Security

H-Security Online: Version 7.7 of QuickTime is now available for users running Windows XP SP2 or later and Mac OS X v10.5.8 Leopard. The maintenance and security update addresses a total of 14 security vulnerabilities in the multimedia application. QuickTime 7.7 closes holes on both platforms that could be used by an attacker to, for example, crash the application or execute arbitrary code on a victim’s system. For an attack to be successful, a victim must first open a specially crafted file or a malicious web site. A cross-origin issue that may lead to the disclosure of video data from another web site has also been fixed. The company notes that, for Mac OS X 10.6 users, these holes have already been addressed in 10.6.8; the latest version of Mac OS X, 10.7 Lion, is not affected. ...

BetaNews: There is a lot of buzz about a recent set of tests by NSS Labs that show the Smartscreen reputation system in Internet Explorer 9 head and shoulders and most of the rest of the body above the competition in blocking malware on the web. I think the results of the test are even more important than they seem, considering previous reports that Microsoft plans to make Smartscreen a base part of Windows 8. This would extend parts of the protection to any executable hitting the file system. This would be big news. ...

My Personal Opinion: I doubt if that site is really their official website or not Sophos Labs: Within days of the hacktivist group Anonymous announcing it was setting up its own social network (after being unceremoniously booted off Google+), its plans have taken a somewhat humiliating turn. AnonPlus, Anonymous’s planned social network, has been defaced by rival hackers. A group of hackers apparently based in Turkey replaced AnonPlus’s main webpage with an image of a dog wearing a suit, mocking the more normal Anonymous logo, and messages in Turkish and English: ...

Anonymous claims to have stolen around a gigabyte of classified NATO data The H-Online Security wrote: In a post on Twitter, the Anonymous hacker group said that it has managed to steal a number of secret documents from one of NATO‘s servers. As proof, Anonymous published two PDF documents from 2007 and 2008 that are allegedly from NATO. The classification “NATO Restricted” suggests that the documents are intended only for circulation within the organisation – if they are genuine. The hacktivists say they copied a gigabyte of data in total, but added that it would be “irresponsible” to publish most of the material. ...

This is an article posted in Google Online Security Blog, it’s about unusual traffics being sent from infected computers during search or web surfing, if you think this story applies to you too, try to clean your computers from malwares by following my manual here in my website: Malware Removal (Cross-posted from the Official Google Blog) The Internet brings remarkable benefits to society. Unfortunately, some people use it for harm and their own gain at the expense of others. We believe in the power of the web and information, and we work every day to detect potential abuse of our services and ward off attacks. ...

Norman Security Blog wrote a good article about Fake AVs and their new variants and how to protect ourselves, Credit to my friend, Pondus, for sharing this: Background Fake antimalware has become a profitable industry for the cybercriminals. New variants appear on a daily basis, and new techniques for tricking the users are fine-tuned. A few weeks ago we wrote in our security article – Cybercriminals focus on new targets – about fake antimalware for Apple’s Mac OS X operating system. In its security update 2011-003 for Mac OS X, available 31 May, Apple enhanced considerably its protection against malware. This includes the ability to automatically download new malware signatures, similar to the functionality found in standard antimalware tools. This signifies that Apple now regards its Mac OS X platform as a serious target for cybercriminals. ...

ghacks.net: Microsoft has just released a beta of a system recovery software. Microsoft Standalone System Sweeper has been designed to aid users in starting an infected PC and performing offline malware scans to remove viruses, trojans, rootkits and other forms of malware effectively. It is also used if malware is hindering the user to install or start an antivirus software on the infected system, or if the applications used to detect malware are not able to find the malware on the PC. ...

Facebook Security: Facebook is committed to bringing you a safe experience on the Internet, and today we are announcing several new features to help protect you while online. Partnership with Web of Trust First, we’re happy to announce a partnership with Web of Trust . Web of Trust is a free safe surfing tool that tells you which websites you can trust based on the ratings supplied by other Web of Trust community members. Facebook already has a system that automatically scans links to determine whether the websites associated with those links are spammy or contain malware. ...

Since 2003, the number of exploitable vulnerabilities has fallen considerably in Microsoft’s Office suite. H-Online: Independently of each other, security specialists Dan Kaminsky and Will Dormann from Carnegie Mellon University’s CERT have found that, in the past few years, the number of flaws and exploitable vulnerabilities in individual versions of Microsoft Office has fallen dramatically, achieving results that are even below those ofOpenOffice. However, their findings should be treated with caution, as they are based on automatic evaluations and say little about the actual threat potential. ...

Avira TechBlog: Today some updates need attention – they fix critical security issues and should be installed immediately! The update reign starts off with Apple. Critical security vulnerabilities are closed within the Safari web browser 5.0.5 – they allowed cyber criminals to smuggle in malware. For Mac users, additionally a security update is available for the Snow Leopard operating system. It fixes an issue with stolen certificates which arose a three weeks ago at Comodo and is amazingly tiny for an Apple security update, only 4 MByte. And then for iPhone, iPad and iPod Touch users the update to iOS 4.3.2 is available which basically closes the same security holes for the mobile devices as well. ...