The fix addresses one critical flaw that could've potentially allowed an attacker to run arbitrary code, and closed up three other holes that only posed moderate risks, according to Mozilla. One of those included addressing persistent albeit minor crashes caused by memory corruption. More substantial fixes are expected when Mozilla releases Thunderbird 3.0, due later this year.
AVG Anti-Virus Free Edition is one of the most popular products on CNET Download.com, with 61 million downloads. On Thursday, publisher AVG Technologies, formerly known as Grisoft, plans to introduce the full version of AVG Anti-Virus 8.0. This upgrade will feature significant changes to the program, integrating the previously stand-alone tools of AVG Anti-Spyware, AVG Anti-Rootkit, and recent AVG purchase LinkScanner as well as showcasing an entirely new interface.
Your first--and sometimes only--line of PC defense is your password. Even the most carefully crafted password can be rendered useless if you don't keep it secret. This is not such an easy thing to do, especially considering all the clever tricks data thieves have come up with to grab it, with or without your knowledge. More dangerous is the lackadaisical approach many people take to creating, using, and protecting their passwords. Here are 10 ways to use passwords to best effect.
1: Don't write it down. Ever. Either it will be so easy to find that you might … Read more
Thought you could get rid of those incriminating text messages with a simple Delete? Not so fast, Tex. Gadget blogs are all abuzz over a little device that purports to enable users to recover and view deleted data stored on almost any cell phone SIM card.
"Have you ever wished you can spy on your wife, husband, teens, or colleague's phone to see what they are up to? Are they being suspicious when on their cell phone?" asks New York-based BrickHouse Security, which also sells marijuana identification kits and all manner of spy cameras. It says it … Read more
According to a recent article in Federal Computer Week, foreign criminal hackers are targeting American health records.
Mark Walker of DHS Critical Infrastructure Protection Division recently told a National Institute of Standards and Technology workshop that the hackers' primary motive seems to be espionage. For example, any health problems among the nation's leaders would be of interest to potential enemies, he said.
Walker cited two events from 2007. In one, a virus was placed on the Centers for Disease Control and Prevention Web site. In another, there was a known data breach in the Tricare records for the Military … Read more
AIR, formerly Adobe Apollo, is a runtime environment that allows developers use HTML, Flash, AJAX, Flex, and other Web 2.0 tools to create desktop applications. One such application built using Adobe AIR comes from Nickelodeon Online.
But some security experts are concerned about local file access by AIR applications. Recently, Firefox experienced a vulnerability that could have allowed remote attackers to access a targeted file system. To mitigate this, Adobe says … Read more
One of the most notable additions to Microsoft's 2007 Office System was the Trust Center, which centralizes the security options in Word, Excel, Outlook, PowerPoint, and the other applications in the suite. Of course, this being Office, it figures that many of the most important security features--including the new Document Inspector--also reside elsewhere.
To open the Trust Center in the 2007 versions of Word, Excel, PowerPoint, and Access, click the Office button, select the Options button at the bottom-right of the window, choose Trust Center in the left pane, and click the Trust Center Settings button in the right … Read more
You trust Microsoft Office with your most important documents, spreadsheets, e-mail, and presentations. Unfortunately, many of the default security settings in Office applications may not provide a sufficient level of protection for your data, your system, and your reputation. Follow these steps to fine-tune the security settings in Office 2003; tomorrow I'll cover the new security options in Office 2007's Trust Center and elsewhere.
Office 2003 lets you encrypt files so that you need a password to read or edit them. In Word 2003, open the document and click Tools > Protect Document. To restrict the styles that … Read more
Breaking things--that's what the very bright and super curious do; they look beyond the obvious to see what's truly lurking beneath the surface. On Wednesday and Thursday, attendees at Black Hat D.C. 2008 got a window into the latest research being done on Web applications, wireless, and embedded technologies.
On Wednesday, researchers David Hulton and "Steve" showed how with about $1,000 with of equipment they can decrypt A5/1 cellular GSM traffic in less than a hour. Following that, Adam Laurie reprised his popular RFIDiots talk from last year's Black Hat briefings with … Read more
In my last blog, I wrote about the ArcSight IPO and its significance to the marketplace. I pointed to the fact that ArcSight revenue jumped from just less than $40 million to a hair less than $70 million year-over-year, a metric illustrating just how hot the security management market is. Ditto for closely related log management. According to ESG research, nearly half of all enterprise companies collect at least a terabyte of log data each month, and this capacity continues to grow as more log data is collected from more devices and left online for longer periods of time. In … Read more