Bitdefender Total Security 2013 for as little as $29

Total Security 2013 (3 PCs, 1 year) special price 

Bitdefender Total Security 2013 at lowest price! Buy now at low price and save $50.95 Today! Use the best out of special campaign and purchase Bitdefender’s top product for only $29 USD. The promotion is available until March 25th. Coupon code: 29USD-29Feb2013

BitDefender Total Security 2013 - comprehensive protection against viruses. Includes: antivirus, anti-spyware, anti-phishing protection, a firewall - a firewall, integrated parental controls, security, social networks, remote control functions.

With its powerful algorithm, user-friendly interface and efficient operation, BitDefender Total Security helps protect your personal data.

The discovery of new vulnerabilities in the latest version of Java

System compromise in Java

Experts of Security Explorations reported Oracle developers of two gap, allowing completely bypass sandbox restrictions Java.

According to the new notification researchers Security Explorations, the latest version of Java were discovered two new vulnerabilities that can completely bypass the restrictions built into the platform sandbox. Thus, according to the expert Adam Gowdiak, gaps affect current versions of Java 7 SE, in particular component Reflection API, which you can get around the limitations "in an interesting way."

Govdiak also said that he tested the original release of Java SE 7, Java SE 7 Update 11 and Java SE 7 Update 15. According to Security Explorations, Oracle developers have already received all the information and PoC-code, and pledged to take action.

Adobe has removed three critical vulnerabilities in Flash Player

One of the vulnerabilities could allow an attacker to carry out targeted attacks on users Firefox.

Adobe has released a security update for Flash Player 11.6.602.168 and earlier versions for Windows, as well as Flash Player 11.6.602.167 and earlier versions for Macintosh and Flash Player 11.2.202.27 and earlier versions for Linux. Vulnerabilities in the program allows an attacker to gain control of the target system.

«Adobe knows that CVE-2013-0643 and CVE-2013-0648 is actively used by hackers to carry out targeted attacks in which the user sends a link to a site that provides a malicious Flash-content. Ekploity for CVE-2013-0643 and CVE-2013-0648 allow for targeted attacks on users of the browser Firefox », - stated in the notification from Adobe.

It is currently unknown who discovered the vulnerability in Flash Player and reported them to Adobe. In Mozilla also do not provide comment on the attacks on users Firefox.

MiniDuke - a new cyber-espionage tool

Kaspersky Lab has published a report on the study of a number of incidents that took place last week, and yet another example relating to cyber espionage against government agencies and research organizations around the world.

During an attack used a combination of sophisticated malware "old school" virus writers and new advanced technologies for vulnerabilities in Adobe Reader - and all this in order to get the data from the geopolitical nature of the organizations.

Malicious program MiniDuke spread by a recently discovered exploit for Adobe Reader (CVE-in 2013-6040). According to a study conducted by Kaspersky Lab in cooperation with the Hungarian company CrySys Lab, among victims kibershpionskoy MiniDuke programs were state institutions of Ukraine, Belgium, Portugal, Romania, the Czech Republic and Ireland. In addition, the actions of cyber criminals suffered Research Institute, two scientific issledovatelskiyh center and medical facility in the United States, as well as research fund in Hungary.

Bitdefender Antivirus Plus 2013 for as little as $29

Bitdefender Antivirus Plus 2013 3 PCs, 1 year special price

Antivirus software 2013 at lowest price! Buy now at low price and save $20 Today! Use the best out of special campaign and purchase Bitdefender’s top product for only $29 USD. Coupon code: 29USD-29Feb2013


Bitdefender Antivirus Plus 2013 - professional anti-virus program with features designed for extra security computer.

Bitdefender Antivirus Plus 2013 provides protection for your computer against viruses, spyware, and other malicious software. Incorporates the technology of Active Control virus to detect threats in real time, keep anti-virus database is always up to date.

Bitdefender Antivirus Plus 2013 Promotion

Regular price: $49.95 USD

Now discount price only: $29 USD (Discount $20.95)

GravityZone innovative solution from Bitdefender

Bitdefender presented a unified protection for all client terminals

Corporate products division Romanian company Bitdefender announced the release of an innovative solution called GravityZone. This product is a centralized security for physical, virtual and mobile terminals. GravityZone system to the private cloud, where all users consume corporate network security services for any kind of your client terminals.

GravityZone cloud system is largely a revolutionary solution, offering security specialists, IT-departments, managers and system integrators centralized security control with high scalability. In addition, the platform GravityZone integrates well with virtualization technologies from VMware, Citrix and Microsoft. Huge savings in time and resources allows the transfer of power to the free activities such as anti-virus scanning and data deduplication. Another important advantage is that a single console for managing both physical and virtual environments.

