Articles about Security Software

Cisco security software needs security patch

Cisco's ASA FirePOWER services and ASA CX Services are vulnerable to a denial of service (DoS) bug in the virtualisation layer. The just-updated ASA FirePOWER threat-detection platform and ASA CX (which adds application and user ID awareness to the system) could be forced to reload by an attacker hosing their management …

Symantec data centre security software has security holes

Security bod Stefan Viehböck has detailed holes in Symantec's data centre security platforms that the company plugged this week because they allowed hackers to gain privilege access to management servers. The patches fix holes in the management server for Symantec Critical System Protection (SCSP) 5.2.9 and its predecessor Data …
Darren Pauli, 23 Jan 2015
Lock security

Check Point snaps up mobile security outfit Lacoon

Check Point is buying Lacoon Mobile Security, in a deal that expands the security software firm beyond its core firewall and IDS market while pushing it further into mobile. Terms of the deal, announced Thursday, were undisclosed. Lacoon develops security apps for both iOS and Android, as well as marketing real-time mobile …
John Leyden, 02 Apr 2015
Brute force

Home Wi-Fi security's just as good as '90s PC security! Wait, what?

UK home Wi-Fi security is as bad as PC security was in the 1990s, according to a new study. Security software firm Avast found that more than half of all routers are poorly protected by default or common, easily hacked password/ID combinations. Easily hacked password combinations such as admin/admin or admin/password, or even …
John Leyden, 08 Dec 2014

EMC buys cloudy Canuck security company CloudLink

EMC has bought CloudLink – a 20-person Canadian firm specialising in cloud data security software – for an undisclosed price. The software is SecureVM, which provides end-to-end data encryption for hybrid clouds, covering both at-rest and in-flight data for virtualised servers. It’s been an EMC Select Partner since 2013 and …
Chris Mellor, 17 Apr 2015
apple mac malware vxer

Ex-NSA security bod fanboi: Apple Macs are wide open to malware

A former NSA staffer turned security researcher is warning that bypassing typical OS X security tools is trivial. Patrick Wardle, a former NSA staffer and NASA intern who now heads up research at crowd-sourced security intelligence firm Synack, found that Apple's defensive Gatekeeper technology can be bypassed allowing unsigned …
John Leyden, 07 May 2015

Symantec retires low-end security software

Symantec has quietly retired its PC Tools range of security products. Acquired in 2008, PC Tools offered consumer-and-micro-business-grade anti-virus and network security tools dubbed “Spyware Doctor”, “Internet Security” and “Spyware Doctor with Antivirus”. Buying the Australian company that created the products gave Symantec a …
Simon Sharwood, 28 May 2013
car hacking

Hacker hijack 'threat': Your car's security is Adobe Flash-grade BAD

Democratic Senator Ed Markey (D-MA) has published a report after questioning 20 automakers about the security of their cars' internal networks – and how much personal data they store. The results aren't great. In short, as we've long suspected, the computers in today's cars can be hijacked wirelessly by feeding specially crafted …
Iain Thomson, 09 Feb 2015

Trustwave gobbles up Application Security, gorges itself on tech

Data security biz Trustwave has acquired fellow data security provider Application Security, a startup that specialises in automated database security scanning technologies. Financial terms of the deal, announced on Monday, were undisclosed. Privately-held Application Security develops security software for relational databases …
John Leyden, 12 Nov 2013
apple mac malware vxer

Mac security packages range from peachy to rancid – antivirus tests

Updated Independent tests of Mac antivirus products have discovered that the effectiveness of these security packages runs from a risible 20 per cent to an unimpeachable 100 per cent. German security lab AV-TEST.org put 18 free and paid-for Mac OS X security products and services to the test, discovering widely differing performances in …
John Leyden, 04 Sep 2014
Blood image

14 antivirus apps found to have security problems

Organisations should get their antivirus products security tested before deployment because the technology across the board dangerously elevates attack surfaces, COSEINC researcher Joxean Koret says. COSEINC is a Singapore security outfit that has run a critical eye about 17 major antivirus engines and products and found 14 …
Darren Pauli, 29 Jul 2014
balaclava_thief_burglar

Kaspersky slips server security into PC software as attackers get crafty

Kaspersky Lab is shifting anti-malware code from its enterprise business down to its consumer security software in an effort to cut down on the effectiveness of zero-day attacks. "It's the first time we've done it this way," Denis Nazarov, head of anti-malware research at Kaspersky Lab USA told The Register. "Usually we develop …
Iain Thomson, 14 Jun 2013
Malware image

Regin: The super-spyware the security industry has been silent about

A public autopsy of sophisticated intelligence-gathering spyware Regin is causing waves today in the computer security world. But here's a question no one's answering: given this super-malware first popped up in 2008, why has everyone in the antivirus industry kept quiet about it until now? Has it really taken them years to …
Iain Thomson, 24 Nov 2014

Attackers fling Stuxnet-style RATs at critical control software in EUROPE

Security researchers have uncovered a series of Trojan-based attacks which have infiltrated several targets by infecting industrial control system software from the makers of SCADA and ICS systems. The majority of the victims are located in Europe, though at the time of writing at least one US firm's compromised gear appears to …
John Leyden, 26 Jun 2014
bug on keyboard

Aargh! Bamboozled by security licensing - what works for my family?

