security

Microsoft has warned Windows users to be on their guard against a piece of rogue antivirus software passing itself off as Microsoft Security Essentials. Security essentials 2010 is a piece of software Microsoft said installs a fake virus scanner on your machine and]monitors and blocks processes it doesn't like. The software will also block access to websites of antivirus and malware companies and flag up a warning message. You can see the list of blocked sites here.

Security essentials 2010 blocks access by downloading a Win32/Alureon component and another Layered Service Provider component, Microsoft's David Wood wrote on the company's Malware Protection Center blog. "This LSP monitors the TCP traffic sent by various Web browsers that the user might have installed, and blocks any traffic to certain domains," Wood said.

A  website called PleaseRobMe claims to reveal the location of empty homes based on what people post online.

The Dutch developers told BBC News the site was designed to prove a point about the dangers of sharing precise location information on the internet. The site scrutinises players of online game Foursquare, which is based on a person's location in the real world. PleaseRobMe extracts information from players who have chosen to post their whereabouts automatically onto Twitter.

"It started with me and a friend looking at our Twitter feeds and seeing more and more Foursquare posts," said Boy Van Amstel, one of PleaseRobMe's developers. "People were checking in at their house, or their girlfriend's or friend's house, and sharing the address - I don't think they were aware of how much they were sharing."

SANS' newly released Top 25 list of common programming flaws came with a little legal muscle, too, with representatives from SANs, Mitre, the U.S. Department of Homeland Security, the National Security Agency, and other organizations pushing for custom software developers to be held liable for insecure code they write.

A class action lawsuit has been filed against Facebook over changes that the social networking site made to its privacy settings last November and December.

It was a nice day as every other day. The only thing troubling me was I had to make some urgent calls and my balance ran out. As expected I rushed to the nearest top-up vending machine. A note posted outside said “out-of-service”.

Well to give you a brief about the place I live in a small town (if I can call it that) near London where one has to literally “work” to get even his/her daily needs stuff. As it happens I stay in the campus and there is just one top-up vending machine which was “broke” as of now. The nearest cash top-up is around 2-3 miles down to the town centre. Walking 5 miles to get a top-up would have been the last thing I could have imagined.

In December 2009, researchers at the security lab of Fraunhofer SIT announced a new way of circumventing the drive encryption technology provided by Microsoft Bitlocker (found in versions of Vista, Windows 7 and Server 2008). In addition to previous announcements from other researchers on the same topic, Fraunhofer were able to bypass this security even when used in conjunction with a Trusted Platform Module (TPM).

Pentagon released a report about how e-spies, software that download information or worse alter information, is their greatest threat in cyber warfare. Of course, all even remotely associated with infosec could have told them this decades ago, and of course, Pentagon has known all the time.

Todays challenge is the way social networks are used as a transport means to infect computers, and systems, inside the military. After all, the operators are simply humans, and humans can so easily be dubbed into clicking on the link stating "Is that really YOU in this video?".

As stated:

Guest post by: Tony Ball, Senior VP, Identity and Access Management (IAM), HID Global
Organisations around the world are facing more security threats to their business than ever before. Breaches of confidentiality, crippling cyber attacks and data theft by their own employees are just some of the issues that companies now have to contend with and plan for. These security threats can also necessitate taking a more tangible a pproach to security where controlling physical access to premises is high on the agenda for many companies.

This is Roer´s take on security 2010! Please share your comments and your own visions in the comments below!

1. Cloud security

We all are apprehensive of the security of our desktop or laptop at home. A single thought that someone might be tapping out network when we are keying in the Net-banking password or logging in to our email can run a chill down our spine. How do we prevent it all?