Trend Micro Mobile Security 3.0

Trend Micro introduced Trend Micro Mobile Security 3.0 - The product offers a new approach to the protection of users of smartphones and tablets based on Android.

Version 3.0 significantly expands the "security perimeter" users, including information on the account Facebook. New in solutions Trend Micro Mobile Security the third generation can guarantee the inviolability of the "private digital life" of modern man. In addition, the new version also provides rapid scanning for malicious code and the ability to back up all user data in a secure cloud Trend Micro.

"Over the past year and a half, we have seen exponential growth in threats to Android. To date, we have found more than 350 000 unique malicious programs for this platform in multiple app stores and on other web sites, including such well-known, even as Google Play Store, - says Khoi Nguyen, head of mobile solutions Trend Micro. - We estimate that by the end of 2013 the number of malicious and potentially unwanted software for Android will reach fantastic notes - 1 million! "

Following Apple and Facebook hackers attacked Microsoft

While in the United States are trying to find out where I came from hackers, blame the Chinese, they continue their work safely. Who at this time was the victim of the unknown and the mysterious hacker, what information they were able to steal this time found out the news department of the U.S. experts publications for investors "Market Leader".

With the representative of Microsoft became aware that a number of personal computers were infected Corporation malware. When exactly was undertaken cyberattack no information. At the same time, Microsoft officials have assured that the reference to any damage or theft of customer information the company was not, RIA Novosti reported.

Media notes, and the fact that the software company Microsoft after the company Apple, as well as social network Facebook announced on the eve of the "recent" cyber attack on their personal computers, reported Reuters night.

Passware Kit Professional

Passware Kit Professional 12.3.6332

Passware Kit - a set of tools to guess passwords to files created with Excel, Word, Access, Outlook, Outlook Express, Exchange, WinZip, Acrobat, WordPerfect, PGP, as well as many other programs. Plus a selection of key Windows 8/7/Vista/XP/2000/NT and Windows Server 2008/2003/2000/NT, including access to the hard drives that are encrypted with the help of technology BitLocker. Supports all methods of password guessing.

Passware Kit uses the following mechanisms recover passwords: brute force, dictionary, search for a given alphabet, the use of a certain part of the password, use the previously recovered passwords, as well as a combination of methods. Supporting Distributed Password Recovery. Acceleration due to the use of computational power of the GPU and NVIDIA graphics cards Radeon and use of multi-core CPU.

Fraudsters require from Facebook users to pay for membership in social networks

Fraudsters send users to Facebook threatening letters on behalf of the social network administration.

Users are asked to pay a membership fee to get the status of «gold member». Otherwise, attackers, on behalf of the administration of Facebook, threatening to publish confidential data refusing users stored in the social network.

Often in these messages contain text such as follows: "The official report. Communication media. FACEBOOK enters administration fee, a membership fee of $ 9.99. By making a set fee, users get the status of «gold member». This will allow them to maintain the existing level of confidentiality. With user who posted this message on their wall, the fee is not charged. Otherwise, from tomorrow all the information ever published in Facebook (even if it has been deleted), can get in the open access. "

Malicious code Sshdkit attacks Linux-servers

In the anti-virus company 'Doctor Web' today told about new to the unusual Linux-vredonosa, hacking web servers. The harmful Linux.Sshdkit program represents dynamic library, thus there are its versions both for 32-bit, and for 64-digit versions of distribution kits of Linux.

Trojan propagation mechanism is still not fully understood, but there are reasons to believe that this installation to a server by using a critical vulnerability. Last known specialists "Doctor Web" version of the malware has number 1.2.1, and one of the earliest - 1.0.3 - apply for a fairly long time.

After a successful installation in the Trojan embedded in the process sshd, intercepting the authentication function of the process. After installing the session and successfully entering the user name and password are sent to the remote server to the attacker through a protocol UDP. IP-address of the control center, "sewn up" in the body of the Trojan, but the server address command every two days regenerated. For this Linux.Sshdkit uses a peculiar algorithm for selecting the team name server.

Kaspersky - Free Mobile Antivirus

Free Mobile Antivirus from Kaspersky Lab

Kaspersky Lab completely reformat the line of mobile products company, which is planning to announce at the Mobile World Congress (Mobile World Congress), which will be held in Barcelona on 25-26 February 2013

Updated grocery concept assumes the appearance of the freeware versions for both mobile solutions Kaspersky: Kaspersky Mobile Security (for smartphones on Android) and Kaspersky Tablet Security (for Android-tablet). Until now, the company only offers one free product for Android: app Kaspersky Mobile Security Lite.

