Don't Close That Pop-Up Window!

"Clicking 'No' May Mean 'Yes'
Pop-Up Ads
Even with new browsers and security technology aimed at reducing or eliminating annoying pop-up ads, it seems that a few still manage to slip by on occasion. Many users simply close the pop-up box and continue with what they were doing. But, 'closing' the pop-up box may just be an invitation to download some sort of virus or other malware onto your system.
Pop-up ads often appear to be standard message boxes which users of Microsoft Windows operating systems are used to seeing. They typically contain a short message or alert of some sort and have a button or buttons at the bottom. Perhaps it asks if you would like to scan your system for spyware, and includes 'Yes' and 'No' buttons for you to enter your selection.
[more..]

43 Flaws Fixed in Mac OS X, QuickTime

Apple Computer's security update train rumbled into the station late May 11 with fixes for a whopping 43 Mac OS X and QuickTime vulnerabilities.
The company's Security Update 2006-003 patches 31 flaws in the Mac OS X, most of them serious enough to cause 'arbitrary code execution attacks.'
Apple also shipped QuickTime 7.1 as a major security overhaul to correct 12 code execution and denial-of-service flaws.
The Mac OS X mega update includes patches for Apple's flagship Safari browser and Mail client. According to the advisory, the Safari fix covers a flaw that could allow file manipulation or code execution if a user is lured to a maliciously rigged Web site.

In Mail, Apple said the bug could allow harmful code execution if a user is tricked into viewing a malicious e-mail message.
"By preparing a specially crafted e-mail message with MacMIME encapsulated attachments, an attacker may trigger an integer overflow. This may lead to arbitrary code execution with the privileges of the user running Mail," the company said.

The Mac OS X update also fixes code execution vulnerabilities in AppKit, ImageIO, BOM, CFNetwork, ClamAV, CoreFoundation, Finder, FTPServer, FlashPlayer, LaunchServices, libcurl, Preview, QuickDraw and QuickTime Streaming Server.

In the QuickTime 7.1 update, Apple ships 12 fixes for "application crash or arbitrary code execution" vulnerabilities.

The QuickTime bugs can allow a malicious hacker to launch successful attacks using different vectors; a specially crafted JPEG image; rigged QuickTime movies; specially created Flash, MPEG4 or H.264 movies; or maliciously crafted FlashPiX or BMP images.

[more..]

Macs Are now Virus Targets

Benjamin Daines was browsing the Web when he clicked on a series of links that promised pictures of an unreleased update to his computer's operating system.

Instead, a window opened on the screen and strange commands ran as if the machine was under the control of someone or something else.
Daines was the victim of a computer virus.
Such headaches are hardly unusual on PCs running Microsoft Corp.'s Windows operating system. Daines, however, was using a Mac � an Apple Computer Inc. machine often touted as being immune to such risks.
He and at least one other person who clicked on the links were infected by what security experts call the first-ever virus for Mac OS X, the operating system that has shipped with every Mac sold since 2001 and has survived virtually unscathed from the onslaught of malware unleashed on the Internet in recent years.
'It just shows people that no matter what kind of computer you use you are still open to some level of attack,' said Daines, a 29-year-old British chemical engineer who once considered Macs invulnerable to such attacks.
Apple's iconic status, growing market share and adoption of same microprocessors used in machines running Windows are making Macs a bigger target, some experts warn.
[more..]

Wireless Network Security for the Home

Wireless Security In just a few Steps!
Wireless networking is a great invention, but it comes with some security concerns as well. The problem with having the signal broadcast throughout your home or office is that it is difficult to contain where that signal may travel. If it can get from upstairs to your office in the basement then it can also go that same 100 feet to your neighbors living room. Or, a hacker searching for insecure wireless connections can get into your systems from a car parked on the street.
That doesn't mean you shouldn't use wireless networking. You just have to be smart about it and take some basic precautions to make it more difficult for curiosity seekers to access your network & the services that you are paying for. The next section contains six simple steps you can take to secure your wireless network.
[more..]

Creating secure(r) Passwords

Despite advances in biometric and other authentication technologies, the password remains as the primary line of defense between an attacker and your personal information in most cases. Users struggle to find a balance between passwords that are strong enough to provide secure protection, but easy enough to remember that they don't lock themselves out of their own
systems.

This article provides tips to help you create strong passwords that are
easy for you to remember but difficult for would-be attackers to crack.

Creating Secure Passwords

Threat analysis / assessment

There are plenty of threats to secure personal computing. Just using the Internet at all exposes you to identity theft, spyware, viruses and other security risks. The question of the day is this: in your opinion, what is the biggest concern or most insidious threat to your safe and secure use of your computer? Vote below and check out the poll results to find out what others think.
-Vote Here-

Computer Facts or Fictions?

One thing is true about urban legends: People love to repeat them. Better yet, they love to e-mail them.

Did you see the picture of the 4500-pound, man-eating alligator caught in New Orleans after Hurricane Katrina? Turns out he's not quite that big, and he's never been on this side of the Atlantic Ocean.
More recently, maybe you received an e-mail warning you about an Olympic Torch virus making the rounds that would 'burn' your computer's hard drive. Don't get hot and bothered over this one--it's also a hoax.
In fact, owning a computer opens the door to a host of myths and tall tales about the care and feeding of your pricey info system. And because a computer can be an expensive, mysterious piece of equipment, many cautious people take some of this maintenance 'advice' as fact. But rest assured, most of it isn't. [more...]

Caught a Virus lately?

Have you ever heard this one before, "You must run antivirus software and keep it up to date or else your PC will get infected, you'll lose all your data, and you'll incur the wrath of every e-mail buddy you unknowingly infect because of your carelessness"?
You know they're right. Yet for one reason or another, you're not running antivirus software, or you are but it's not up to date. Maybe you turned off your virus scanner because it conflicted with another program. Maybe you got tired of upgrading after you bought Norton Antivirus 2001, 2002, and 2003. Or maybe your annual subscription of virus definitions recently expired, and you've put off renewing.
It happens. It's nothing to be ashamed of. But chances are, either you're infected right now, as we speak, or you will be very soon.
[more..]

Second Apple worm targeting Macs found: experts

SAN FRANCISCO (Reuters) - A new computer worm targeting Apple Computer Inc.'s Macintosh computers has been identified for the second time in one week, security experts said.

The new worm, called OSX.Inqtana.A, spreads through a vulnerability in Apple's OS X operating system via Bluetooth wireless connections, antivirus company Symantec said.
'We have speculated that attackers would turn their attention to other platforms, and two back-to-back examples of malicious code targeting Macintosh OS X ... illustrate this emerging trend,' said Vincent Weafer, senior director at Symantec Security Response.
The latest virus...[more..]

Virus attacking Apple Macintosh PCs found!!

SAN FRANCISCO (Reuters)
A malicious computer worm has been found that targets Apple Computer Inc.'s Mac OS X operating system, believed to be the first such virus aimed specifically at the Mac platform.
The worm is called OSX/Leap-A, according to a posting on the Web site of antivirus software company Sophos, which said the worm is spread via instant messaging programs.
The worm attempts to spread via Apple's iChat instant messaging program, which is compatible with America Online's popular AIM instant messaging program, according to the Sophos Web site..
[more...]