Security

It's hard to like the Windows Task Manager. It's clunky, makes drilling into computer's processes nigh impossible, and offers little help into what's going on. Like most native Windows tasks, though, there are freeware replacements available. Today we're looking at three of them: Process Explorer, Security Process Explorer, and Process Manager 2 Lite, all of which have recently received updates.

… Read more

Today the FBI announced the completion of Bot Roast II, the second phase of an ongoing investigation into the creation and use of botnets for illegal online activity. Botnets are networks created by remotely controlling several hundred or several thousand compromised computers worldwide. In 2007, botnets have been used by criminals in various ways to make money online. The ongoing investigation, in at least one specific case, is being assisted by the U.S. Secret Service.

Among the results announced today are three new indictments, the guilty pleas from two others, and the sentencing of three others. To date, the … Read more

Comodo Firewall Pro gets a major revision from its publisher, upgrading to version 3 with some significant changes. Most importantly, user complaints about resource hogging when version 2 came out have been all but eradicated with the new model.

… Read more

In the late 1990s, we all predicted big things around managed services. As we close 2007, we are all predicting big things for Software as a Service (SaaS). What's old is new again but this time we may be right.

Case in point, managed security. A few years ago, enterprise security professionals were too proud and too paranoid to even think about outsourcing security management. As Bob Dylan sang, "the times, they are a changin'." According to a recent ESG Research survey 50 percent of large organizations (i.e. more than 1,000 employees) are either "… Read more

There would have to be something seriously wrong with us if we willingly discussed infections--digital or other. But virus protection is something we all need, and what better way to protect ourselves than to use the scariest-sounding anti-virus software on the planet?

BullGuard Internet Security 8 launched recently, and immediately appealed to us as it combines anti-virus, anti-spyware, firewall, spam filter, online backup and technical support. That's almost everything you could ever need from a digital prophylactic--for 44.95 pounds a year (about $93).

Old-school file sharers should remember BullGuard: It was built into the Kazaa P2P client to … Read more

IBM has released a patch for highly critical security flaws in its Lotus Notes, following the discovery of vulnerabilities in a third-party software component used in Lotus 1-2-3.

Users who open a malicious file attachment can trigger a buffer overflow, as Lotus 1-2-3 tries to process the Lotus Worksheet file format. The vulnerabilities could allow a malicious attacker to take control of a user's system remotely and execute arbitrary code, according to Core Security Technologies, which issued a security advisory on Tuesday.

"Although these specific vulnerabilities exist on a third-party component, the problem is compounded by the way … Read more

David Maynor is back on his Apple security hobby horse and rocking it faster than a 5-year-old hopped up on pre-holiday candy canes. Despite his usual over-the-top Apple invective, he makes some valid points and provides some helpful information for people using QuickTime on Windows.

Apple announced ASLR as a feature in their latest version of the operating system, Mac OS X 10.5 (TigerLeopard). However, Apple largely lied.

You might be surprised to hear the Macalope agree with Maynor, but he's right. OK, maybe [See update below] "lied" is too strong, but they certainly misrepresented it.… Read more

Malicious attackers are increasingly setting their sights on targeted phishing attacks, or "spear" phishing, and custom-built applications, pushing these two areas into Sans' Top 20 Internet Security Risks of 2007.

The report, released Tuesday, provides a glimpse into the nefarious activities of online attackers and the issues faced by security firms.

"Spear phishing has had its most critical and damaging impact in military and civilian government organizations and military contractors who build weapons and more," said Alan Paller, Sans Institute research director.

He estimated that 90 percent of the attacks that caused the greatest damage over … Read more

Whether your pilgrimage tour makes it to Bethlehem or ends up as Mediterranean fish bait may all depend on a credit-card-size keypad designed to prevent hijacked airliners from entering Israeli airspace.

Starting next year, Israel will require all airlines flying into its airports to use a new Security Code System device designed to prevent a 9/11-style attack by identifying commandeered planes before they enter the country's airspace, Reuters reported last week.

Elbit Systems, the company that developed the device, declined to go into technological and procedural detail. But judging by the keypad, it's possible that the pilot … Read more