It is worth noting that current mobile products, Kaspersky Lab is now completely confined to the ruler for Android. Although Kaspersky Mobile platforms Windows Mobile, BlackBerry and Symbian exist, update the developers stopped for a minor market for these mobile systems. In the App Store for iPhone and iPad Kaspersky placed a free application for the "parental control" and a generator unlocking codes for computers affected by the SMS-Trojans.

Check Point: Security Report 2013

The 2013 Check Point Annual Security Report

The company Check Point Software Technologies Ltd has published an extensive study of the "Security Report 2013", which reveals the most serious risks that are currently facing the organization in the world. It highlights the main threats to security, Web applications, the work that could compromise the corporate network, as well as cases of data loss due to accidental employee actions.

During deployment, which began in 2012 between hackers and IT experts of "arms race" has become clear that many of the serious threat remained hidden from network administrators. These threats stem from the fact that the attackers are constantly thinking of new ways to cyber hacking, as well as reckless behavior on the Internet its own employees, who, unwittingly, make corporate networks vulnerable. Before you begin to develop an effective plan to protect security, the organization must learn and fully understand the processes that take place on their networks.

Based on data from nearly 900 companies, security report for 2013, a Check Point sheds light on what lies in enterprise networks, and the risks that organizations suffer daily.

DDoS-attacks are becoming more sophisticated

DDoS-attack on the applications will make 25% of all DDoS-attacks in 2013, predict analysts Gartner. The malware in such cases stops the CPU unit and blocks the application.

Experts Gartner notes the increasing level of complexity of hacker attacks, especially for financial institutions and companies involved in e-commerce.

The study also showed increased power DDoS-attacks. In the second half of 2012, DDoS-attacks on a number of U.S. banks have up to 70 GB per second, whereas before, did not exceed 5 GB per second, but even that was enough to paralyze banking site or a payment system. In the future, according to analysts Gartner, power DDoS-attacks will only grow.

Oracle today released a new update for Java

Oracle today released a new update for the client Java, eliminating several previously identified vulnerabilities in the security of the common environment and eliminating the possibility of multiple zero-day vulnerabilities in browsers.

New updates Java 7 Update 15 and Java 6 Update 41 liquidate five critical vulnerabilities that have not been eliminated on February 1, when Oracle has released an update for the planned Java 7 and 6. Note that even if Oracle had violated accepted quarterly schedule release patches for Java, to eliminate a previously identified critical vulnerabilities actively exploited by hackers.

Now it is reported that four of the five vulnerabilities in Java can be used via Java Web Start on the desktop. Three of these vulnerabilities are the 10th, the highest level of hazard adopted in rating scale Oracle Common Vulnerability Scoring System. This means that they work on all systems where Java is available and allows you to log into the OS with administrator privileges. However, on Linux and Solaris Java environment does not run with administrator privileges, because the risk is lower.

As the cyber-weapon influences on the safety organizations

"Kaspersky Lab" brought together experts in the IT-industry international summit on cyber security in New York.

On "How to cyber weapons affects the security organizations," reasoned the recognized professionals in the field of information security. Their knowledge and practical cases were shared, in particular, the former head of the administration of U.S. President Barack Obama's cybersecurity Howard Schmidt, IDC senior analyst Lawrence Orans, RSA Security Manager Eddie Schwartz, representatives of the major international companies PayPal and BlackBerry.

Active participation in the discussion was the head of the Center for Global Studies and Threat Analysis "Kaspersky Lab" Costin Raiu, Director of Product Development and Services Peter Merkulov and CEO Evgeny Kaspersky.

New version Panda Cloud Antivirus

Panda Cloud Antivirus Free 2.1.1

Panda Cloud Antivirus 2.1.1 - a new version of the free antivirus with Windows 8 support

The company Panda Security has released an update for their product Panda Cloud Antivirus Free 2.1.1, a free "cloud" anti-virus for the operating system Windows. Key features introduced in the new version is the enhanced compatibility of the product with Windows 8.

Antivirus engine underlying the Panda Cloud Antivirus, takes full advantage of modern technology of cloud computing. With this particular product is able to effectively detect most modern threats and remove them from your PC. It is also remarkable that the antivirus excellent job in identifying new and quite neglected other malicious programs. Successful certification for compatibility with the new operating system from Microsoft in the first place means that Panda Cloud Antivirus now provides protection in real-time applications, purchased from an online store Windows Store.

Computer threat - how to identify phishing

Fisher - a fraudsters who play on trust

They use spam, malicious sites and instant messages to extract your confidential information such as your bank and credit cards. A more detailed description can be found in this article.

Here are some of the signs by which one can determine the phishers.

- Issued as representatives of actual companies, but use e-mail for requests for personal information, as well as directing users to fake websites;

- In order to force you to download malware, may argue that an urgent need to take certain measures, as, for example, there were some problems with your account, and the like;

- Often use emotionally charged vocabulary and scare tactics to get feedback;

Hackers attacked the Apple

Apple is the target of hackers that have hacked Facebook

According to the news agency "Reuters", some internal Apple computers were found worms.

