Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.


CNET Support


NEWS - January 07, 2014

Jan 7, 2014 1:20AM PST
Intel ditches McAfee brand: 'THANK GOD' shouts McAfee the man

CES2014 Intel has announced plans to phase out the infamous McAfee anti-virus brand over the next year in favour of a new Intel Security brand.

The re-branding will begin immediately, but the transition will take up to a year before it is complete with the introduction of new versions of security software products from the technology giant. The shield - which represents the core values of security and protection - will remain and McAfee will continue to operate as a wholly owned subsidiary of Intel, albeit under the Intel Security umbrella.

Brian Krzanich, chief exec of Intel, announced the branding change during a presentation at CES 2014, the consumer technology conference taking place in Las Vegas this week.


Intel announces death of McAfee brand. Will it be that simple?
Intel to Replace McAfee Brand with "Intel Security"
'Dinosaur' Intel Kills McAfee Name

Discussion is locked

- Collapse -
Backdoor in wireless DSL routers lets attacker reset router,
Jan 7, 2014 1:31AM PST
.. get admin

"A quick Christmas hack uncovers a vulnerability in Linksys, Netgear, others."

A hacker has found a backdoor to wireless combination router/DSL modems that could allow an attacker to reset the router's configuration and gain access to the administrative control panel. The attack, confirmed to work on several Linksys and Netgear DSL modems, exploits an open port accessible over the wireless local network.

The backdoor requires that the attacker be on the local network, so this isn't something that could be used to remotely attack DSL users. However, it could be used to commandeer a wireless access point and allow an attacker to get unfettered access to local network resources. Update: Vanderbeken reports some routers have the backdoor open to the Internet side as well, leaving them vulnerable to remote attack.

Continued :

Related :
Hacker backdoors Linksys, Netgear, Cisco and other routers
Critical backdoor in Linksys and Netgear routers found
- Collapse -
World of Warcraft users hit by account-hijacking malware
Jan 7, 2014 1:32AM PST
.. attack

"Infection spread by trojanized add-on, able to defeat two-factor authentication."

World of Warcraft players have been hit with a malicious trojan that hijacks accounts even when they're protected by two-factor authentication, officials have warned.

The malware is infecting systems by posing as an installer of Curse, a legitimate add-on that helps players manage other World of Warcraft add-ons. On Friday, officials with WoW developer Blizzard warned that trojanized versions of Curse available on unofficial sites were posing as the authorized Curse client. Once installed on end-user computers, the imposter versions were being used to take over accounts. In some cases, users reported that their accounts were hijacked even after the passwords were changed and even when the accounts were protected by Authenticator, a two-factor authentication system that sends a temporary password to players' smartphones.

"We've been receiving reports regarding a dangerous trojan that is being used to compromise players' accounts even if they are using an authenticator for protection," Blizzard officials wrote on Friday. "The trojan acts in real time to do this by stealing both your account information and the authenticator password at the time you enter them."

Continued :

WoW gamers targeted with trojanized Curse client
Trojan program hijacks World of Warcraft accounts despite two-factor authentication
- Collapse -
The End of Microsoft's Support for Windows XP
Jan 7, 2014 1:32AM PST

Kaspersky Lab Weblog:

This will take place on April 8, 2014 and Microsoft has already announced this publicly. This would not be a problem if all Windows users would have already migrated to more recent versions of Windows or do so by the mentioned date. However, according to our statistics based on the KSN technology during the last 30 days, 18% of Windows users worldwide still use the XP platform. [Screenshot]

What is the problem exactly? Well, initially, with the discontinuation of support for Windows XP, Microsoft will no longer work on updates / patches for the vulnerabilities that appear after the mentioned date. These vulnerabilities will undoubtedly be used by attackers through the creation of exploits to compromise machines. In other words, any Windows XP vulnerability found after April 8th, 2014, will prove effective for cybercriminals and will simply not have an official patch for the operating system.

Secondly, once Microsoft's support for Windows XP ends, other software providers will also stop supporting it in their own products and what will then happen is that users will not only be left with a vulnerable operating system but with third party applications that are also vulnerable, thus multiplying the possibility of infection that will allow cybercriminals to access the confidential information of their victims. In reality, this is a chain reaction that cannot be repaired unless users migrate to a newer version of Microsoft Windows.

Continued :

- Collapse -
Using Psychology To Create A Better Malware Warning
Jan 7, 2014 2:20AM PST

It turns out the best way to get people to pay attention to those malware warnings that pop up in browsers may be to stop tweaking them, scrap them entirely and rebuild from scratch. According to a study on the subject published last week, efficient malware warnings shouldn't scare users away, they should give a clear and concise idea of what is happening and how much risk users are exposing themselves to.

It's already well documented that the average computer user largely ignores the warnings, but new research is trying to determine just how browser architects and information technology specialists can create more effective warnings going forward.

Ross Anderson, the Head of Cryptography at Cambridge University and David Modic, a research associate at the school's Computer Laboratory used psychology last year to find their answer. The duo's research, a 31-page document "Reading This May Harm Your Computer: The Psychology of Malware Warnings," was released Friday.

Continued :

- Collapse -
Malicious Ads on DailyMotion Redirect to Fake AV Attack
Jan 7, 2014 9:56AM PST

Video-sharing site DailyMotion, one of the most popular destinations on the Web, is in the throes of an attack where it is serving malicious ads redirecting users to a fake AV scam.

Security firm Invincea reported the issue to the website, and as of 4 p.m. ET, DailyMotion was still serving the fake AV malware.

This is the second malvertising attack reported this week. Earlier, Yahoo sites in Europe were serving ads that dropped an iframe sending users to domains hosting the Magnitude exploit kit, which then seeded victims with a host of financial malware.

DailyMotion attracts 17 million monthly visitors and is the 95th-ranked website according to Alexa.

Invincea said that the malicious ads redirect to a third-party domain in Poland called webantivirusprorh[.]pl (93[.]115[.]82[.[246). According to VirusTotal, 10 of 47 antivirus products detect the threat; most detect it as a variant of the Graftor Trojan. The initial redirect, Invincea said, is loaded via engine[.]adzerk[.]net.

Continued :