Security and spyware

Some malware groups have recently been found to be taking advantage of an old, patched vulnerability in Microsoft Office for OS X in an attempt to spread command-and-control malware to OS X systems.

The vulnerability used in the attack is outlined in a Microsoft security bulletin in June 2009, which applied to all versions of Office 2004 version 11.5.4 or earlier, Office 2008 version 12.1.8 or earlier, and OpenXML Converter 1.0.2 or earlier.

The vulnerability was patched soon after it was found, and currently all supported Office programs are well beyond these versions. However, … Read more

Two new features designed to protect your privacy while you browse the Web and guard you against misleading SSIDs come to all three AVG suites in a service pack update.

The Service Pack 1 update for AVG Anti-Virus Free 2012, AVG Anti-Virus 2012, and AVG Internet Security 2012 are available exclusively today from Download.com.

Both of the new features are available to free and paid users, but the tracking ad blocker called AVG Do-Not-Track is the big one. It works similarly to Do Not Track Plus. While the toolbar is an optional browser add-on, AVG Do-Not-Track appears to be … Read more

Recently a new variant of the Imuler/Revir Trojan malware for OS X was found being distributed disguised as erotic images that, if installed on a Mac system, would attempt to steal personal information then upload them to remote servers. The malware's initial variants included offensive political material, but in its recent iteration has been distributed disguised among a collection of cover girl images in an obvious attempt to trick people into opening the application.

While these attempts are relatively easy to avoid, security company F-Secure has been monitoring a more serious threat from the Flashback malware for OS … Read more

Google is seen by many as the de facto standard for Internet search. But the company may not always be king of the castle, says famed Internet pioneer Vint Cerf.

Speaking at the Life Online exhibition at the the National Media Museum in the United Kingdom, Cerf downplayed any potential danger in Google's Web dominance, according to blogging site Pocket-Lint. The father of the Internet, who's also a VP and Chief Internet Evangelist at Google, pointed to healthy competition from Bing and other search engines.

But Cerf said that Google's role as top dog in the search … Read more

Has an employer or potential employer ever requested access to your Facebook account? If so, Facebook itself advises you to just say no.

Responding to growing complaints from employees over the practice, Facebook made its own position quite clear in a post published today. Noting an increase in the number of such requests from employers, the social network said they undermine both the security and the privacy of the user and the user's friends.

And the practice can put employers themselves at risk.

Companies making such requests may not have the right policies or training in place to deal … Read more

Today's malware purveyor bears little resemblance to the outcast-teenage-loner caricature popular in days past.

Last November the FBI's Operation Ghost Click led to the arrest of six Estonians charged with promulgating the DNSChanger malware, which the FBI claims allowed the gang to steal $14 million by manipulating the servers of online advertisers. Unfortunately, DNSChanger is estimated to have infected 100 million computers worldwide and 500,000 in the U.S., many of which haven't yet been disinfected.

CNET blogger Topher Kessler describes in the MacFixIt blog how the Trojan horse works. Yes, Macs are as susceptible to … Read more

Wondering why a certain e-mail was dumped into your Gmail spam folder? Google will now clue you in.

As of yesterday, Gmail users can select any message banished to the spam folder and see a "Why is this message in Spam?" notice near the top. The notice will display a brief explanation accompanied by a "Learn more" link to a page describing the many reasons certain messages are considered spam.

A look at the e-mail in my own Gmail spam folder revealed a variety of explanations.

For one e-mail that claimed to be from YouTube but … Read more

Last fall, a new Trojan malware scam called Revir and Imuler was uncovered, attempting to coerce Mac users into installing the malware on their systems, and then sending personal information to remote servers.

The scam initially used a Trojan dropper program called OS X/Revir.A that when run would download PDFs containing offensive political rhetoric in foreign languages, and then install a backdoor agent called OS X/Imuler.A. This in turn would try to connect to remote servers and send information about your system to the servers.

The malware did not work very well and appeared to be … Read more

Microsoft has been given a reprieve in an Indian Web censorship case against several online companies.

The software giant today was told by the Delhi High Court that it will not face charges in the criminal censorship case after the company argued that no formal allegations were brought against it. Microsoft's departure from the case comes after Yahoo was also allowed out.

The Wall Street Journal was first to report on the news.

The India case is focusing on Google and Facebook. Last week, the Journal reported that the companies were forced to head to trial in India after … Read more