"Apple has identified malicious software on a limited number of systems Mac, which got there through gaps in the Java plug-in for browsers," - said in a statement. "The virus has been launched in a focused attack on Apple and other companies. Malicious applications are distributed through the website for developers. "

Official sources said that the attackers did not manage to steal anything. As in the case of Facebook, hackers could only get access to a small number of computers in the company's headquarters. Subsequently, Apple simply isolate the system. At present there is no evidence of data theft.

New stage in the development of bootkits

In the last few years has increased the spread of malicious software (bootkits), modifying the boot sector in the infected system. Among the most prominent members - TDL4, Olmasco and Rovnix.

In a ESET report on threats and trends for 2012, was stated that bootkits are one of the key technical trends of the year.

In the last few years has increased the spread of malicious software (bootkits), modifying the boot sector in the infected system. Among the most prominent members - TDL4, Olmasco and Rovnix.

Each of them uses different methods of infecting your hard drive, or a modification of the master boot record (MBR), or a modification of the first sector of the boot partition, that is, VBR or IPL (first volume sector, which control is transferred out of MBR - Volume Boot Record / Initial Program Loader). Intuitively, these families are shown in the figure below.

China denies latest U.S. report about hackers in China's Army

"The U.S. is behaving unprofessionally and irresponsibly, speaking with unfounded accusations about hacking, this approach does not benefit the solution of the problem," said this morning, Foreign Ministry Spokesperson Hong Lei, responding to a request by journalists to comment on the latest report of the U.S. company Mandiant, in which states that the alleged hackers with ties to the Chinese military, not just hacking U.S. networks.

The problem of cyber attacks is a global, its solution requires a constructive, based on mutual trust and respect for international cooperation, said Hong Lei, adding that the Chinese government has consistently and strongly opposed to this form of attack and on the basis of the law has been fighting with this problem.

"The Chinese side urges the international community on the basis of the project made by the UN in September 2011, together with Russia and other countries, to develop the principles and rules of conduct in the field of information security," said Hong Lei.

New Zero-day vulnerabilities in Adobe PDF

Symantec Corp. has detected an Internet activity, operating new zero-day vulnerability (CVE-2013-0640, CVE-2013-0641) in products Adobe Reader and Adobe Acrobat XI and earlier.

Adobe has not yet released a patch for this vulnerability, but has issued recommendations to counter their attacks exploiting. Solution for virus protection at mail servers Symantec Mail Security provides protection against these attacks, preventing the download of malicious PDF-files.

Initially, the online community was based on the report on the new 0-day vulnerability, published by FireEye. It was reported that as a result of its successful operation on the computer have been downloaded more files. Symantec expert analysis confirms this possibility.

The source of cyberattacks to major editions of the USA is found

The company Mandiant has published thorough 60-page report of the investigation of recent hacker attacks on the websites of the largest periodicals USA: New York Times, Wall Street Journal and the Washington Post.

The investigation was commissioned by the New York Times and found that the vast majority of such attacks come from the same 12-storey building in Shanghai. This is the building is the headquarters of the military unit № 61398 People's Liberation Army (PLA). Experts from the company Mandiant even recorded a video in which a working session filmed allegedly by Chinese hackers.

American experts attribute the large building on the outskirts of Shanghai with many cyber attacks on corporate networks of companies, government agencies and organizations in the USA. It is assumed that it employs hacker group, known as the "Comment Crew" or "Shanghai group". The report of Mandiant says that according to the results of a series of expert hackers traces lead to this building. At the same time, American experts can not prove the presence of hackers is inside this building, which stands surrounded by inexpensive restaurants and massage parlors.

Known edition 4 months opposed cyberattacks

Hackers from China for four months attacked the newspaper The New York Times and its staff, the publication reported on January 30. The attacks began in late October 2012, immediately after the article of the wealth of the family of Chinese Prime Minister Wen Jiabao.

Attackers hacked emails head offices of the newspaper Shanghai David Barboza, wrote on the income of the Prime Minister of China, as well as the head office The New York Times in South Asia Jim Yardley. Yardley previously headed the representative publications in Beijing.

The newspaper notes that the hackers tried to find sources, reported revenue of Wen Jiabao. Specialists hired The New York Times, found no evidence that the hackers gained access to emails or files associated with this publication.

In search of information on sources of income Article premier attackers also hacked personal computers 53 employees The New York Times. In this case, the hackers did not steal any customer information publications.

Mass hacking of Linux servers

The third day in the web has been a mass hacking servers based on Linux

There is a suspicion that the attack is made through unpatched 0-day vulnerability in one of the available network services.