Readers' corner And so to El Reg Forums and Edwin, a commentard since 2007, who is having a bit of trouble in choosing IT security software for his family. He writes: I'm rapidly losing my mind in the minefield that is security software, particularly when it comes to licensing many devices... The internet has become useless for this sort of …
Drew Cullen, 19 Feb 2014
Car-2-Car

The car in front has Kaspersky deep inside

Kaspersky Lab is taking anti-virus in a different direction by embedding it in SCADA-based industrial control systems, components of the Internet of Things, and yep, even cars. The Russian security software firm and SYSGO has teamed up to embed the new Kaspersky Security System platform within SYSGO's real-time operating system …
John Leyden, 02 Mar 2015
bug on keyboard

DARPA enlists hacker talent for $2m security bug-swatting challenge

The US Defense Advanced Research Projects Agency (DARPA) is recruiting members of the hacking community to join its latest Grand Challenge competition: a big-money contest to build software capable of finding and fixing security holes in new code. "We've looked to the expert community, the computer security community, and the …
Iain Thomson, 06 Dec 2013

F*cking DLL! Avast false positive trashes Windows code libraries

A misfiring signature update from anti-virus developer Avast triggered all sorts of problems on Wednesday. Avast acted promptly by withdrawing the definition update but not before numerous users had fallen foul of the problem. The withdrawn update incorrectly labelled various libraries (dlls) on Windows PCs as potentially malign …
John Leyden, 07 May 2015
The Register breaking news

McAfee all-in-one security suite covers PCs, tablets, and smartphones

McAfee has launched an all-in-one cross-platform security suite for consumers that incorporates online storage through biometric authentication as well as a host of other security technologies. Equally importantly, the Intel security division is trying to shake up the way security software is sold to consumers. The McAfee …
John Leyden, 15 May 2013

Dell System Detect update vulnerability exposed

Dell System Detect doesn't auto-update automatically, leaving millions of systems vulnerable as a result, according to security software firm F-Secure. Even though Dell disputes the problem with its application which interacts with the Dell Support website, F-Secure's claim is based on real figures regarding queries about older …
John Leyden, 08 Apr 2015
Great Wall of China

China's internet security giant Qihoo planning global domination

Controversial Chinese software vendor Qihoo 360 has its eyes on world domination after controversial founder Zhou Hongyi told the local press he wants to turn the firm into the planet’s biggest web security biz. Qihoo made its name flogging free AV to bargain-seeking Chinese punters and has since gone on to build a successful …
Phil Muncaster, 06 May 2013
The Register breaking news

Big Brother security tech gets $20m

Skyhigh Networks has trousered $20m from VC firms keen on the security company's tech for snooping on corporate networks and locking down banned apps. The $20 megabuck Series E investment round was led by Sequoia Capital along with pre-existing investors Greylock Partners, the company announced on Tuesday. By scanning …
Jack Clark, 22 May 2013
School of Rock

DDoS attack downs University of London learning platform

The University of London Computer Centre fell victim to a cyber-attack on Thursday. The assault left Moodle – an open-source learning platform – out of action for several hours on Thursday morning before normal service was restored. Technicians initially estimated problems were down to firewall configuration issues, before …
John Leyden, 22 May 2015

There's TOO MANY data-leaking healthcare firms, growls Symantec

Security software company Symantec is being drenched in calls from breached health organisations that have lost devices or suffered an information security snafu. Some 80 per cent of the calls its incident response team has received since December are from healthcare firms, topping the charts for the number of breach incidents …
Darren Pauli, 15 Apr 2015

Firms 'coughed $39 BEEELLION' for system software in 2012

The system infrastructure software racket is a steady business and a profit center for the IT industry, and according to projections from IDC, this space is on track to grow steadily over the next few years. IDC just finished taking a snapshot of this hairball segment of the IT racket, examining the sales of 220 vendors across …
Infosec

