Security & Privacy

What if your desktop security application could detect and remove a new threat that was only minutes old? That's the impetus behind McAfee Artemis Technology, announced on Monday.

Artemis, which McAfee plans to market within its 2009 consumer products as "Active Protection," is not focused on hourly updates, or even 15-minute updates, as rival Symantec has. It means instant detection, said Dave Marcus, director of security research and communications for McAfee Avert Labs.

McAfee's use of Artemis is similar to Trend Micro's use of cloud-based computing to analyze and produce new signature files within 15 … Read more

Updated Sept. 8 with National Geographic saying the app is not sanctioned by them.

Researchers have created a proof-of-concept application for Facebook that turned the machines of people who added the app to their Facebook page into elements of a botnet that in a demonstration launched denial-of-service attacks on a victim server.

"Social Network Web sites have the ideal properties to become attack platforms," according to a paper entitled "Antisocial Networks:Turning a Social Network into a Botnet," that was authored by five researchers from the Institute of Computer Science in Greece and one from the … Read more

It's been only a few days since Google released its Chrome browser, and security researchers are still digging into the software in search of the first few flaws.

A company in Vietnam has turned up the latest vulnerability in Chrome, according to a story posted to Information Week's Web site. Bach Khoa Internet Security says that the Chrome 0.2.149.27 release is susceptible to a critical buffer-overflow flaw, which could allow a remote attacker to take control of a PC. BKIS says it has reported the vulnerability to Google.

Here's how BKIS describes the vulnerability … Read more

On Thursday, Microsoft announced four security bulletins for Tuesday. The announcement is intended as a heads-up for IT departments before Patch Tuesday. All four are considered critical, the most serious ranking offered by the software giant.

Among the critical patches, two affect Windows Media Player, one affects Windows, while the other affects Microsoft Office. All could enable remote code execution if exploited.

Starting next month, Microsoft will be sharing the technical details of new vulnerabilities to give software developers a catch to update affected products before the public announcement. Also in October, Microsoft will start providing each bulletin with an … Read more

A peaceful protest supporting self-confessed NASA hacker Gary McKinnon took place this week in London.

About 35 backers showed up Tuesday in front of the Home Office to protest the extradition of McKinnon to the United States. They said he should instead be put on trial in the United Kingdom, where he lives.

McKinnon is accused of one of the biggest military hacks ever, slipping into computer systems belonging to the U.S. Army, Air Force, Department of Defense, and NASA. The U.S. government alleges that McKinnon's hacking activities caused $700,000 worth of damage. McKinnon has always … Read more

On Wednesday, researchers announced a flaw in how the Google Chrome browser behaves with undefined handlers. An exploit provided as a demonstration crashes the new browser.

In an article on the Securiteam site, Rishi Narang from Evilfingers says a crash can occur without user interaction. If a user is provided a malicious link with an undefined handler followed by a special character, Chrome crashes.

In Google-speak, the browser displays a message "Whoa, Google Chrome has crashed. Restart now?"

Narang found the fault in chrome.dll version 0.2.149.27. More details can be found on this Evilfingers page. … Read more

Microsoft has an idea for keeping children safe online: create "digital playgrounds," sites where visitors have to prove their age using digital identity credentials.

The idea was detailed in a paper Microsoft was set to release early on Wednesday as part of its Trustworthy Computing initiative. The concept builds on a notion called "End to End Trust" that Microsoft first proposed in April at the RSA Security conference.

The company is tackling the challenge of how to make the Internet safer not just for children, but also for adults wanting to conduct business, make transactions, and … Read more

Google's approach to privacy is a decade behind Microsoft, the Redmond software giant's chief privacy strategist told ZDNet Australia on Thursday in a video interview.

"Google's a great company, got some great products, but you know in some respects I think Google is where Microsoft was 7 or 10 years ago," Peter Cullen, Microsoft's chief privacy strategist told CNET News sister site ZDNet Australia.

Cullen heads up the privacy arm of Microsoft's Trustworthy Computing Group, which has led the company's drive to tackle security and privacy threats arising from its products. The … Read more

This guest post is from Marc Weber Tobias, an attorney and physical security specialist.

If someone asks to borrow your cell phone, or you leave it unattended, beware!

Unless you actually watch them use it, they may be secretly grabbing every piece of your information on the device, even deleted messages. If you leave your phone sitting on your desk, or in the center console of your car while the valet parks it, then you and everyone in your contacts list may be at risk, to say nothing of confidential e-mails, spread sheets, or other information. And of course, if … Read more