Of compromised systems are marked servers based on CentOS and other distributions on the basis of packet-base RHEL 5 and 6, which are installed all available updates. Many compromised systems use control panel, cPanel, DirectAdmin, ISP config and Plesk, but it is not clear whether they can be a source of penetration.

As a result of the attack in an unknown way the system appears file / lib64/libkeyutils.so.1.9 (for 32-bit Systems / lib/libkeyutils.so.1.9). After cracking process begins to set sshd suspicious connections: at the entrance to the compromised server to ssh, using UDP sends the data entered username and password on port 53 of the external host. In addition, the server is hosted code to participate in the botnet used to send spam, and possibly to carry out further attacks.

Nearly one in three PCs - infected with malware

PandaLabs has published a report on viral activity, including the analysis of events and happenings in the field of IT-security over the past year. According to the report, 31.98% of all scanned computers worldwide contain malicious software. The total number of malware samples in the database PandaLabs has reached about 125 million, PandaLabs researchers estimate that at least 27 million new malware samples was established only in 2012. Three quarters of new malware samples created in 2012, were Trojans.

These figures represent an opportunity for cybercriminals automate the creation of new variants of malicious programs, and also suggest that on average, a day created 74 thousand new threats.

In 2012, the Trojans dominated among all the other threats, more than ever before. Three quarters of the infections were caused by malicious Trojans (76.56%), which is more than 3% compared with 2011. One reason for this growth is the growth of "popularity" set of exploits, such as the Black Hole, which can use a variety of system vulnerabilities to automatically infect computers without user intervention. Viruses are the second (8%), while the worms fell to third place with 6.44% of all infections.

In the Linux kernel found local vulnerability

There is evidence about the discovery in the Linux kernel vulnerability (CVE-2013-0871) in the subsystem PTRACE, which can be exploited by a local attacker to execute code in the kernel.

To demonstrate the potential for exploitation of the vulnerability exploited by a prototype for the sheer work that requires small changes to the core, simplifying manifestation of the race when called with a parameter ptrace PTRACE_SETREGS.

How realistic is operated under normal conditions the problem and the circumstances that may contribute to the fact it is not clear yet is considered to be attacked only in theory. However, it is possible that the problem is one of the most dangerous vulnerabilities in the kernel in the past few years.

Facebook reported about sophisticated attack hackers

Social network Facebook has undergone sophisticated attack hackers 

This is said in a statement released by the security Facebook on Friday, February 15.
   
In January, reported security, hackers used to attack the website of the company - the developer of mobile applications, for which a number of employees went Facebook. When you visit this site, hacked on laptops employee social network got an exploit that allowed in the future to establish a kind of malware. Laptops employees Facebook, the statement said security forces were equipped with the latest anti-virus protection.
   
Once the attack was detected, the representatives of Facebook was notified about the incident the police and notified the company of Oracle vulnerabilities in its software. Appropriate soft patch for this issue, Oracle released on February 1.
   
In a statement Facebook emphasizes that there is no evidence that the hackers gained access to personal data of users of social networks.

Adobe will release emergency updates for Reader

Emergency vulnerability will be released during the week

This week, Adobe plans to release emergency patch for two critical zero-day vulnerabilities in the program Adobe Reader. The notification producer reported that gap is already being used by fraudsters. The exact release fixes the company is not known, but it should happen before the end of the week.

The first vulnerability is contained in the version of Reader for Windows, OS X and Linux. The second hole for the remote execution of malicious code on the target system, which is embedded in a specially created PDF-files.

Japanese police arrested the alleged creator of the "virus-terrorist"

Japanese authorities arrested the alleged creator of the malware spread on bulletin boards and e-mail box of the various organizations and individual Internet users in Japan ads and emails with threats of kidnapping and terrorist acts. The threat spoke on behalf of the people infected with malicious information kompyuterov.Po Bangkok Post, the police suspect the virus to create a 30-year resident of Tokyo, Yusuke Katayama.

 Law enforcement authorities in Japan have discovered a malicious program in October last year, after the arrest of the owners of several computers that allegedly were sent threatening texts. In the sent text containing the threat of terrorist attacks in the shopping center, threats to blow up the plane, received one of the airlines, as well as threats to the royal family, in particular, the threat of a terrorist attack in the schools attended by members of the imperial family.

McAfee jeopardized the safety of MAC users

Administrator at McAfee accidentally withdrew digital key, which allows certification of desktop applications based on Apple OS X. Because of this, a huge number of consumers have difficulty installing or updating anti-virus products for Mac.

McAfee employees say they never lose control of special certificates, which are used to confirm that users are using the legitimate releases. Key revocation date - February 6, 2013. This means that for a week consumers were not able to confirm they bought McAfee-software for Mac.

