Spyware, Viruses, & Security forum

Alert

NEWS - December 24, 2012

by Carol~ Moderator / December 24, 2012 1:52 AM PST
Google blocks silent Chrome extension installation

Google has announced that when Google Chrome 25 for Windows arrives, attempts by third party applications to silently install extensions will now trigger a dialog window to be displayed and, until the user confirms the extension is legitimate, the extension will remain disabled. The company says the technique, known as sideloading extensions, was originally designed to make it easier for applications to add appropriate extensions to Chrome by modifying the registry when being installed.

The feature has, however, been "widely abused by third parties" say the company. The abuse of the extension or add-on system is nothing new; over a year ago Firefox 8 introduced similar features that slowed the install of add-ons, Mozilla's version of extensions. Another change in Chrome 25 which is similar to Firefox's solution is the disabling of all previously installed third-party extensions. The idea behind this change is to ensure that users audit their installed extensions and are aware of what has already been added to their browser's configuration.

Continued : http://www.h-online.com/security/news/item/Google-blocks-silent-Chrome-extension-installation-1774354.html

Also: Chrome 25 blocks sneaky add-ons
Discussion is locked
You are posting a reply to: NEWS - December 24, 2012
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - December 24, 2012
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Mozilla compromises on x64 Firefox after user backlash
by Carol~ Moderator / December 24, 2012 2:25 AM PST

Mozilla on Friday backtracked from a decision to suspend all work on a 64-bit version of Firefox for Windows, acknowledging that user criticism had changed its mind.

"After I announced my decision to disable 64-bit Windows nightlies, there was significant negative feedback," admitted Benjamin Smedberg, a contributor to the open-source browser, in a message to a Mozilla planning discussion group. "After reviewing that feedback, and consulting with Release Engineering, I believe that we can keep a set of users happy by making a modification to the original plan."

In November, after months of debate, Mozilla suspended development of 64-bit (x64) Firefox for Windows, citing add-on incompatibilities, problems deciphering crash reports, and a low priority for the project.

At the time, Smedberg said that Mozilla had already decided not to ship an x64 Windows Firefox in the first half of 2013, and perhaps not at all during the year.

Continued : http://www.computerworld.com/s/article/9234997/Mozilla_compromises_on_x64_Firefox_after_user_backlash

Collapse -
Hacker, Verizon duel over customer record claims
by Carol~ Moderator / December 24, 2012 3:05 AM PST

" A hacker said he has acquired more than 3 million Verizon customer records -- but leaks only 10 percent of them, after the phone and broadband giant fails to fix a security flaw. Verizon disagrees."

Updated on December 22 at 8:00 p.m. ET: Verizon spokesperson Alberto Canal told ZDNet in an emailed statement: "We have examined the posted data and we have confirmed that it is not Verizon Wireless customer data. Our systems have not been hacked."

The hacker said in a later tweet the data likely belongs to Verizon FiOS fiber customers, rather than Verizon Wireless cellular customers. We've updated the post to reflect these changes. We've put in more questions to Verizon and will update again once we hear back.

A hacker has posted around 300,000 database entries of Verizon customers to the Web, after exploiting a vulnerability in the cellular giant's network.

The hacker, going by the name @TibitXimer on Twitter, told ZDNet earlier this evening that the hack was carried out earlier this year on July 12, which allowed him to gain root access to the server holding the customer data. Tibit gained access to a server with little difficulty after working with another hacker to identify the security flaw.

Continued : http://www.zdnet.com/hacker-verizon-duel-over-customer-record-claims-7000009151/

Related:
After hacker disappears from Twitter, Verizon reveals customer data was leaked by a marketing firm
After claiming Verizon attack, hacker and the spoils disappear

Collapse -
Security experts warn of 'January Effect' cyberattacks
by Carol~ Moderator / December 24, 2012 3:05 AM PST

The world didn't end with the Mayan calendar. But it still might be a good idea for those in the information security business to be wary of this time of year.

Jeffrey Carr, an author on cyberwarfare and founder and CEO of Taia Global, noted in a post on Infosec Island this week that he has noticed a major breach or act of cyber warfare that kicks off the New Year—every year since 2009.

Carr calls it "The January Effect," a well-established term in the investment world that refers to an expected price rise in securities after the first of the year. The effect, he said, is viewed as an opportunity for the bad guys.

He listed four major events as evidence:

Continued : http://www.pcworld.com/article/2023252/security-experts-warn-of-january-effect-cyberattacks.html

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.