Author: Paul Roberts

Microsoft: Freeware, Pirate Software Supply Chain Leads to Infections

The Internet is a dangerous place, in general. And, depending on what you’re looking for online, it might be very dangerous, indeed, according to Microsoft. Writing in the company’s latest Security Intelligence Report, Microsoft said that its Malware Protection Center (MMPC) has observed an increase in malicious code infections that emanate from what it calls the “unsecure supply chain”  – the informal network of legitimate and underground web sites that distribute freeware and pirated software. Freeware that promises to generate registration keys for popular products like Adobe’s Photoshop, Microsoft Windows and games such as Call of Duty were among the most commonly associated with malicious programs, Microsoft said.  Internet users hoping to unlock pirated software download the key generators believing that they will produce a valid registration key, but often end up infecting their system in the process. But malware authors and cyber criminal groups will also wrap their creations in with […]

FTC Releases Google Privacy Report – Minus The Juicy Details

Google could tell you about its privacy practices except, well….they’re private. That’s the conclusion privacy advocates are drawing after the Federal Trade Commission took a black marker to an independent audit of the company’s privacy practices before releasing it to the group EPIC in response to a Freedom of Information Act (FOIA) request. The FTC released a copy of a Price Waterhouse Coopers audit (PDF) of Google that was mandated as part of a settlement with the FTC over complaints following a 2010 complaint from EPIC over privacy violations in Google Buzz, a now-defunct social networking experiment. However, the agency acceded to Google requests to redact descriptions of the search giant’s internal procedures and the design of its privacy program. “Part of that (Google Buzz) settlement requires that Google implement a ‘comprehensive privacy program,’ EPIC Consumer Protection Fellow David Jacobs wrote to Security Ledger. “Part of that settlement also requires that […]

After VOHO Attacks, Organizations Face Arduous Clean Up

News about the so-called VOHO “watering hole” attacks have faded from the headlines, but the hard work for hundreds of organizations who were victims of the attacks has just begun. The first step for many firms is figuring out if they were victims.