"We were just told that we must accept unverified certificates until they sort out their problems," - says one IT-manager of a large company, who requested anonymity. "In fact, they offer us their own themselves to the threat."

Facebook faced with industrial espionage

Representatives of the social network Facebook on Friday said that the computers of several engineers associated with the development of key technologies Facebook, were attacked by a previously unknown exploit Java-by setting unique malicious software. Company representatives say that the result of the attack the user data is not affected, but a complex malicious software was detected on computers "limited group of engineers."

The internal security service Facebook has worked with an unnamed antivirus company to come out to the command server is malicious, a gathering of engineers have stolen data. According to Director of Safety Facebook Joe Sullivan, the servers were also found data belonging to several other companies. He noted that Facebook has notified the companies of their findings, and gave information about the attacks in the U.S. FBI. In the social network said that the investigation into industrial espionage is not over yet.

The main threats and trends 2012

Overview of the main threats and trends 2012

Last year was quite intense, and new versions already known malware families, as well as new threats that consolidated its presence in our "Top Ten".


The objectives pursued by criminals involved in the spread of malware, known for a long time and, in general, have changed little.

Passed in 2012 remembered:

- The largest epidemic Trojan Backdoor.Flashback.39 for MAC;
- Detection and contamination lots of varieties Trojans encoders;
- Detection of botnets based file virus Win32.Rmnet.12;
- Increased variety of threats to the mobile platform Google Android.

LA Times website redirect visitors to a resource with a set exploits BlackHole

Malicious activity carried out for six weeks, from December 23 last year

Subdomain site publishing Los Angeles Times redirected to the hosting service, which contains the latest version of a set of Blackhole exploits. Information security specialist Brian Krebs reported that this activity was carried out for six weeks (23 December 2012), resulting in the injury of 325 thousand visitors edition.

Krebs conducted a joint investigation with a representative Avast, Jindrich Kubec after the IT-specialist has received several complaints from users.

Originally spokesman LA Times Hillary Manning stated that the problem with the site has been linked to a recent burglary resource advertising agency NetSeer, which caused the blocking of such portals as the New York Times, Washington Post, ZDNet and the LA Times, with advertising from the above agencies. Manning also noted that the problem already solved and LA Times website is correct.

Found a way to bypass the passcode in iPhone

The operating system iOS 6.1 identified that allows potential attackers to take advantage of password-protected smartphone iPhone.


To unlock your smartphone, without knowing the password, perform the following steps (Videotutorial published user videosdebarraquito):

- Turn on the screen apparatus;
- Press the "Emergency Call";
- Press and hold the power button until the slider to "off";
- Press the screen button "Cancel";
- Dial the emergency number (such as 112);
- Press the calling;
- Immediately reject a cal;
-Press the power button and then the "home" button;
- Hold your finger on the slider, "Unlock";
- Press and hold the power button for 3-4 seconds;
- Press the "Emergency Call".

Developers Adobe Reader released Instructions for fixing critical vulnerabilities

Windows users can protect themselves by opening suspicious PDF-files using the built-in sandbox.

In his progress notification developers Adobe warned users that a product such companies as Reader and Acrobat (designed to work with PDF-files) are two zero-day vulnerabilities. Experts stress that making users vulnerable version 11.x for Windows can protect themselves by turning on Protected View.

When it is activated opened PDF-files will run in a sandbox. In addition, users can set up an alternative program to work with these documents. To activate the feature, you need to go to File> Edit> Preferences> Security (Enhanced) and select Protected View.

Recall these breaches were discovered thanks to the efforts of researchers from FireEye, a malicious PDF-document that exploits a previously unknown vulnerability in the programs.

mSpy - The TopTenREVIEWS Silver Award Winner

Just great news for all of us!

Recognizing the quality and ease of use of  service, mSpy has been rated second best by TopTenReviews and it got the best 10/10 feature set rating!

Just let know your visitors that you provide them with the top-notch spy solution, now recognized worldwide.

mSpy does everything from collecting data on calls, texts and emails to tracking the physical location of the phone using GPS. This mobile monitoring software runs on the phone in stealth mode so that others won't notice it's there. mSpy is compatible with Android, jail-broken iPhones, Symbian and BlackBerry operating systems. It also has 24/7 customer support. For these reasons and more, mSpy is our TopTenREVIEWS Silver Award winner.

New anti-virus products NOD32 Cyber ​​Security for Mac

Eset has announced a new anti-virus products for Mac OS X

Antivirus company Eset today announced the release of a new generation of anti-virus products NOD32 Cyber ​​Security for Mac OS X and NOD32 Cyber ​​Security Pro for Mac OS X.

