released on Tuesday finds that adding the word "free" when looking for entertainment content in search engines greatly increases the chances of landing on a site hosting malware. For instance, searching for free music ringtones increases the chances of hitting a malicious site by 300 percent, according to the report, "Digital Music & Movies Report: The True Cost of Free Entertainment." (PDF) Searching for … Continue reading Searching for free stuff online can be costly

Cybercriminals target SMB bank accounts

Cybercriminals have ramped up attacks on the bank accounts of small to medium businesses (SMBs), and tailor-made trojans are the weapon of choice, according to a report by Trustwave’s SpiderLabs. The Web Hacking Incident Database report by Trustwave’s SpiderLabs examined 158 publicly reported incidents in the first half of this year. The analysis excluded many small web defacement attacks listed on Zone-H.org since they would skew the data. It noted a "steep rise" in online attacks against financial institutions this year, particularly against accounts held by SMBs. The report also found an adjacent rise in the use of client-side banking … Continue reading Cybercriminals target SMB bank accounts

Australian enteprises to continue shift to outsourced services;Employees offered $20,000 to dob in bosses for software piracy, SMEs warned to use open source products

Australia’s secure content management (SCM) market is expected to double by the end of 2010 as businesses continue to migrate to outsourced services to cut costs, according to an analyst firm. http://www.cio.com.au/article/360564/australian_enteprises_continue_shift_outsourced_services/ Employees offered $20,000 to dob in bosses for software piracy, SMEs warned to use open source products Small businesses should explore free and open-source software instead of pirating programs, the Business Software Alliance has warned as part of a campaign encouraging workers to dob in their bosses for using illegitimate programs. The new campaign, which will run for two months and includes the use of billboard and other … Continue reading Australian enteprises to continue shift to outsourced services;Employees offered $20,000 to dob in bosses for software piracy, SMEs warned to use open source products

Hackers Target and Exploit Pirate Bay Ad Server

The advertising server of The Pirate Bay has been hacked and exploited to spread viruses and trojans among users of the site. The hackers targeted a vulnerability in the site’s software to offload the malicious files, causing sections of The Pirate Bay to be blocked by Google, Firefox and several virus scanners. Frequent visitors to The Pirate Bay may recall that this is not the first time that the site has been flagged in this manner. Similar warnings have been issued several times before, and every time these were related to malicious ads. As it is the only part of … Continue reading Hackers Target and Exploit Pirate Bay Ad Server

Mehika Twitter Botnet Targets Twitter Users

From TrendLabs: Leveraging social networking sites to gain control of user systems, and to make them part of botnets is no longer a new tactic. In a recent research, we came across a malware that uses a Twitter account to send out commands to the new Mehika Twitter botnet’s zombies. But why are cybercriminals using a social networking site to send out commands to botnet zombies? The answer is quite simple. Using a social networking site does not require installation, configuration, and command-and-control (C&C) server management. Instead, posting messages in a specific account can instantly send out commands and instructions … Continue reading Mehika Twitter Botnet Targets Twitter Users

Adobe revised Adobe Reader advisory; Released a new Advisory for Flash Player

From PSRIT blog: We just updated the Security Advisory (APSA10-02) posted on Wednesday, September 8, 2010 to include the planned schedule for a patch to resolve CVE-2010-2883. Adobe plans to make available updates for Adobe Reader and Acrobat 9.3.4 for Windows, Macintosh and UNIX during the week of October 4, 2010. In the meantime, we have provided a mitigation option for Windows users; see the Security Advisory for details. Please note that these Adobe Reader and Acrobat updates represent an accelerated release of the next quarterly security updates originally scheduled for October 12, 2010. With this accelerated schedule, we do … Continue reading Adobe revised Adobe Reader advisory; Released a new Advisory for Flash Player

Revised: Adobe Security Advisory APSA10-02 for Adobe Reader and Acrobat;Microsoft recommended EMET 2.0 to block 0-day exploits on Adobe Reader and Acrobat

From Adobe Product Security Incident Response Team (PSIRT) Blog: We just updated the Security Advisory (APSA10-02) posted on Wednesday, September 8, 2010 with a mitigation option for Windows users. http://blogs.adobe.com/psirt/2010/09/update-to-security-advisory-for-adobe-reader-and-acrobat-apsa10-02.html Security Advisory for Adobe Reader and Acrobat Release date: September 8, 2010 Last updated: September 10, 2010 Vulnerability identifier: APSA10-02 CVE number: CVE-2010-2883 Mitigations Current exploits in the wild target the Windows platform. Customers using Adobe Reader or Acrobat 9.3.4 or earlier on Windows can utilize Microsoft’s Enhanced Mitigation Evaluation Toolkit (EMET) to help prevent this vulnerability from being exploited. For more information on EMET and implementing this mitigation, please … Continue reading Revised: Adobe Security Advisory APSA10-02 for Adobe Reader and Acrobat;Microsoft recommended EMET 2.0 to block 0-day exploits on Adobe Reader and Acrobat

Nine (9) Microsoft Security Bulletins Next Week

There’ll be nine (9) Security Bulletins from Microsoft next week. Microsoft Security Bulletin Advance Notification issued: September 9, 2010 Microsoft Security Bulletins to be issued: September 14, 2010 http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx This month we will be releasing 9 bulletins addressing 13 vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office. Four of those bulletins carry a Critical rating, with the rest rated Important. We recommend as always that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible. Next Wednesday, September 15th, Adrian Stone and Jerry Bryant will … Continue reading Nine (9) Microsoft Security Bulletins Next Week

Craigslist urged to ban ‘adult services’ across all sites

Online auction site Craigslist is being urged to close its ‘adult services’ section on all of its global sites. Last month, two sex workers posted an open letter to Craigslist founder Craig Newmark in the Washington Post claiming the site wrecked their lives and accused it "facilitating trafficking" through its adult services section. As a result, earlier this week the online auction site closed its adult services section, but only on the US version of the website. However, four organisations that work on ending the sex trafficking of children and young women, are urging the site to roll-out the closure … Continue reading Craigslist urged to ban ‘adult services’ across all sites