You click OK on a message while surfing the Internet and suddenly your computer is full of malicious software and viruses. That's bad. What could be worse worse, however, is when your brand new computer comes preloaded with malicious software.

Tuesday, according to ChinaTechNews.com, Asus announced a recall of it's Asus Eee Box PCs that it had sold in Japan because it was shipped with a virus.

The computers had a file called recycled.exe, residing on the D drive. Once executed, the file would copy itself to other drives, including USB drives, and install malicious software … Read more

Symantec on Tuesday announced two premium online services that help tweak the performance of PC desktops through remote access by qualified technicians.

Both services are only available to customers using Windows XP and Vista, and are open to customers not currently using any Norton products.

One is a diagnostic service called PC Checkup for $29.99. "Think of it like taking your car to the auto dealership service," said Lenny Alugas, vice president of Norton Premium Services. The technician will perform a series of tests then inform the customer if additional services are necessary. The second premium service, … Read more

Microsoft on Tuesday released its October 2008 security bulletin. The four critical bulletins concern Windows, Internet Explorer, Microsoft Host Integration Server, and Microsoft Excel. The patch for Internet Explorer is cumulative.

Microsoft is now sharing the technical details of new vulnerabilities in advance of so-called Patch Tuesday to give software developers a chance to update affected products before the public announcement.

Microsoft is also including within each bulletin this month an "exploitability index" to help system administrators prioritize the patches--1 is for consistently functioning exploits (of most concern), 2 is for inconsistently functioning exploits (of moderate concern), and … Read more

Back in 2002, Microsoft executives realized they had a serious problem at hand. As the primary target of a growing global community of amateur hackers and professional cybercriminals, Microsoft knew it had to do something to improve the security of its code or it was likely to become a party pooper at the online fiesta. The Bill Gates Trustworthy Computing e-mail of January 2002 got lots of PR focus, but Microsoft's real security work horse was a new development process called the Security Development Lifecycle (SDL).

Since 2004, all new Internet-facing software developed by Microsoft has gone through SDL. … Read more

The man accused by the U.S. government of accessing more than 73,000 U.S. military machines has lost his second appeal to the British Home Office against extradition.

Gary McKinnon's recent diagnosis of having Asperger's syndrome, a condition on the autistic spectrum, had not changed Home Secretary Jacqui Smith's decision that the self-confessed NASA hacker be extradited, McKinnon attorney Karen Todner said Monday.

"The secretary of state has advised via the treasury solicitors that, despite Mr. McKinnon's diagnosis with Asperger's, she will now be making arrangements for his extradition, pursuant to her … Read more

The world's largest quantum encrypted network has been unveiled in Vienna, Austria, providing a glimpse of how data could be securely transmitted in the future.

The network is the result of more than four years of work, with 41 organizations from 12 countries working to integrate quantum cryptography into a modern business network.

The project has been overseen by the European Union-sponsored SECOQC (Development of a Global Network for Secure Communication Based on Quantum Cryptography).

Quantum cryptography is a technique of sending information in a way that makes it impossible for people to intercept without corrupting the information in … Read more

If you think there are a lot of phishing scams cramming your e-mail in-box now, just wait--fraudsters have more tricks up their sleeve.

That's the message from McAfee Security Journal, due out Monday. Most of the articles deal with ways in which scammers use social engineering --not hacking--to dupe people into downloading malicious software to their computers or giving out their personal information, passwords, and bank account details to malicious Web sites.

One of the more interesting articles is titled "Vulnerabilities in the Equities Markets."

There have been headlines about people scamming the equities market by circulating … Read more

The computer network used by the World Bank Group has suffered a series of at least six intrusions since mid-2007, according to a report.

The World Bank Group was first notified of the intrusions by the FBI in September 2007, when the bureau was investigating another cybercrime case involving transactions out of Johannesburg, South Africa. Fox News said it has an internal memo (PDF) describing the initial intrusion to World Bank Group employees.

The World Bank Group did not respond to a request for comment.

The World Bank Group, based in Washington, D.C., is not a traditional bank. It … Read more

With the release of its Apple SA-2008-10-09 security update on Thursday, the Cupertino, Calif.-based computer company provided patches for nearly two dozen software flaws.

Some of the fixes included in the update, which can be obtained from Apple's Software Downloads page, are specific to Apple features, such as Single Sign On, Finder, and ColorSync. But the release also addresses an error introduced in Mac OS X 10.5.5. Other fixes are updates to open-source projects, including Apache, ClamAV, PHP, and Tomcat.

Apache This patch affects users of Mac OS X v10.5.5 and Mac OS X … Read more