Security

Malware and Vulnerabilities Topic Center

Get the latest news, advice and in-depth analysis on malware, including information on viruses, worms, Trojans and zero-day vulnerabilities

Is cloud-based security really less expensive?

Businesses in new study were five times more likely to have decreased spending on managing security over three years as a percentage of their overall IT budget.
Read more...

Android hackers hone skills in Russia

The malware business growing around Google Android -- now the leading smartphone operating system -- is still in its infancy. Today, many of the apps built to steal money from Android users originate from Russia and China, so criminal gangs there have become cyber-trailblazers.

Microsoft anti-bloatware service to apply to Windows 8 PCs, too

A Microsoft in-store program that scrubs "bloatware" from Windows PCs will also be offered when Windows 8 machines reach the market later this year, a company representative said.

Google releases Chrome 19, adds tab sync and patches 20 bugs

Google released Chrome 19, patched 20 vulnerabilities in the browser and doled out $16,500 in bug bounties and rewards to independent researchers.

Wikipedia warns users about malware injecting ads into its pages

Rogue browser extensions might inject commercial ads into Wikipedia pages, Wikimedia Foundation said

Apple ships first Leopard security update in nearly a year

Apple on Monday issued its first security-related update for OS X 10.5, or Leopard, in nearly a year, to disable long-outdated versions of Adobe's Flash Player.

Adobe backpedals, will now patch software for free

After being pummeled by customers and security experts for telling users to spend hundreds of dollars on upgrades because it wasn't going to patch critical bugs in older versions of its software, Adobe has reversed course.

Adobe: Pay upgrade price to patch critical bugs

Adobe has told users of its Creative Suite, which includes the company's premier products like Photoshop and Illustrator, to spend $375 to upgrade if they want patches for eight critical vulnerabilities.

Amnesty International UK website compromised

The U.K. website of Amnesty International, a human rights watchdog organization, was compromised by hackers, who used it to infect visitors with a remote access Trojan horse program known as Gh0st RAT.

Police-themed ransomware targets U.S., Canadian users

A ransomware application that locks computers and asks their owners to pay fines for allegedly violating several laws through their online activity is targeting U.S. and Canadian users, malware experts from security firm Trend Micro said on Wednesday.

Red Alert for Child Pornography

A .mov file with a highly suggestive name is enough to kick off an investigation into what's on an employee's PC.

Who's Got Your Mail?

When a chance discovery reveals that anyone in the company can access one executive's email, the brainstorming begins.

Lessons for IT, Apple in Flashback brouhaha

Although the number of Flashback-infected Macs is on the decline, the reverberations from the outbreak will affect Apple and the businesses that have increasingly adopted Macs. Columnist Ryan Faas explains.

Why Switching OS Platforms Is Not a Security Fix

It has been a rallying cry against Microsoft Windows for years: to avoid malware and security issues, just stop using Windows. The mantra has traditionally been embraced by both Mac and Linux users, but as Mac OS X users deal with the fallout from the Flashback malware attack, some Linux supporters are turning the tired attack even against the Apple OS.

Apple Flashback Malware Removal Includes Innovative Approach to Reducing Risk for Macs

Better late than never? Apple has released the third Java update in a week for Mac OS X, and this one contains the tool to remove the Flashback malware from infected systems. Beneath the belated fix to help users eradicate the threat, Apple has introduced a proactive approach to reducing security risk that other vendors should take note of.

Make Web Apps More Manageable With Minimalist for Everything

Google Reader and Gmail are two of the most customizable Web apps available today. Need a different inbox layout? Sure thing. Want to change the colors or visual density? No problem. Still, some interface elements, like the Google Bar at the top of the window, will never go away, no matter what you do. If you wish they did, try free Chrome extension Minimalist for Everything.

The Macalope Weekly: Living in denial

It's a terrible thing to live in denial. If the Winotaur had an ounce of self-awareness he could tell you. Google's also living in denial if it thinks we're putting its dorky glasses on to watch their ads. And get ready for this week's magical after-school special ending, because some of you Mac users are in denial, too.

Mac Malware Outbreak Is Bigger than 'Conficker'

An estimated 600,000 or more Macs are currently compromised and part of a massive botnet thanks to the Flashback Trojan. To put the size of the threat in some perspective, the Flashback Trojan botnet is even bigger than the massive Conficker botnet...relatively speaking.

Security Manager's Journal: When executives want to be above the law

Security policies work best when they apply equally to everyone in the company. Of course, there are always some people who think they should be exceptions.

Researcher releases exploit code said able to crash pcAnywhere

Exploit code targeting a newly identified vulnerability in Symantec's pcAnywhere computer remote control product has been published on the Internet, exposing its users to possible attacks that disrupt the software's functionality.