Lenovo: We SWEAR we're done with bloatware, adware and scumware

Barely a week after the breaking of the Superfish scandal, Lenovo has done a complete reverse ferret on bloatware - promising that by the time Windows 10 comes out its systems will be as pure as they can be. “The events of last week reinforce the principle that customer experience, security and privacy must be our top priorities …
Iain Thomson, 27 Feb 2015
Microsoft Security Essentials

Microsoft Security Essentials loses AV-TEST certification

Microsoft Security Essentials, Redmond’s free antivirus tool for home users and business with up to ten PCs, can detect just 64 per cent of zero-day threats when running under Windows 7. That low detection rate has cost it the AV-TEST Institute’s seal of approval, a certification it hands out to products that meet 11 of 18 …
Simon Sharwood, 30 Nov 2012
Houses of Parliament at night-time

UK.gov chucks another £260m at MOOC-based cyber security training

The UK government has published a progress report praising its own achievements in the two years since it launched an ambitious plan to make Britain the best place to do e-commerce. The National Cyber Security Strategy (NCSS), launched in November 2011, also has the goals of making the UK more resilient to cyber attack, building …
John Leyden, 13 Dec 2013

HP promises software-defined networking 'ecosystem' and app store

HP has nailed its colours to the mast of the good ship software-defined networking (SDN), today outlining plans to create a multi-vendor ecosystem and an app store. Morten Illum, HP's AsiaPac and Japan veep and general manager for networking, explained HP's plans to The Reg by offering up an example of a user firing up a video …
Simon Sharwood, 01 Oct 2013
The Register breaking news

HP slurps up security software firm

HP has bought Fortify Software, strengthening its application security software portfolio. The software security assurance firm essentially offers products which check the security of your software, help organise vulnerabilities so the most dangerous are fixed first and help manage the process of fixing them. Fortify offers …
John Oates, 17 Aug 2010

Starbucks denies mobile app hack, blames careless customers

Starbucks has rebuffed claims that its mobile app has been hacked, in the wake of reports that scores of its US customers have suffered from credit card fraud. The coffee chain’s US customers have been reporting the theft of hundreds of dollars from their credit cards, in a series of scams seemingly linked to auto top-ups on the …
John Leyden, 15 May 2015
management regulation1

Symantec to cough up $17m after bloody dust-up with patent troll

Symantec must pay out $17m after losing a patent infringement battle to IP-hoarding house Intellectual Ventures. A jury in Delaware found in favor of Intellectual Ventures on two of three infringement claims, awarding the biz $8m in damages for one claim and $9m for the other. Symantec was found to have infringed on two patents …
Shaun Nichols, 10 Feb 2015

Google Password Alert could be foiled with just 7 lines of JavaScript

Google has been obliged to revise its Password Alert anti-phishing protection just hours after releasing it when security researchers showed how the technology was easily circumvented. Security consultant Paul Moore (@Paul_Reviews) has published a proof-of-concept JavaScript exploit that skirted the defensive technology with …
John Leyden, 01 May 2015
bug on keyboard

Panda antivirus labels itself as malware, then borks EVERYTHING

Panda users had a bad hair day on Wednesday, after the Spanish security software firm released an update that classified components of its own technology as malign. As a result, enterprise PCs running the antivirus software tied themselves in something of a knot, leaving some systems either unstable or unable to access the …
John Leyden, 11 Mar 2015

Keylogger: Somebody STOP ME! Oh hang on, I just did

Developers of a range of commercial keyloggers have switched sides and begun marketing anti-keylogging technology. SpyShelter’s founder and lead developer, Janusz Siemienowicz, went from poacher to gamekeeper after discovering that none of the major security applications were able to detect and block against their own keyloggers …
John Leyden, 27 Jan 2015

The enterprise software gravy train stalled in 2012

The world spends about twice as much dough on enterprise software as it does on data center hardware, and that software is also where a lot of the profit for the IT sector comes from. So when enterprise software revenues don't grow as fast as they have in prior years, it has ripple effects on the IT industry as a whole. The …

AVG stung as search revenue from freebie scanners dries up

Security software firm AVG net income has fallen from $24.7m in Q2 2013 to $13.7mn in Q2 2014, according to financial results out Wednesday. The profits slide is explained by the slip in revenue from $100.4m in Q2 2013 to $88m in the three months running up to 30 June 2014. AVG responded to the results by revising its outlook …
John Leyden, 31 Jul 2014

Infosec bods demo GPU keylogger. Don't tell the NS... oh, wait

Security researchers have demonstrated how malicious code can be run on graphics processors (GPUs) rather than the central processing unit (CPUs) at the heart of a computer. Team Jellyfish's Demon keylogger proof-of-concept code operates in a blind spot that conventional security software is simply not designed to inspect. The …
John Leyden, 13 May 2015

