Spyware, Viruses, & Security forum

Alert

NEWS - June 26, 2015

by Carol~ Moderator / June 26, 2015 10:09 AM PDT
Java updater dumps Ask toolbar adware, replaces it with Yahoo search

Oracle and Ask may have parted ways, but Java security updates are still seen as good marketing opportunities for search providers looking to increase market share. [Screenshot]

If you're still using Java, then you know that updating it is vital given the large number of vulnerabilities that plague the software. You also know that you've had to be extremely careful if you wanted to avoid installing the Ask toolbar adware that's been bundled with it for years, because Oracle -- the company behind Java -- also knows how important updates are and has been using Ask to monetize the software.

And it's not just Windows users that Oracle is eager to monetize. Earlier this year the Java updater began foisting the Ask toolbar on Mac users.

Continued : http://www.zdnet.com/article/java-updater-dumps-ask-toolbar-adware-replaces-it-with-yahoo-search/

Related :
Yahoo Tries to Hook Search Users Via Java Updates
How the next Java update could make Yahoo your default search provider
Discussion is locked
You are posting a reply to: NEWS - June 26, 2015
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - June 26, 2015
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Samsung Program Disables Windows Update on PCs
by Carol~ Moderator / June 26, 2015 10:45 AM PDT
In reply to: NEWS - June 26, 2015

Samsung PC owners could soon find themselves in an endless carousel of enabling Windows Update with each reboot of their machine after a computing enthusiast discovered that a Samsung feature disables Microsoft’s update mechanism by default.

Windows Update is a service that delivers, among other features, security updates and patches to Windows machines. On Samsung machines, however, it’s been usurped by a program called Disable_Windowsupdate.exe that is part of Samsung’s SW Update mechanism; the manufacturer uses its service to update pre-installed software and Samsung drivers, and is installed on Windows XP, Vista, 7, 8 and 8.1 machines.

Continued: https://threatpost.com/samsung-program-disables-windows-update-on-pcs/113475

Related:
It wasn't malware that disabled Windows Update on your PC, it was Samsung
Samsung updates back in the news - for breaking Windows updates
Samsung disables Windows Update, undermines the security of your devices

Collapse -
Default SSH Keys Expose Cisco's Virtual Security Appliances
by Carol~ Moderator / June 26, 2015 10:45 AM PDT
In reply to: NEWS - June 26, 2015

Cisco warned on Thursday that as a result of default encryption keys in three of its security products, customers are at risk of an unauthenticated remote attacker being able intercept traffic or gain access to vulnerable systems with root privileges.

In a security advisory published June 25, Cisco said that its Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) are vulnerable due to default SSH keys which could allow an unauthenticated, remote attacker to connect to an affected system with the privileges of the root user.

The networking giant has released free softwares updates to fix the flaws and said that its physical appliances are not affected by the vulnerabilities.

Continued : http://www.securityweek.com/default-ssh-keys-expose-ciscos-virtual-security-appliances

Related:
Default SSH Key Found in Many Cisco Security Appliances
Cisco SSH Key Flaw Has Echoes of Earlier Vulnerabilities

Collapse -
Google removes "always listening" code from Chromium
by Carol~ Moderator / June 26, 2015 10:46 AM PDT
In reply to: NEWS - June 26, 2015

After including closed-source code that enabled Chromium to listen in to a computer's microphone, Google bowed to backlash and removed it from the open-source browser.

Giving in to user backlash, Google has removed code from Chromium that originally allowed the browser to listen in on a computer's microphone.

The code in question will no longer be included, starting with Chromium build r335874. Prior builds automatically downloaded an extension that could tap a microphone for the purpose of hearing voice commands. [Screenshot]

Continued : http://www.zdnet.com/article/google-removes-always-listening-code-from-chromium/

Related : Not OK, Google: Chromium voice extension pulled after spying concerns

Collapse -
Big Brother tactics
by James Denison / June 26, 2015 11:05 AM PDT

I always unplug my microphone and webcam unless I have an immediate need of them.

Collapse -
(NT) so no amazon echo like feature for chromium
by renegade600 / June 26, 2015 11:46 AM PDT
Collapse -
FBI Says Cryptowall Cost Victims $18 Million Since 2014
by Carol~ Moderator / June 26, 2015 11:54 AM PDT
In reply to: NEWS - June 26, 2015

In a little more than a year, consumers affected by the Cryptowall ransomware have reported to the FBI more than $18 million in losses related to infections from the malware.

Cryptowall is among the group of ransomware families that encrypt the files on victims’ computers and then demands a ransom in order to obtain the decryption key. The infections typically begin with either a phishing email or when the victim goes to a site hosting an exploit kit. Some of the infections rely on exploiting vulnerabilities in software on users’ machines, but just as often the malware is delivered when a user clicks on a malicious link and downloads the malware.

Continued : https://threatpost.com/fbi-says-cryptowall-cost-victims-18-million-since-2014/113432

Related:
Feds count Cryptowall cost: $18 million says FBI
FBI: CryptoWall Ransomware Cost US Users $18 Million
CryptoWall ransomware cost US victims at least $18 million, FBI says

Collapse -
"Free" Proxies Aren’t Necessarily Free
by Carol~ Moderator / June 26, 2015 11:54 AM PDT
In reply to: NEWS - June 26, 2015
Netflix, Hulu and a host of other content streaming services block non-U.S. users from viewing their content. As a result, many people residing in or traveling outside of the United States seek to circumvent such restrictions by using services that advertise “free” and “open” Web proxies capable of routing browser traffic through U.S.-based computers and networks. Perhaps unsurprisingly, new research suggests that most of these “free” offerings are anything but, and actively seek to weaken browser security and privacy.

The data comes from Austrian researcher and teacher Christian Haschek, who published a simple script to check 443 open Web proxies (no, that number was not accidental). His script tries to see if a given proxy allows encrypted browser traffic (https://), and whether the proxy tries to modify site content or inject any content into the user’s browser session, such as ads or malicious scripts.

Continued : http://krebsonsecurity.com/2015/06/free-proxies-arent-necessarily-free/
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.