Comodo

If you're running a fairly recent edition of Windows, you're probably also using the built-in Windows Firewall. It does a good job, but there's no reason not to take advantage of much more capable (yet just as free) firewalls, especially when they're easier to use and come with significant extras. Take Comodo Firewall: This full-featured, multilayer firewall application uses cloud-based data to analyze new programs and data to prevent attacks, including zero-day attacks. It protects your system from viruses, Trojans, worms, hacker attacks, and other threats. Extras include a Geek Buddy subscription, the SecureDNS network, and … Read more

Cloud computing isn't exactly a new concept in security software; online virus scanners have been around for years, and even regular antivirus definition updates draw on the power of collective input. But a growing number of tools are moving out of your PC and into the cloud, including Comodo's Internet Security and System Cleaner apps, at least in the form of Comodo Cloud Scanner. It bundles the processes of these two tools in one interface, but it doesn't use your machine to run them. Instead, Comodo's servers scan your PC in real time to identify a … Read more

An on-demand Virtual Private Network and a better "quick scan" take their bows in Comodo Internet Security 5.9 (download), released today. Along with the new features, a Comodo Security Solutions spokesman had some tough words for the competition.

Comodo Internet Security 5.9, which despite following the security industry naming convention for paid suites is actually the name of Comodo's free suite, now supports the company's TrustConnect VPN service. TrustConnect uses 128-bit encryption to provide addition Wi-Fi protection, although it doesn't anonymize your traffic like Hotspot Shield does. The TrustConnect integration will automatically detect … Read more

Firefox browser distributor Mozilla today gave companies that sell digital certificates a week to take actions to improve their security after a certificate authority (CA) was hacked and Gmail users in Iran were targeted in a recent attack.

When a Web surfer visits a site over a protected SSL (Secure Sockets Layer) connection, the browser provides a visual indication that the site is trusted--a green URL bar or padlock, usually--based on the digital certificate for the site. If the digital certificate, which is used to authenticate a site as legitimate, is revoked or has some other problem, the browser will … Read more

A second company that provides digital certificates used to authenticate Web sites won't be issuing them while it investigates whether it has been compromised as a hacker has claimed.

A hacker who goes by the alias "Ich Sun" has taken responsibility for a recent breach at Dutch certificate authority DigiNotar that resulted in more than 500 SSL (Secure Sockets Layer) certificates being fraudulently issued, including one that was used to spoof Google.com.

The self-proclaimed Iranian patriot, who was behind a hack on certificate authority Comodo this spring, says he has hacked four or more certificate authorities, … Read more

Google, which has found Gmail to be a target of hacking attempts from China, has modified Chrome so the browser always encrypts connections with the e-mail service.

Google already changed Gmail to use encryption by default, a mode indicated by the "https" at the beginning of a browser address bar that means outsiders sniffing network traffic can't read your e-mail. People could still get to the unencrypted version by typing "http://gmail.com," but no more, for Chrome.

"As of Chromium 13, all connections to Gmail will be over HTTPS. This includes the initial … Read more

There seems to be a groundswell of hacking activity recently. From the Epsilon breach that touched dozens of major U.S. companies and their millions of customers, and RSA replacing its customers' SecurID tokens after attacks on several defense contractors to Sony sites getting pummeled by hackers on a regular basis--all within the last few months.

What's going on?

"I truly don't think there's a higher instance of hacking right now. I think there's been a wave of media coverage," said Bruce Schneier, chief security technology officer of BT and one of the most … Read more

Last week, Epsilon was a little-known e-mail marketing firm, a behind-the-scenes player in the Web-marketing world. This week, it's held a prominent place in the headlines as the target of a massive data breach that exposed names and e-mail addresses for a broad swath of customers at dozens of prominent companies.

E-mails from the likes of Citibank, Chase, Capital One, Walgreens, Target, Best Buy, TiVo, TD Ameritrade, Verizon, and Ritz Carlton--have been flooding in-boxes since Epsilon announced its system had been breached. Some people (this writer included) have reported receiving as many as four of these warnings.

Companies like … Read more

After a hacker obtained fraudulent digital certificates that could be used to impersonate Google, Yahoo, Skype, and other major Web sites, the security company that issued them blamed the Iranian government.

There is only "one conclusion," Comodo, the Jersey City, N.J.-based issuer of digital certificates said in a report tracing the intrusion to Iran. "This was likely to be a state-driven attack."

Well, not quite. The perpetrator claims to be a 21-year-old Iranian patriot--a "single programmer with the experience of 1,000 programmers"--who told CNET he carried out the intrusion in … Read more