security

McAfee Internet Security 2013 Review

McAfee Internet Security 2013 is one of the available tiers in McAfee's 2013 suite of security products. McAfee Internet Security 2013 includes all of the features of McAfee All Access 2013, excepting McAfee SafeKey, McAfee All Access, online cloud features, tablet/mac support, social-network protection, hacker/thief protection, and identity protection.

Read the full review of McAfee's 2013 security software on the McAfee All Access 2013 product page. The rating for McAfee Internet Security 2013 is independent of the rating for McAfee All Access 2013.

How to put 1Password in 'Demo mode'

1Password does a superb job at keeping your private information organized, and your online accounts safe with completely random passwords. Using Dropbox or iCloud, you're able to keep your payment information, private notes, and passwords in sync across multiple devices.

Late last year the 1Password iOS app was updated with a completely revamped look and new features, such as URL schemes and a feature called "Demo mode."

Demo mode is a convenient way to show someone how the app works without revealing any of your personal information during an impromptu tutorial. Once it's activated, you only … Read more

Get a 1TB portable USB 3.0 hard drive for $39.99

How much do you hate rebates?

They're as bad as root canals and tax returns. A lot, but if it's an especially good deal, I'll deal with it. Don't mind them at all. They're a great way to save!

If you answered with No. 1, thanks for stopping by, I'll see you tomorrow. Everyone else, listen up.

For a limited time, and while supplies last, TigerDirect has one of the best hard-drive deals I've ever seen: The Western Digital Elements 1TB USB 3.0 portable hard drive for $39.99, plus around $4 … Read more

Your password, Bond: Insecure

Perhaps they're still mourning Judi Dench's death in "Skyfall."

Perhaps they're remembering the words uttered in that movie that there are no secrets anymore.

It seems, though, that in some corners of British intelligence, password protection needs a little, well, protection.

A gentleman called Dan Farrall was rather stunned, you see, when he applied for a job at the U.K.'s Government Communications Headquarters (GCHQ).

Among many other (secret) things, GCHQ exists to protect Kingdomites from cyberattacks. How odd, then, that it seems rather open about passwords.

Farrall, a university student, describes on his blog … Read more

Outdated Java weak spots are widespread, Websense says

A new Websense report suggests that approximately 94 percent of endpoints that run Oracle's Java are vulnerable to at least one exploit, and we are ignoring updates at our own peril. 

According to security researchers at Websense, it's not just zero-day attacks that remain a persistent threat. Instead, Java exploits are now a popular tool for cybercriminals.

With so many vulnerabilities, keeping browsers up-to-date can become an issue -- especially as Java has to be updated independently from our preferred browser, and a mobile, cross-browser workforce is difficult to manage securely. Keeping this in mind, the security … Read more

New Microsoft study says your software is counterfeit

In a new IDC white paper commissioned by Microsoft, cleverly titled "The Dangerous World of Counterfeit and Pirated Software: How Pirated Software Can Compromise the Cybersecurity of Consumers, Enterprises, and Nations...and the Resultant Costs in Time and Money" ( full PDF), there's a boatful of interesting statistics around "the prevalence of malicious code and unwanted software -- such as viruses, Trojan horses, keystroke-capturing software, authentication backdoors, and spyware -- in pirated software and on the Web sites and peer-to-peer (P2P) networks where such software is found."

"[U]sing information from a 10-country survey of … Read more

Top Chinese university linked to alleged military cybercrime unit

The People's Liberation Army unit (PLA) allegedly responsible for cyberspying on Western targets has collaborated with a top Chinese university on networking and security research papers.

In a finding uncovered by Reuters, Shanghai Jiaotong's School of Information Security Engineering (SISE) and the People's Liberation Army Unit 61398 have worked in partnership on at least three papers in recent years. PLA Unit 61398 is well-known for its alleged links to cyberattacks on the West, after a report was released by security firm Mandiant which stated that an "overwhelming" number of cyberattacks originate from the single unit … Read more

GSA vulnerability highlights dangers of SSNs as IDs

Recently, the General Services Administration sent an e-mail alert to users of its System for Award Management (SAM), reporting that a security vulnerability exposed the users' names, taxpayer identification numbers (TINs), marketing partner information numbers, and bank account information to "[r]egistered SAM users with entity administrator rights and delegated entity registration rights."

The notice warned that "[r]egistrants using their Social Security Numbers instead of a TIN for purposes of doing business with the federal government may be at greater risk for potential identity theft." Also provided was a link to a page on the agency's site … Read more

Apple ID security issue fixed, password page back online

Apple has fixed the security issue involving its Apple ID password-reset page, a vulnerability that had made it possible for hackers with a user's e-mail address and birth date to reset the user's password.

Apple said yesterday that it was aware of the issue and was preparing a fix. Meanwhile, the company had taken the "iForgot" reset page offline for maintenance. Now the page is back up, and Apple has confirmed the fix with CNET.

The security exploit made use of a special URL that got around the need to answer a security question. Apple had … Read more