From the current version, in addition to basic, traditional solutions Eset NOD32 Cyber ​​Security, which has been updated, created a new product ESET NOD32 Cyber ​​Security Pro with enhanced functionality. The company said that the new products are designed to use minimal system resources Mac-devices, while providing protection from online threats, even during peak hours.

"By combining the signature and proactive methods of protection, solutions range NOD32 Cyber ​​Security can detect and remove not only known, but new malicious programs are not listed in the virus database. Products work was complemented by intelligent cloud technology Eset Live Grid, which is a real-time reputation to install programs and applications, "- the company says.

Advertising TDoS-attack appeared on public forums

Attackers posted a net advertising and pricing of services

Until recently, an attacker wishing to embark on cybercrime, but does not have the necessary knowledge, looking for ways to get to the private specialized forums on topics of interest to him and watch "sit" in the chat rooms to gain the trust of potential "colleagues." However, according to expert Webroot Dancho Danchev, these times have sunk into oblivion.

According to him, now, in order to attract new customers malicious developer tools and services are beginning to offer their services in public forums. Among the proposals, bearing diverse, there are Denial-of-service telecommunication networks (Telecommunications Denial of Service, TDoS)

TDoS-attack used when criminals get their money from the bank accounts of victims, conducting fraudulent transactions. If the illegal operation is detected, the bank can block it before the scammer will try to get the stolen money, so in order to prevent communication between the client and the bank, either alone criminals carry TDoS-attack, or hire someone who at it specializes.

The number of malicious sites increased 6 times

As the researchers Websense, in 2012, the number of malicious sites has increased by almost 600% and exceeded 100 million Most of the attacks were directed at legitimate popular sites, forcing researchers to change traditional approaches to assessing the safety and credibility of Internet resources.

In their opinion, targeted attacks indicates the development of a new generation of hackers who attack the high-objects.

Analysis of the attack points to their multi-level nature and the use of different vectors bypass traditional security tools.

Thus, Websense experts say that in order to prevent future attacks, should be introduced in depth protection systems, including real-time monitoring.

0-day vulnerability in Adobe Reader

The company FireEye has detected a 0-day vulnerability in Adobe Reader 

Vulnerable to the latest 9.10 and 11 branches. Ie at the moment is:

9.5.3
10.1.5
11.0.1

What is the point of vulnerability - not reported. Reported only that a copy of the exploit studied at successful operation is started 2 DLL-files. First DLL showed a fake error message and to open another PDF document. Apparently it is a classic run PDF desired content. This trick is often used in targeted attacks. Because often vulnerable application after running the exploit "falls" and responsive user without seeing the payload starts justifiably alarmed.

The second DLL - Trojan-kompoment that performs reverse-connect to the domain, the attacker that allows the attacker to control the compromised computer, even if he is behind a NAT.

Stonesoft experts offer 10 tips for cybersecurity of mobile devices

Smartphone shipments have long been ahead of the delivery of personal desktop computers. It is estimated that currently there are more than 6 billion mobile devices, while desktop computers less than 2 billion. Experts predict that by the 2014th year, 80% of all visits to the internet will be through mobile phones and tablets.

However, the more devices come into our lives, and the more these devices to store important information, the higher the likelihood that they can be used with the wrong goals.

We use mobile devices to play, shop, pay bills, social networking and more, etc. This means that they store the most important information: contacts, bank account, corporate e-mail and other personal information.
Attackers are making every effort to create a variety of viruses and programs that aim to - damage devices, destroy or steal information stored on them.

Yahoo! offers developers a tool based on a vulnerable version of Java

Application that provides a company uses a version of Java 6 Update 7, containing a number of vulnerabilities.

While Apple, Mozilla, and other tech giants are taking various steps to prevent the use of unsafe client versions Java, Yahoo! offers users a free tool for creating web-sites that require unsafe version of Java, released over 4 years ago.

Activities include a tool called SiteBuilder, which contains a number of vulnerabilities and may subject the user's computer the risk of infection. Danger seen in the fact that the tool uses a vulnerable version of Java 6 Update 7.

Fraudsters stole data from over 6000 of bank cards

Attackers used a special device to read the information secret and created new bank card to withdraw funds.

U.S. federal authorities have announced to bring charges against two alleged founders of the scheme through which they stole information on the customer's bank account. Fraudsters have used the technology up information from bank cards, through which they were able to capture data customers who use ATMs in New York, New Jersey, Illinois and Wisconsin.

According to the indictment filed by a federal court in Manhattan, scammers, known as Gabor and Pintilli from April to December last year were the leader of the group responsible for the manipulation of accounts in New York and Chicago.

In addition to the mentioned citizens, at least nine attackers involved in the placement of electronic devices that Gabor received from Hungary. With these devices, they were able to read information from a bank card when used at an ATM.