Salesforce boots SAP from customer-wrangling software top slot

Software-as-a-service provider Salesforce has beaten on-premises incumbents to become the biggest provider of customer relationship management (CRM) software. CRM software is used to organise and automate customer service, marketing and sales. Marc Benioff’s company stole the number-one spot from SAP last year, beating the …
Gavin Clarke, 30 Apr 2013
putin topless

Kaspersky Lab hits back at Bloomberg's Russian spy link hit piece

Russian computer security biz Kaspersky Lab is working closely with Russia's intelligence services and gathering information on its customers, it has been claimed. An exposé, published by Bloomberg, details allegations that since 2012 Kaspersky has been replacing senior management staff with those close to the Russian Federal …
Iain Thomson, 19 Mar 2015
John McAffee with shotgun

John McAfee releases NSFW video on how to uninstall security code

International fugitive, criminal suspect and self-described eccentric millionaire John McAfee has released a tongue-in-cheek video explaining how to uninstall the security software that still bears his name. McAfee claims that one of the most frequent questions he's asked is how to get rid of the pernicious software, despite his …
Iain Thomson, 19 Jun 2013

Firefox, Chrome, IE, Safari EXPLOITED to OWN Mac, PCs at Pwn2Own 2015

Security vulns in every one of the big four web browsers were exploited at the Pwn2Own hacking contest on Friday to remotely execute arbitrary code on Windows PCs. Firefox, Safari, Chrome and Internet Explorer all fell to the skills of the competition entrants, some in less than a second. All the vulnerabilities exploited will …
Iain Thomson, 21 Mar 2015
padlock

IBM snaps up identity access gatekeeper tech

IBM has snapped up privately held security software firm CrossIdeas. Financial terms of the deal, announced Thursday, were undisclosed. Rome, Italy based CrossIdeas has been developing identity access technology since 2011. Its technology allows CISOs and security teams in big companies to automatically detect conflicts in …
John Leyden, 01 Aug 2014
Azure Index

Microsoft releases free anti-malware for Azure VMs

Free anti-malware software is not hard to find: even reputable vendors offer product at the low, low, price of $0.00 for client devices/ Microsoft is now doing the same for servers – or at least for virtual machines in its Azure cloud with a new offering called (deep breath now) Microsoft Antimalware for Azure Cloud Services and …
Simon Sharwood, 06 Nov 2014
The Register breaking news

Avira 'fesses up: Our software isn't compatible with Windows 8

Update Freebie anti-virus firm Avira has admitted its security software is not compatible with either Windows 8 or Windows 12 Server. The German firm issued an advisory on Friday admitting its products would not be compatible with Windows 8 until the first quarter of 2013 after users complained that attempting to run Avira's software …
John Leyden, 06 Nov 2012

IT chiefs' purses drained, security budget still safe - report

Security looks set to be one part of companies' IT budgets that will be comparatively safeguarded in the recession, if the beancounters at Gartner are to be believed. Global spending is forecast to rise more than 8 per cent this year to $60bn, reaching $86bn by 2016. Gartner research director Lawrence Pingree said that based on …
Paul Kunert, 13 Sep 2012

AdaptiveMobile joins Chipzilla's SDN club

Dublin-based AdaptiveMobile has joined Intel's Network Builders software defined networks-network function virtualisation (SDN/NFV) program. The company says its participation in the program will deliver “NFV-ready service assurance”. AdaptiveMobile's announcement notes that its software was already designed to run on generic …

Attackers planting banking Trojans in industrial systems

Trend Micro researcher Kyle Wilhoit says the latest attacks on SCADA and industrial control networks are turning out to carry rather pedestrian banking Trojans, and have been on the rise since October 2014. Talking to DarkReading, Wilhoit said rather than Stuxnet-style attacks, ne'er-do-wells are dropping banking Trojans into …
Hacker baseball cap

Hackers use DRAFT emails as dead-drops for running malware

Sneaky hackers are using Gmail and Yahoo! drafts to control compromised devices, with the tactic designed to make detection of malware-related communications more difficult to pick up in enterprise environments. Attacks occur in two phases. Hackers first infect a targeted machine via simple malware that installs Python onto the …
John Leyden, 06 Nov 2014

Microsoft's security apps still trip up on Windows 8

German independent security firm AV-Test has released evaluations of security software for Windows 8 for the first time, and – not entirely surprisingly – it once again found Microsoft's own products were among the weaker performers. The firm tested its usual batch of 25 antivirus products for consumers, plus eight aimed at …
Neil McAllister, 09 Apr 2013