Security

Avira TechBlog: Today is a busy day for those who want to keep their computers secure: Many updates are available, from Adobes Flash Player over Apples Mac OS X operating system to the Firefox web browser. There is a security vulnerability in Flash player which became public as a zero day vulnerability a week ago. It has been attacked in a limited fashion. Now Adobe released this security update which users can download from the website of the company. As this security vulnerability already gets actively exploited, users and administrators should apply the update immediately. ...

Microsoft Malware Protection Center: On March 14, Adobe released a security advisory (APSA11-01) warning of 0-day attacks affecting Adobe Flash Player (versions earlier than and including 10.2.152.33). These attacks were hidden inside Microsoft Excel documents that were used as a vehicle to deliver the exploit. The Adobe Flash file embedded inside the Excel file is another carrier for the exploit. It loads shellcode inside memory, performs heap-spraying, and loads a Flash byte stream from memory to exploit the 0-day vulnerability, which is tracked as CVE-2011-0609. ...

Sophos Labs: Good news on the social networking security front is that Twitter has finally got its act together to offer an Always use HTTPS option. If you turn on this option, all of your personalized interaction with Twitter will be encrypted – not only while you are logging in, but also while you are posting tweets. A lot of people fail to recognize the value of using HTTPS on Twitter. As long as your username and password are sent over HTTPS, so no-one can sniff them out of the ether, who cares if your tweets go over plain HTTP? After all, a tweet is meant to be public. ...

Symantec: Only a few days ago, Japan experienced one of the worst earthquakes in its history. The earthquake registered 8.9 on the Richter scale and triggered an enormous tsunami. The heart-wrenching images on television have left the world shaken. It was the worst earthquake and tsunami in the past century and at least 50 countries have since received related tsunami warnings. As the death and injury tolls continue to rise, one must not forget those who awake to exploit such delicate situations—spammers continue to maintain the guise of charitable institutions and governmental organizations! Don’t be surprised to suddenly see an email message in your inbox marked as URGENT and pleading with you for “monitory help” [sic] or a phishing mail urging you to donate to the rehabilitation of those affected by the quake and tsunami. Use prudence in finding out the genuine intent of email senders before you reach out or respond. ...

Sophos Labs Blog: If you’re interested in computer security, you’ve probably heard of PWN2OWN. It’s a competition which has become an annual fixture at the annual CanSecWest conference in Vancouver, British Columbia. The competition gets its name because, as the CanSecWest organizers explain, “If you can execute arbitrary code (PWN) on these [laptops or mobile phones] through a previously undisclosed browser (Firefox, IE, Safari) exploit, you can go home with one (OWN).” ...

Avira TechBlog: Well, actually we expect some more updates as some security vulnerabilities have been revealed at the Pwn2Own contest during the CanSecWest security conference. Google is the first and pushes out version 10.0.648.133 – which fixes one security vulnerability within WebKit (the base of the Blackberry, Chrome and Safari webbrowsers). As usual, the update is spread via the built-in automatic update mechanism. Users can make sure to use the latest version by clicking on the tool symbol and choosing the “About Chrome” menu entry. ...

Safari just got served. At this year’s Pwn2Own conference, security firms and enthusiasts are doing their very best to discover and deploy exploits to some of the world’s most popular browsers. Chrome, Firefox, Internet Explorer, and Safari, they’re all on the menu for conference attendees and some have definitely faired better than others. Google issued a challenge, promising $20,000 to any person or team that could crack Chrome on the conferences opening day, but the two teams scheduled to take a swing backed down. Firefox is, for the time being, still standing, and, per usual, Microsoft’s Internet Explorer was taken down without much fuss. But which browser faired the worst? That would be Apple’s Safari. A French security research firm named Vulpen managed to break into Safari running on a MacBook Air in a cool five seconds. The company noted that the Safari update issued by Apple yesterday — version 5.0.4 — fixes some of the vulnerabilities, but not all. The takedown of Safari 5.0.3 used exploits that are still available in the updated code base. Go ahead Apple detractors, have a little fun in the comments section. ...

Avira’s Anti-Virus Technology Used by ZeoBIT in New System Utility – MacKeeper Avira provides anti-malware scanning engine to MacKeeper App Tettnang / Silicon Valley, March 11, 2011 – IT security expert Avira announced today that it licensed its industry-leading antivirus product to Silicon Valley-based ZeoBIT to be used in ZeoBIT’s MacKeeper product. MacKeeper is an all-in-one app that includes 16+ unique features for security, cleaning, data control and optimization for Macintosh computers. ...

Google Chrome Security Team wrote: We’re always working hard to enhance the Chrome browser with bug fixes, new defenses and new features. The release of Chrome 10 is no different, and there are some items worth highlighting: Chrome 10: Flash sandboxing With Chrome 10, our first cut of the previously announced Flash sandboxing initiative is now enabled by default for the Windows platform on Vista and newer. Additionally, because we automatically update Flash to the latest and most secure version, this should provide useful defense in depth. ...

BetaNews.com: Android handsets infected with malware are getting a cleaning job from Google. On March 2nd, Google removed 21 apps from the Android Marketplace that contained malicious code (the number of infected apps is now 58). Now Google is “remotely removing the malicious applications from affected devices” and “pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices,” according to a blog post by Rich Cannings, Android security lead. ...