Google warns of attacks by hackers in Myanmar

According to the business publication The Wall Street Journal, Google has recently sent preduprzhedeniya number of independent journalists in Myanmar that their work email accounts have been hacked into Gmail, and Google said that the accounts were hacked with sophisticated multi-pass tactics that typically use the so-called "state hackers" who are interested in identifying sources of leaks dangerous to the political regime of information.

In Google said that Gmail automated monitoring could quite quickly identify suspicious hacker activity. At the same time, the company in an interview with WSJ refused to provide more details about what actions led to intrusion detection, for whom specifically hunted by hackers and what data they were interested.

The authorities of Myanmar has rejected accusations made by Google. In a statement to the same WSJ spokesman for the Government of Myanmar Thein Sein said that at present neither in the government structure, or the structure of the federal government there is no unit that would be involved in attacks on the "other" computer systems and collecting data using malicious codes.

France and Israel as sources of cyberthreats

The USA considers France and Israel as sources of cyberthreats

U.S. intelligence agencies believe France and Israel among the main sources of industrial cyber-espionage, along with China and Russia, the Washington Post reported, citing data from the National razvedsvodki (National Intelligence Estimate).

United States has repeatedly called China and Russia main cyberthreats. Back in November 2011 the Office of National Intelligence to report to the U.S. Congress reported that hackers from the two countries most actively trying to penetrate through the Internet to a secure server, which stores the economic and defense information. China has repeatedly denied any involvement in "to any form of action in cyberspace" and claim American cyber activity on the Chinese Internet.

In the new document, which is prepared for the U.S. administration National Intelligence Council, the main threat to U.S. business again called Chinese hackers. According to intelligence, the Chinese are looking to U.S. computer systems information on energy, finance, information technology, as well as interest in the aerospace and automotive domains.

Backdoor.Barkiofork attacks defense and aerospace industry

Symantec Corporation announces the discovery of a number of cyber attacks aimed at in the defense and aerospace industries.

The attacker lures victims letter with malicious content, using as bait a report on the prospects of the defense and aerospace industry.

A few weeks ago, experts Symantec have seen the use of cyber attacks directed phishing aimed at organizing the aerospace and defense industry. SpetsialistamiSymantec revealed at least 12 different organizations have come under attack. Among them were the company related to aviation and air traffic control, as well as carrying out government contracts, including defense.

Vulnerabilities in the program management of various SCADA-systems

Vulnerabilities in the program management of various SCADA-systems

Experts have found a number of vulnerabilities in the program management of various SCADA-systems

Existing mistakes allow hackers to compromise a corporate network of the company, having hacked one of programs of management with the automated systems of the building.

As noted by researchers Terry McCorkle and Billy Rios, the popular SCADA-system Tridium Niagra, which is used by many companies, including Boeing and Whirlpool, and medical institutions around the world to integrate and manage the energy systems of buildings and other operations, such as lighting, climate control and fire safety is at risk of breaking.

Experts have found a number of vulnerabilities that allow an attacker to remotely hack electrical and other critical systems for buildings and demonstrated the attack on the platform.

Android-devices don't receive necessary updates

Service providers support only the new device model, operating on the basis of Android.

Researchers in the field of information security said that telecom operators can not adequately protect their customers, because they do not provide timely installation of updates for smartphones running on OS-based Android.

"They are subjected to the danger of users, although they can easily protect," - said the IT-specialist Chris Soghoyan.

The expert notes that Google quickly removes the vulnerability, but fixes do not reach the end user. Recent data of DuoSecurity indicate that half of Android-devices worldwide contain not eliminated the gap.

Soghoyan claims that mobile service provider properly prioritize, to place the profit, not safety devices of its customers. "Operators run the software on your phone and can turn off any function, respectively, they monitor and update," - said the expert.

New technology bootkit counteraction

Kaspersky Lab: New technology bootkit counteraction

Special malicious programs that are downloaded to the operating system and antivirus software (called bootkits), represent one of the most serious threats to your computer.

Often they are able to hide their presence in the computer and operate imperceptibly, not only for the user, but also the security software. New technology can detect activity traces bootkit and effectively oppose him.

Kaspersky Lab patent describes a method for detecting unknown malicious programs using emulation boot. In case of suspicious changes in the MBR (Master Boot Record, MBR) technology allows you to collect data from the disk sectors involved in the loading, puts them in a special container that preserves the physical parameters of the disk to its exact emulation, and then transmits the Kaspersky Lab for analysis.

The company's specialists reproduces the process of loading the user's computer, analyze the contents of the container received in the case of detection of unknown threats create the proper signatures, separated from the data sent by the original MBR to restore system and take other necessary measures to prevent the bootkit.