Cody Taylor

CWmike writes “Internet Explorer 8 has shipped in its final version and is ready to take on its rivals. Preston Gralla reviewed it and says the latest version of Microsoft’s browser leapfrogs its closest competition, Firefox 3, for basic browsing and productivity features — it has better tab handling, a niftier search bar, a more useful address bar, and new tools that deliver information directly from other Web pages and services. IE8 has also been tweaked for security and includes a so-called ‘porn mode,’ new anti-malware protection, and better ways to protect your privacy. The most noticeable new features? Accelerators and Web Slices. Think of an Accelerator as a mini-mashup that delivers information from another Web site directly to your current browser page. Web Slices deliver changing information from a Web page you’re not actively visiting directly to IE8. There’s one big problem for many, though. No add-ins, and there doesn’t appear to be such an ecosystem on the horizon. So if you’re a fan of add-ins and customizing the browser itself, writes Gralla, Firefox is superior. But for the actual browsing experience, IE8 has the upper hand — for now.”

Read more of this story at Slashdot.

angry tapir writes “Diebold has released a security fix for its Opteva automated teller machines after cyber-criminals apparently broke into the systems at one or more businesses in Russia and installed malicious software. Diebold learned of the incident in January and sent out a global security update to its ATM customers using the Windows operating system. It is not releasing full details of what happened, including which businesses were affected, but said criminals had gained physical access to the machines to install their malicious program. Arrests have reportedly been made.”

Read more of this story at Slashdot.

KingofGnG writes “Conficker/Downup/Downadup/Kido malware, that according to Symantec ‘is, to date, one of the most complex worms in the history of malicious code,’ has been updated and this time for real. The new variant, dubbed W32.Downadup.C, adds new features to malware code and makes the threat even more dangerous and worrisome than before.”

Read more of this story at Slashdot.

A few hours ago, certain sections of The Pirate Bay were flagged by Google as containing malware and were subsequently blocked. Similar warnings are being shown by Firefox, which states that the world’s largest tracker is an “attack site”. The Pirate Bay team are working on the problem now.

pnorth writes “Malware writers that sell toolkits online for as little as 0 will now configure and host the attacks as a service for another , according to email offers cited by security experts. A technical account manager at authentication firm Vasco said that cyber crime is becoming so business-like that online offerings of malicious code often include support and maintenance services. He said ‘it was inevitable that services would be sold to people who bought the malware toolkits but didn’t know how to configure them. Not only can you buy configuration as a service now, you can have the malware operated for you, too.'”

Read more of this story at Slashdot.

pnorth writes “Malware writers that sell toolkits online for as little as 0 will now configure and host the attacks as a service for another , according to email offers cited by security experts. A technical account manager at authentication firm Vasco said that cyber crime is becoming so business-like that online offerings of malicious code often include support and maintenance services. He said ‘it was inevitable that services would be sold to people who bought the malware toolkits but didn’t know how to configure them. Not only can you buy configuration as a service now, you can have the malware operated for you, too.'”

Read more of this story at Slashdot.

eggegick writes “My wife has taken a number of college courses over the last three years and many of the classes used on-line materials rather than books. The problem was these required IE along with Java, Active X and/or various plug-ins (the names of which escapes me), and occasionally I’d have to tweak our firewall to allow these apps to run. I don’t think any of these training apps would work with Firefox. All of this made me cringe from a security point of view. Myself, I use just use Firefox, No-Script, our external firewall and common sense when using the web. I have a very old windows 2000 machine that I keep up to date. To my knowledge I’ve never had a virus or malware problem. Her computer is a relatively new XP machine, and this point she feels here computer has something wrong. But now she prefers to use my old machine instead of hers since it seems to be more responsive. We plan to run the recovery disk on hers. Assuming the college course work applications were part of the cause, what recommendations do any of you have when having to run this kind of software? Is there a VMware solution that would work — that is have a Windows image that is used temporarily for the course work and then discarded at the end of the semester (and how do you create such an image, and what does it cost?).”

Read more of this story at Slashdot.

eggegick writes “My wife has taken a number of college courses over the last three years and many of the classes used on-line materials rather than books. The problem was these required IE along with Java, Active X and/or various plug-ins (the names of which escapes me), and occasionally I’d have to tweak our firewall to allow these apps to run. I don’t think any of these training apps would work with Firefox. All of this made me cringe from a security point of view. Myself, I use just use Firefox, No-Script, our external firewall and common sense when using the web. I have a very old windows 2000 machine that I keep up to date. To my knowledge I’ve never had a virus or malware problem. Her computer is a relatively new XP machine, and this point she feels here computer has something wrong. But now she prefers to use my old machine instead of hers since it seems to be more responsive. We plan to run the recovery disk on hers. Assuming the college course work applications were part of the cause, what recommendations do any of you have when having to run this kind of software? Is there a VMware solution that would work — that is have a Windows image that is used temporarily for the course work and then discarded at the end of the semester (and how do you create such an image, and what does it cost?).”

Read more of this story at Slashdot.

DigitalDame2 writes “PCMag Security Analyst Neil Rubenking has always praised Symantec’s tech support. Lately, though, a number of readers have reported problems with chat support, so he investigated. Rubenking was trying to install Norton 360 version 3.0 on a malware-infested system when the computer crashed with a blue screen error. He connected with Symantec tech support and was told that they could fix the problem, but for a fee of 0! (Here is the transcript and screen-captures of the chat.) Even more, Symantec support suggested that he use a malware-removal tool that wasn’t even made by Symantec.”

Read more of this story at Slashdot.

**$tarDu$t** recommends a Washington Post Security Fix blog post dissecting the Tigger.A trojan, which has been keeping a low profile while exploiting the MS08-66 vulnerability to steal data quietly from online stock brokerages and their customers. An estimated quarter million victims have been infected. The trojan uses a key code to extract its rootkit on host systems that is almost identical to the key used by the Srizbi botnet. The rootkit loads even in Safe Mode. “Among the unusually short list of institutions specifically targeted by Tigger are E-Trade, ING Direct ShareBuilder, Vanguard, Options XPress, TD Ameritrade, and Scottrade. … Tigger removes a long list of other malicious software titles, including the malware most commonly associated with Antivirus 2009 and other rogue security software titles… this is most likely done because the in-your-face ‘hey, your-computer-is-infected-go-buy-our-software!’ type alerts generated by such programs just might… lead to all invaders getting booted from the host PC.”

Read more of this story at Slashdot.