Moving to Microsoft’s newest operating system is proving troublesome for some businesses.
Nearly half of IT professionals planning Windows 7 rollouts for their organisations are concerned about migrations issues, specifically those of user profile migration.
This was the main finding of a survey from RES Software which polled over 1,500 IT professionals worldwide from a range of industries. It found 57 per cent were planning the move to Windows 7 this year, mostly down to Microsoft’s scheduled closure of Windows XP support in 2014.
However, 45 per cent were concerned with the migration of user profiles from Windows XP to Windows 7. Of those surveyed, 43 per cent said not only was it an issue establishing what permissions and applications required migration but they had “serious concerns” they were not properly equipped with tools and software to cope with the move
Talented engineers at ULM University Germany exposed a security flow with Google’s Android Operating System. The flaw apparently affects 97% of the Google Android users all over the world. Chances are that if you are using Google Android phone, your data may easily land in hacker’s hand without your knowledge. This data may be about your contact list, calendar events and other private information. The engineers toyed with Google’s ClientLogin API which apparently gives remote access to third party hackers enabling them to steal your data.
Scareware came by its name honestly (or perhaps dishonestly). The particular strain of malware we are looking at here (distributed as UltraDefragger and SystemRecovery) attempts to ensnare unwary users by displaying sensational and frightening alerts.
As Symantec recently discovered, the bad guys have added a new twist to their fake disk defragmentation tools: falsely notifying users that a hard drive is about to fail. Like so many other rogue applications, this “recovery tool” is designed to trick users into purchasing a paid application which can fix the problems that were detected. In truth, of course, there were no problems and thereis no fix.
This malware goes beyond mere sensational alerts, however. Symantec notes that it moves files from All Users and the current Windows user’s profile into a temporary location, making it appear as though problems with the hard drive are causing files to disappear. It also disables a user’s ability to change wallpaper images and sets registry keys to hide certain icons — giving the impression that programs are going missing as well (check out the video to see it in action).
If there’s one thing which incites panic in the average computer user, it’s the thought of losing important files. When a rogue application does as convincing a job as this one does, it’s really not surprising that the panic button gets pushed and purchases are made. So just how much would you have to shell out to undo the damage caused by this phantom hard drive crash? $79.50.
Facebook is working on setting up a bug bounty program that would encourage security researchers to discover vulnerabilities on its platform and report them responsibly.
Mr. Joe Sullivan, Facebook’s chief security officer, told us today at the Hack in the Box Amsterdam 2011security conference that the company is currently testing such a system and hopes to launch it soon.
Vulnerability reward programs are not new. In fact, they’ve been around since the Netscape era.
In 2004 Mozilla introduced a bug bounty system for vulnerabilities discovered in Firefox, then last year Google did the same for Chromium, the open source project behind Google Chrome.
However, it was Google that began rewarding vulnerabilities found in its web services first, a move that was mirrored by Mozilla a month later.
Bug bounty programs are not only about rewarding researchers, which is an honorable thing to do, but also about drawing security attention towards a particular product or service.
Since more people will be interested to poke around it and uncover flaws, the system will become more and more secure and there will be less flaws for cyber criminals to find.
No details about the program’s possible payouts or rules have been released, but we’re hoping the rewards will at least match those offered by Mozilla and Google.
When asked about computer security and virus protection, most people are under the assumption that a Windows computer is expected to be in constant battle against malware and viruses of all kinds, while the Mac is generally safe, allowing users to do or download whatever they wish without any repercussions. Well, this assumption is not only being challenged at this point, but is actively being proven false thanks to the “Mac Defender.”
Mac Defender is a trojan horse that is actively targeting Mac users and has already successfully infected hundreds of systems. The way this virus works, like a lot of Windows viruses, is by showing users a pop-up message that warns them that their system is infected by a virus and that they must install anti-virus software to get rid of it.
In reality, this pop-up is telling users that they would make great targets, and that they should install the virus, or at least this is how most tech-savvy computer users would see it and know to avoid it. However, many computer users still fall for this old scam, and once installed, the virus either loads porn websites on the computer like the Mac Defender appears to, or might do something much more malicious like steal personal information such as passwords, user names, or credit card numbers.
So what do you with your infected PC or Mac? For PC users, we would recommend installing a good anti-virus program and clean the system, or if possible (which might not be so with many viruses locking up certain computer features), try to run a system restore to a point in time before the virus was downloaded. As for infected Macs, try to contact Apple and see if they’d be able to help you with removing the virus, or if you have been using the “Time Machine” feature to back up your files, restore your computer to the last known good point before the virus was installed. And for those Mac users that don’t know what “Time Machine” is, it is an automatic back-up of all your files that creates restore points as you use your computer in case you somehow mess up the system or download malware, but it does have to be manually activated for the first time before it starts backing up your data.
Android phones could be offering up usernames and passwords to hackers, allowing sensitive data to be siphoned off.
Researchers from the Institute of Media Informatics at Ulm University have discovered that Android devices could offer up user’s Google Calendar, Contacts and Picasa information.
The research found that devices using Android 2.3.3 and older using ClientLogin (which is used to authenticate apps from a remote destination) could potentially be hacked if using a non-secure connection, such as open Wi-Fi hotspot.
This means up to 99.7% of devices could be open to the exploit, which works by sending a request for an authentication token (authToken) from the Google service with a user name and password over a secure connection, and the received item is then valid for 14 days.